April 03, 2001, 11:21 AM — The votes are in, and it's clear that deploying Microsoft's Active Directory is a task like none other ever attempted by seasoned Windows NT administrators.
The complexity of the directory -- from planning, to corporate politics, to the actual technology -- is stretching some deployment projects well past their original timetables.
Nearly half of IT executives planning to roll out Windows 2000 in the next year are deferring a full Active Directory deployment indefinitely, according to a recent survey by Giga Information Group. And of the 30% of NT users that have deployed or are deploying the directory, only about half are doing a full-scale rollout.
Despite the conservative plans, users say they want to run Active Directory to ease user and resource management.
What is needed to get over the hump?
Planning, of course, is key. But from a technology perspective, experts say IT executives must budget for third-party tools to help with the migration as well as ongoing management.
"About 80% of Active Directory deployments will require third-party tools because what Microsoft gives you out-of-the-box is not very adequate," says Neil MacDonald, an analyst for Gartner Group.
Microsoft, for its part, says its Active Directory Migration Tool (ADMT) will be adequate for 80% of organizations with a simple NT environment or tight deployment plan. Microsoft is adding password migration in future versions, according to Perry Anton, product manager for Active Directory.
But even Microsoft used third-party tools for its migration to Active Directory.
Paying the price
Most enterprise users will pay between $35 and $55 per user for a decent suite of tools. IT executives can expect costs to range from nominal to a noticeable percentage of the overall project, depending on which tools are used.
There is, however, some budgetary relief available. FastLane Technologies is providing its DM/Manager, a domain consolidation and user migration tool, for free for 12 months to those who register by June. NetIQ's tools are free to those who contract with Microsoft Consulting Services. NetPro is publishing chapter-by-chapter an online book on migration.
Other vendors, such as Aelita and BindView, also provide tools.
The range of features is dizzying and includes tools for assessing the readiness of current network environments, migrating users and accounts from NT or other platforms, and modeling directory architectures. The tools also provide rollback mechanisms to correct errors, management of group policy and delegation rights, mapping of Secure ID (SID) history, monitoring of directory replication and other functions, and management products for post deployment.