Novell Virtual Directory Services: Simplifying Identity‑Enabled Applications
Developers looking to embed identity management in their software no longer have to juggle a separate directory service or wrestle with corporate schema changes. Novell’s Virtual Directory Services offers a local identity store that talks to any enterprise LDAP directory - Microsoft Active Directory, Sun Java System Directory Server, Novell eDirectory, and others - without touching the existing directory structure. This capability frees teams from the overhead of adding and maintaining a new directory instance while keeping all authentication logic in one place.
The core idea is straightforward: the application keeps a lightweight, application‑specific directory on its own server. When a user requests access, the application consults its local store for user‑specific attributes - such as role, license, or feature flags - then forwards the identity to the corporate LDAP for authentication and policy checks. The two systems cooperate seamlessly, so developers can focus on the application’s core logic instead of the plumbing of directory integration.
For independent software vendors (ISVs), the time‑to‑market gains are immediate. By shipping a built‑in directory component, the product can be dropped into any environment that already runs a standard LDAP directory. No extra install steps, no additional schema updates, and no negotiation with the IT department to carve out new namespaces. This translates into lower development costs and a smoother support cycle because the application does not need to be re‑configured for each new corporate directory that a customer adopts.
IT managers appreciate that Virtual Directory Services removes the political friction that often accompanies directory modifications. In many enterprises, adding a new attribute or object class to the corporate directory triggers a lengthy change‑control process, and the result can be a backlog of support tickets. By keeping application data local, the organization sidesteps that bottleneck. The only integration point remains the authentication link to the existing LDAP, which is already in place and trusted.
Novell’s team built this feature with the enterprise in mind. The local store is fully LDAP‑compliant, so the application can issue standard search, add, modify, and delete operations. It also supports replication to the corporate directory when needed, allowing for occasional back‑sync of critical attributes. The design encourages a clear separation between the user’s core identity and the application’s operational state.
One of the most common use cases is for SaaS offerings that require role‑based access control. Instead of storing the entire role hierarchy in the corporate LDAP, the application holds a compact list of role identifiers locally. When a user logs in, the application pulls the role list from its local store, then asks the corporate LDAP to verify that the user is still active and not suspended. This dual‑layer approach balances performance - by avoiding heavy LDAP queries for every request - with security, because the corporate directory remains the source of truth for account status.
Virtual Directory Services also accommodates hybrid environments where an application must speak to multiple directories. The local store can map a user’s identity to several corporate directories, aggregating attributes from each. For instance, a single user might have an account in an on‑premises Active Directory for office resources and an Azure AD for cloud services. The local store keeps a consolidated profile, and the application can authenticate against whichever directory is appropriate for the requested service.
Beyond ease of integration, the local store provides resilience. If the corporate LDAP experiences downtime, the application can still perform basic operations such as retrieving role information or checking feature flags. Authentication itself still requires the corporate LDAP, but many applications only need a subset of directory data to function correctly. By decoupling those two responsibilities, the overall user experience remains stable even when the central directory is unreachable.
To support these capabilities, Novell has included an API that abstracts the underlying LDAP operations. Developers can focus on business logic, while the API handles caching, connection pooling, and error handling. The API is available for Java, .NET, and C++, which covers the most common enterprise application stacks. Integration guides walk through the steps needed to deploy the local store, configure the corporate LDAP link, and enable policy enforcement.
When Novell introduced Virtual Directory Services, Alan Nugent, the company’s CTO, emphasized that the product was a natural extension of Novell’s expertise in directory services. He highlighted that the new feature eliminates the “additional standalone directories or modifications” that previously complicated identity‑enabled application deployments. By letting applications store data locally while still relying on the existing LDAP for authentication and authorization, Virtual Directory Services removes a layer of complexity from both developers and system administrators.
Overall, Virtual Directory Services positions Novell as a practical choice for organizations that want to keep their existing directory investments intact while adopting modern, application‑centric identity solutions. The local store gives developers the flexibility to embed sophisticated identity logic into their products, and the integration with corporate LDAP keeps security centralized and consistent across the enterprise.
Novell eDirectory 8.8: New Features for Large‑Scale Deployments
Novell’s eDirectory 8.8 builds on the proven scalability of its predecessor while adding a suite of enhancements that target installation efficiency, performance, and security. The release enters open beta on October 29, and it is positioned as a must‑have for enterprises handling millions of identities, whether for business‑to‑consumer, business‑to‑business, or internal corporate use.
Installation and updates now leverage fully scripted server deployment. Administrators can roll out a new eDirectory node with a single command, eliminating manual configuration steps that previously consumed time and introduced human error. Automated health checks accompany the install, so the deployment validates itself before the server goes live. In addition, the integration with ZENworks Linux Management extends the same ease to managing multiple eDirectory servers, allowing IT teams to push updates, patches, and custom configurations across the board with minimal effort.
Performance gains are substantial. Importing large datasets is faster, meaning large‑scale migrations finish in a fraction of the time they used to. eDirectory can host multiple instances on a single physical server, which optimizes hardware utilization and reduces capital expenditures. Password changes propagate simultaneously across all servers in a cluster, ensuring that users experience a seamless login without having to wait for replication to finish. These improvements reduce the operational overhead for organizations that run heavy read/write workloads.
Security enhancements address evolving threat landscapes and compliance demands. eDirectory now accepts case‑sensitive passwords, a feature that strengthens password complexity requirements. For Linux and UNIX environments, the directory can run as a non‑root user, allowing administrators to restrict the directory process to the minimal privileges it needs. This approach follows the principle of least privilege, mitigating the impact of potential compromise. By limiting the directory to its own user account, the risk of accidental system-wide changes is reduced.
From a development perspective, eDirectory 8.8 introduces new APIs that simplify integration with custom applications. The APIs support advanced querying capabilities, including filtering and pagination, which are essential for large datasets. They also expose fine‑grained access controls, so developers can enforce role‑based policies at the directory level without writing custom middleware.
The user experience for administrators is also improved. The web console offers a more intuitive interface for managing entries, attributes, and schemas. Bulk operations, such as moving thousands of users or updating group memberships, are now faster and more reliable. Additionally, the console includes built‑in monitoring dashboards that provide real‑time metrics on replication status, CPU usage, and memory consumption, giving administrators a clearer picture of system health.
Enterprise customers who have relied on eDirectory for decades now see tangible benefits in this latest release. For example, a global retail chain that manages millions of customer accounts uses eDirectory 8.8 to power its loyalty program. The faster import speeds allow the chain to synchronize new customer data from point‑of‑sale systems without downtime. The case‑sensitive password support ensures compliance with international regulations that mandate stricter password policies.
Security teams also appreciate the non‑root operation. In environments where regulatory bodies require strict separation between directory services and system administration, running eDirectory under its own user account provides a documented audit trail. This configuration is especially relevant for financial institutions and healthcare providers where any compromise could lead to significant legal penalties.
Alan Nugent remarked that eDirectory 8.8 is “a significant milestone that will simplify large‑scale directory deployments.” He underscored that the combination of streamlined installation, enhanced performance, and improved security makes eDirectory an attractive foundation for identity management across diverse industries.
Edircatory 8.8 is also engineered to coexist with Novell’s Virtual Directory Services. Organizations that adopt Virtual Directory Services can use eDirectory 8.8 as the backbone of their corporate identity store while keeping application‑specific data local. This hybrid approach maximizes the benefits of both products, delivering a cohesive identity solution that scales without compromising flexibility.
In summary, Novell eDirectory 8.8 offers a robust, high‑performance directory service that meets the needs of modern enterprises. Its new features address the practical challenges of large deployments - speed, scalability, and security - while staying true to the simplicity that has made eDirectory a trusted name in directory services for years.
No comments yet. Be the first to comment!