Who Puts a Lot of Information in Directories? (2005)

Most directories don't contain much information. They contain people data -- user names, associated credentials (hashed password, X.509 certificate), addresses (email, physical, telephony, etc.); group data -- lists employed to associate roles and permissions with people or as email distribution lists; and sometimes also server/service (physical and logical) data. And that's just about it.

There are exceptions, however. The notable ones seem to be:

  • Active Directory. This is becoming Microsoft's, and therefore, many organizations', primary repository for information about people, group, and server/service data.
  • Identity Management Vendors. They use directories as the central place to store information about people, resources, and access privileges, across many applications and systems.
  • Corporate Developers. Sometimes, not terribly often, they find that off-the-shelf products don't provide a good model for things like customer, products, bills-of-material, and so on; and that the flexible hierarchy provided by a directory is a good tactical fix.

... David Ferris, with thanks to Nick Shelness and Persistent Systems' Sameer Karmarkar

Post a comment

You must be logged in to post a comment. To comment, first join our community.