SSA will round up stray domains to brand them with common NT

The Social Security Administration, one of the government’s largest and most
geographically dispersed agencies, wants to rein in its so-called rogue domains—LANs
running Microsoft Windows NT that do not conform to the common field office LAN structure.


“We have 14 domains out there that we want to consolidate into a single
domain,” said Ron Cooper, a computing specialist in SSA’s Client-Server
Division.


Apart from the rogue domains, administrative staff at SSA’s Baltimore headquarters
and support staff around the country use Novell NetWare networks.


“We are at the point where we have to migrate the existing Novells and get a
handle on the NTs that don’t comply,” Cooper said. “We are looking for
something that would let us copy users to another domain.”


Cooper also wants the ability to copy groups from Novell Directory Services directories
while maintaining their organizational structure.


SSA uses Enterprise Administrator from Mission Critical Software Inc. of Sterling
Heights, Mich. The security and accountability management software can consolidate domains
and define organizational structures, but it works only with large-scale NT networks.


SSA has been beta-testing a new release of the DirectManage suite from Entevo Corp. of
Arlington, Va. The suite has a wizard to move groups between domains and a migration tool
to move users and groups from an NDS hierarchy to either a flat NT domain or to the
suite’s DirectAdmin hierarchical structure.


“That works fairly well,” Cooper said. But SSA is several months away from
deciding what tool to use.


DirectManage 2.0 is a cross-platform directory management suite intended to ease a move
to the future Windows 2000. In addition to DirectAdmin, it also contains DirectMap, which
maps directories to Microsoft’s Active Directory so that administrators can develop
hierarchical organizations while waiting for the release of Win 2000.


The suite’s DirectMigrate for NDS lets administrators move NDS directories either
to a flat NT domain structure or to DirectMap. DirectMigrate synchronizes passwords
between NT and NDS.


Consolidating domains is important to an agency that has thousands of LANs to
administer. “Because of the size of our network, we need to spend some time doing
that before moving to Windows 2000,” Cooper said.


The domain consolidation probably will have to wait until after year 2000 problems are
out of the way, however.


The rogue domains that SSA wants to bring into compliance are not bad guys, Cooper
said. They were merely early client-server adopters, moving away from the agency’s
old dumb terminals to set up their own directories and support systems.


One big advantage to having a unified set of directories would be the ability to
inventory and distribute software electronically. Managing software for 50,000 users is a
huge undertaking. SSA recently outsourced its application development and code management
in a $115 million, seven-year contract with Lockheed Martin Corp.


Entevo’s DirectMap would let SSA experiment with hierarchical directories before
rolling them out under Win 2000. Network administrators established some NDS hierarchical
directories that did not work well in use, Cooper said. DirectMap would give them a chance
to test directories before going into full production.


About the Author

William Jackson is a Maryland-based freelance writer.

inside gcn

  • network

    6 growing threats to network security

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group