Tuesday, February 27, 2007


No, it's not a prime number. It's a patent number. It's a patent that is owned by one Mr. William Reid of Texas who says that Microsoft violates it with their implementation of Active Directory and therefore so does Windows 2000 Server and Windows Server 2003. He's not only lobbed in a lawsuit against Microsoft but also Halliburton, Schwab and GM. Apparently those companies use Active Directory and presented various architectural diagrams at the Burton Group Catalyst conference last year which Reid attended. So as far as Reid is concerned they are also violating his patent. According to an Information Week article Halliburton has already asked Microsoft for indemnification.

You can read the whole patent on-line if you'd like all the details. I've cut out the summary and pasted it below for your reading pleasure.

Some interesting points from my perspective...

- If Reid is successful in his pursuit of damages then that number in the title of this post might be way too low based on the fact that nearly every company of any size in the United States is using Active Directory.

- With all the hub-bub around intellectual property and indemnification it will be very interesting to see if Microsoft does indemnify Halliburton - and all the other companies out there.

- Directories were in use before this patent was filed. Reid even mentions NDS. I wonder if Reid's patent can stand up to the scrutiny of prior art with respect to what Netscape did with their LDAP Directory Server (RTM in ~1996 if memory serves me) and a true WAN-based directory called "StreetTalk" for Banyan's VINES Network Operating System. Anyone remember Banyan VINES? I rolled out a world-wide network based on Banyan VINES StreetTalk in 1989 (Singapore, New Delhi, Cairo, Montevideo, Dhaka, Nairobi and Ottawa all networked using VINES over X.25)

The "invention" - "Enterprise Network Management Directory Containing Network Addresses Of Users And Devices."

The present invention extends the concept of directory services to the management and control of enterprise networks by integrating directory technology, router/gateway management, and server management to form an enterprise network management and network security solution. By integrating directory services to perform these extended functions, a firewall can be deleted or omitted and a stronger implementation of firewall functions can be integrated into other network elements controlled by a master directory. From an architectural standpoint, the present invention provides supervisory control in the network and data link layers, rather than in the application layers as such control is traditionally provided.

An enterprise directory residing on a directory server stores the names, workstations, router/gateways, servers, IP addresses locations, passwords, and encryption keys for individuals. Periodically, the directory server downloads to each router/gateway across the WAN router/gateway access lists (RALs), thereby controlling all network access across the WAN. Also periodically, the directory server downloads user control files (UCFs) to servers in the network, thereby controlling all server access across the WAN. This directory-based invention thus provides enhanced network control, and enhanced network security.

Technorati Tags:


Unknown said...

Frankly, after briefly scanning the patent, it sounds like DEN to me. Directory Enabled Networks (DEN) if you'll remember, got big buzz from Cisco and MS around the time that MS was preparing to ship AD (circa 1998-99). But, nothing really ever came of it, except for bits and pieces of stuff like putting IPSec into AD and the feeble attempts at QoS. Come to think of it, Cisco was also planning a Unix port of AD around this same time... Anyway, this patent seems so vague as to make one wonder what it is this guy is really claiming. I wonder what Cisco thinks of it all since they were the biggest drivers of this back then and I can't imagine some of these ideas didn't originate with them much earlier.

Unknown said...

You're totally correct. I read the patent and thought the same thing...

Dave Kearns said...

I was actually on this guy's witness list for a few days a couple of years ago. Until I read the patent, and talked to the bozo, that is. But the time I finished talking to him I vowed to join the defense team for anyone he cared to try to sue!