Tuesday, May 27, 2008

Is Red Hat late to the directory server party?

I've been fairly fascinated by Red Hat (and Linux) ever since I made the move from Microsoft to Vintela. I was trolling around the RedHat web site checking out a few things recently and came across Red Hat's Directory Server web page which features a prominent section called "Directory Server Small Business Bundles". The small business bundle consists of one master and one replica server for $5000 which supports up to 500 users. There was an additional bundle that adds in two copies of Red Hat Enterprise Linux AS Premium for $9000 for the same maximum number of users. A further caveat is that you can buy a maximum of four of these packages for a total of 2,000 users. Do the math and you get $10/user for the bundle without the Red Hat server licenses and $18/user with the server licenses. If you didn't fit into these categories you could click a button to contact sales.

For those of you that don't know, the origin of Red Hat's directory server is from Netscape. In 1996 - I still remember the day - Netscape turned the directory world on its ear - with the release of the Netscape Directory Server. That day was the day that both X.500 and X.400 began their death spirals. The Netscape Directory Server was king of the LDAP directory servers for quite some time. With the three wise men of LDAP (Tim Howes, Mark Wahl and Mark Smith) working at Netscape how could they go wrong? Well, we know how that story finally ended don't we?

Anyway, my point is the Netscape Directory Server was, and is, a solid product. That said, the three wise men all moved on and so did Netscape. I'm not sure how much work has been done on the server over the years after Howes left Netscape, the AOL purchase in 1998 and the acquisition of a bunch of assets from Netscape in 2004 by Red Hat - include the Netscape Directory Server. Red Hat has obviously been working on the product because

I do know that a lot of work has gone on in the LDAP arena by companies like Microsoft, Novell, and Computer Associates to name a few and even the open source community's OpenLDAP project. There are a number of no-charge LDAP servers available today. Microsoft's Active Directory Application Mode (ADAM) and, of course, OpenLDAP. I haven't read the OpenLDAP license but I know that Microsoft allows the redistribution of ADAM by ISVs at no charge as an added benefit.

Would I pay for an LDAP directory server today? No, I wouldn't. I'd either go with OpenLDAP, ADAM or deploy an actual Active Directory domain controller (not free, but at ~$800 or less for unlimited users...) because I've talked to customers that have deployed >million user directories with each of those choices, they have vibrant user communities, are supported (vendor or community) and are technically sufficient for almost every purpose. I think if I was a small business with 500-2000 users I'd be looking at using a free solution, too - $10/user is just too much for a piece of history.


Gavin Henry said...

You might be interested in:


Kind Regards,

Gavin Henry.

Kevin LeMay said...

I just wanted to point out that AOL went into partnership with Sun Microsystems after they bought Netscape and Sun took over the development of the original Netscape Directory server which became the iPlanet Directory Server which later became Sun One Directory Server. AOL and Sun parted ways in the iPlanet partnernsip at which time AOL got a snapshot of what was Sun One Directory Server 5.2. AOL then released versions of it's own Directory Server (AOL DS 6) based on this code which then is what it sold to Red Hat.

If you look at where Sun is now with is Sun Directory Server Enterprise Edition (DSEE) 6.3 (www.sun.com/dsee) and where Red Hat is with their Directory Server you will see that Sun has continued to advance this product in many ways. Also DSEE is free to download and use and only if you need support do you have to buy a license which is far less than $12/user. Our basic list price is only $1.25/user and that includes the Directory Server, Directory Proxy Server, Virtual Directory, Active Directory Password Sync and Directory Editor while the Red Hat solution is only a core directory server with no other features that we offer.

In addition you should look at our new open source directory server project called OpenDS (www.opends.org) which is a brand new all java based directory offering that is very impressive in terms of features and performance.

id said...

You might also consider taking a look at Fedora Directory Server (http://directory.fedoraproject.org/) which is essentially the community version of Red Hat Directory Server, including a few useful features over OpenLDAP such as multi-master replication.

hyc said...

id: you mean a few useful features over the antiquated release of OpenLDAP that RedHat offers. OpenLDAP has had multi-master replication for about a year and a half. And of course OpenLDAP is about 5x faster than FDS/RHDS and every other LDAP server on the market. We can keep adding new features to OpenLDAP just by coding more dynamically loadable modules. Unfortunately none of the other LDAP products can add efficiency so easily to their code bases.