Internet Explorer is dead. Is Active Directory next?

I saw a post on a colleagues blog the other day that Chrome just surpassed Internet Explorer as the worlds most popular browser. On the one hand it surprised me and on the other hand it didn't.   Not only has Chrome gained ground but so has Firefox.  The King is dead.  Long live the King.

So my question is the following.  With all of the emphasis on the "cloud directory", is Active Directory on-premise going to suffer the same fate?

It may not sound as far fetched as some of you may think...  Let's look back at a few things in history.  Take Novell’s dominance in the LDAP directory space in the 80’s and 90’s. Few would have predicted that Microsoft would release Active Directory and nearly squash Novell in just a very few short years. Novell was the largest deployed directory and tons of small, medium and large business ran Novell eDirectory and Netware. I was one of those folks who deployed and supported eDirectory and Netware having been a CNE (long since dropped from my resume).

Active Directory (even in its first version) was a very good directory/network operating system (NOS).  My belief, however, is that the demise of eDirectory had more to do with the fact that Novell rested on its laurels too long.  They did not continue to innovate and add significant features to eDirectory. 

So the question still looms,  is Active Directory, next? There have been very few enhancements to Active Directory in the last few years. Server 2012 does have some nice new capabilities but not what I would consider significant.  So will competition wake Microsoft up, or will there be a new King of directories/network operating system (NOS) in this decade?  While many have called for the death of the LDAP directory, I personally don't see it going away anytime soon (on-premise at least).
Still think I am way off base?  Let's talk about Apple. Apple was nearly kaput. Stick a fork in them. They were done. Microsoft (for fear of the big Monopoly word) made an investment in them and bailed them out. What happened next, we now know is nothing but pure genius.  Apple is not a very large hardware or software maker. Nope.  They are simply the richest company in the world with respect to market capitalization.  Who would have made that prediction back then?  I know I certainly wouldn't have!

So what does this mean to me?  Well, my team over at Optimal IdM  is hard at work on a lot of very cool things that we believe will truly innovate the industry.  A key mantra of ours is interoperability.  We listen to our customers very closely.  We learn from them and work with them to build the solutions they need, rather than building something in a vacuum and trying to sell that to them. 

Stay tuned for more exciting information from us on how we are revolutionizing how organizations manage their infrastructures. 

Who knows maybe Optimal IdM will be the new king of directories/NOS?

Microsoft Graph API for Windows Azure Active Directory

Shortly before Tech Ed, Microsoft announced their new Graph API for accessing the Windows Azure Active Directory (WAAD). The Windows Azure Active Directory is sometimes referred to as the cloud directory since it is used by Office 365.

The Graph API is a set of RESTful web services that allows you to access the entire identity system that is running in Microsoft's cloud. Optimal IdM has been working with Microsoft under NDA to integrate with, and provide feedback on the API.

Microsoft's Ed Wu did the official unveiling at his Tech Ed session and this is where I also provided a live demonstration of our integration with the Graph API. It should be noted that the API is in preview mode, which is Microsoft speak for public beta. It is also, not quite complete as it currently supports read-only operations. Update capability will be coming shortly, with the final release likely coming in a few months.

As Ed points out in the session, the hope and plan is that all integrations with the cloud directory is performed via this API. The API is particularly interesting as it is a full fidelity interface that will allow anyone (customers/vendors) with an alternative way to provision/de-provision to the cloud other than using their Dirsynch tool. Dirsynch is their Forefront Identity Manager (FIM) product in a locked down configuration. They did have Power shell commandlets, but they did not offer all of the functions that are needed to truly provision/de-provision properly.

For us over here at Optimal IdM, we are particularly keen on leveraging this API for our Office 365 solution. Our VIS for Office 365 solution not only adds additional features and capabilities to Office 365 such as Denial of Service (Dos) detection and prevention, but also completely eliminates barriers that would have otherwise prevented customers from going to Office 365. A few good examples are multi-forest customers, or customers with a mix of user repositories. Leveraging our virtual directory, the synchronization components as well as the Federation components do not have to deal with any of the "ick". As soon as the full API is available, our VIS for Office 365 solution will use the API to manage all of the data in the cloud, without the need for Dirsynch.

In the demo, I showed how we created a new adapter for VIS, that uses the new API. So while new applications can leverage the new RESTful API, we can allow any standard LDAP application to read/write to the cloud directory. That is pretty cool for all of those legacy applications! Keep in mind that this is not just Office 365 but also Azure as a whole. So if you are writing a new app check out and use the API, but if you want to hook up your existing LDAP application (whatever it may be), then leverage our VIS solution.

In case you missed it at TechEd, check out the video here on Channel 9

For any of you Microsoft folks, we are presenting this at the upcoming Microsoft internal event TechReady, so find the session and come see for yourself.