We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor.  We ask that you disable ad blocking while on Silicon Investor in the best interests of our community.  If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.
Technology Stocks : Novell (NOVL) dirt cheap, good buy? -- Ignore unavailable to you. Want to Upgrade?

To: PJ Strifas who wrote (27996)9/4/1999 11:25:00 PM
From: PJ Strifas  Read Replies (1) | Respond to of 42771
Now I'd like to point out that Mr. Kearns point is a very important one. It's not just a semantics play on what one company is doing versus what another is doing. It goes to a fundamental "flaw" in a product that has been touted to take over the world once (if and when?) it's released.

He does well to describe the problem in simple terms but let's just say that if a product can not synchronize the distributed parts effectively, then just how reliable is the information stored within?

Peter J Strifas
Here's the "fallout" from the article:

Active Directory: agree to disagree

By Dave Kearns
Network World, 08/30/99

There was a fair amount of fallout from my column "A flaw in Active Directory?" (Aug. 16, page 28). But, most people agreed with my assessment of potential problems with Microsoft's Active Directory replication and synchronization strategy.

[Aside: For the user at Microsoft, whose name may be Shawn but signs his e-mail "LCA Dude" and who uses a host machine called com - you need to learn how to create truly anonymous e-mail. At least when employees at Novell or IBM disagree with me, they sign their real names.]

I did spend an enjoyable hour talking to Pete Houston, Active Directory's lead product manager. Houston came to Microsoft from IBM and has a very solid grounding in databases. In particular, he appears quite knowledgeable about distributed, replicated databases.

There was very little we disagreed on but, alas, the item that was the focus of my last column was at the top of the list.

When changes are propagated throughout the replicas of the directory, it's important that they be applied to all copies in the same order. Active Directory uses a serial number sequence to decide the order of changes and when there's a discrepancy, falls back on a number of so-called tiebreaker decision points to decide which changes will be made and which will be rejected.

Houston and I agree that consistency among all copies of the directory is important. We differ in that Houston believes consistency is all that matters, while I believe that consistency is important, but accuracy is almost as important.

It's a classic confrontation between a database manager and a network manager. We agreed to disagree.

We went on, though, to imagine the next generation of directory service - a generation that would use rules and policies to determine which update succeeds and which doesn't. Imagine setting up a hierarchy so that anytime there is a discrepancy in updates, the higher ranking person's changes would "win." I'd like to hear your thoughts on how that might work.