I love networks, they allow us to do what we do and most people, whether in the industry or not, get what they are. However, start talking about directories and understanding is not so clear. It’s just a list, right? Yes, but a little more as well.
To allow our corporate networks to run smoothly, and to deliver the most efficient service to users, we often need a little help from Active Directory. As well as delivering the services that make our networks usable, Active Directory provides the glue that binds organisations working in collaboration together.
In 2000, the landscaped changed forever when Microsoft released the most significant component of its corporate career to date, Windows Server 2000 and the accompanying Active Directory and network services. Organising, administering and securing large domains now became a more structured pastime and directory design, planning and deployment was the mainstay of our work. In the intervening years, Active Directory has become the heart of IT infrastructure; we use it to control system access, distribute IP addresses, find resources, create groups, map drives and generally govern the experience users receive. These services are critical to enabling the organisation or community to operate efficiently and therefore require careful planning, monitoring and managing.
Organisations change; their business changes, they grow, they merge with other organisations and IT must continue to ensure that during these changes, the service is maintained and data is protected. All too often, the wheels of politics turn without heed to the impact on the IT infrastructure. Sometimes organisations barely recover from one organisation change before another is upon them. This can lead to separate IT teams, with disparate IT systems, supporting discrete groups of users within the organisation whilst trying to establish a practical programme for consolidation without disruption to their operation. Without a clear strategy determining how devices will be governed and user access will be controlled, this task is a difficult one.
Understandably, during organisational change, the need to maintain functionality is prioritised, with the path of least resistance being to achieve status quo. Unfortunately, this can lead to the consolidation of networks and directory services becoming the poor cousin, the result being to further cement divisions between facets of an organisation. In the financial years following a restructuring or merger, the board will be looking for the savings that the change sought to deliver, not the message that efficiencies are being hindered by lack of consistency in working practices across the organisation and the need to undertake large-scale network reconfiguration or migrations along with the associated disruption to services.
As we have established above, the well managed Active Directory is of paramount importance to the management of the IT estate and its ability to unify the organisation or community. So why do we all have a story to tell about the lack of prioritisation of this critical element of our infrastructure? The answer to this question is complex, perhaps due to business leaders lacking the appreciation of the importance or the difficulties encountered by IT managers in communicating this to them. Regardless, the lessons learnt from organisation transformations that have proven problematic, when compared with those that have been a success, dictate that it is critical that Active Directory is foremost in the planning exercise for any organisation transformation.
One factor that might contribute to directory services failing to obtain sufficient focus within transformation programmes is the perception of complexity or the anticipated cost of undertaking what are seen as significant changes. Unquestionably, there is a cost involved in directory transformation, however, like so many investments, it will pay dividends downstream. It is the route to consolidating and rationalising existing IT systems, introducing collaboration, achieving consistency of work practices and reducing the ongoing cost of delivering the IT services. As such, the shape of Active Directory subsequent to the organisation change must be carefully aligned to the long term business objectives.
Within our NHS customer organisations, we work with a great number of talented and dedicated IT practitioners; however, significant directory transformations happen only occasionally. This is where BDS Solutions provide invaluable additional input and support to organisations undergoing restructuring or merger. We are continually designing, deploying, migrating and managing Active Directory and Exchange services for our customers, bringing the experience and tools required to ensure that these transformations deliver what the organisation or community needs to benefit from the transformation and effectively deliver their services. This is not a one-size-fits-all approach; directory design will consider who will administer services, the locations of prospective users and how the organisation intends to evolve.
BDS Solutions are N3-connected technical partners to NHS organisations and provide:
- Design, Deployment and Migration Services including licence-free tools – BDS Solutions work with organisations to establish the most appropriate directory topology to facilitate the objectives of the business. Our consultants advise on all aspects of Active Directory design and upgrades. We also establish migration procedures using our licence-free migration tools. These tools extend the native Active Directory Migration Toolkit provided by Microsoft to support a lot of facilities that other tools cannot. This includes the migration of extended attributes, group translations, attribute cleansing and reformatting and account renaming. Our tools can be extended to accommodate other bespoke migration requirements as required.
- Community Directory Services – BDS Solutions implement and support Active Directory forests on behalf of health communities who wish to work in collaboration. The most significant instance is the Active Directory forest for the North West Shared Infrastructure Service that provides services on behalf of 11 NHS organisations in the North West of England. This forest comprises separate domains for each organisation, all designed, migrated and supported by BDS Solutions via a central support contract negotiated on behalf of all organisations. This includes monitoring Active Directory and Exchange in accordance with operating standards produced by BDS Solutions for the community.
- Health Check Services – health monitoring for Active Directory is critical. Issues with site configuration, DNS replication, logon processing and group policy design can have a significant impact on efficiency and continuity. BDS provide design review and health check services to organisations to ensure that Active Directory is delivering the most effective service to users.
- Provisioning and Self-Service – BDS Solutions develop and deliver Directory Manager, the most widely used software for managing Active Directory using data provided from the NHS Electronic Staff Record system and through departmental self-service. The software provides direct integration into the ESR Generic Outbound Interface to provide an automated daily feed of data through to Directory Manager from where Active Directory accounts and Exchange mailboxes can be created and maintained with a single click.
If there are topics above that you consider may impact your organisation, please don’t hesitate to contact BDS Solutions on 01884 33440 or info@bds-solutions.co.uk. BDS will help you scope the work required and provide a fixed price proposal to deliver the service or provide call-off consultancy at highly competitive rates for greater flexibility. More information about our directory services is available here.
Nick is the Sales & Product Director at BDS Solutions and has worked with Windows communications, directory and networking technologies for 25 years.