By James Gaskin
Network World, 1/27/97

If you're tired of complaining about Windows NT's underpowered domain services, do something about it - manage NT with Novell Directory Services (NDS). That's the premise of NetVision, Inc.'s Synchronicity for NT. Synchronicity lets you use Novell, Inc.'s NetWare Administrator (NWAdmin) program to manage NT domain and workgroup clients.

While it plugs directory holes in a manner somewhat similar to Banyan Systems, Inc.'s StreetTalk for Windows NT (reviewed last week), Synchronicity for NT succeeds where StreetTalk fails. This is because it uses a stable administration client and supports more than just basic file, print and messaging services, thanks to a moderate but growing list of NDS-enabled applications. Providing a single management point for all network clients, as Synchronicity for NT does, makes good sense.

Running Synchronicity

Synchronicity for NT installation routinely copies several NetWare Loadable Modules (NLM) to NetWare servers, modifies the NDS schema by adding NT objects to manage, and gives you what Novell calls ''snapins'' for NWAdmin programs for both Windows NT and 95. No changes are made to the NT side during installation, except for the addition of synchronization software that implements updates sent from NDS.

NDS absorbs the NT domain you specify. You may clump NT domains into a single NDS branch or spread them out anywhere on your NDS tree. If your company has built your NDS tree with separate branches for each workgroup, Synchronicity allows you to merge your NT domains into each local workgroup, as well. NDS then holds all the information, sending NT details back to the NT server only as needed.

To manage objects on NT systems, you simply use NWAdmin. Normal user management tasks for NT can be handled by NDS administrators with little extra time. Synchronicity passes NDS changes down to NT domains. You can't make changes to NT domains controlled by NDS by using native NT tools - Synchronicity is not a two-way street - but since NWAdmin offers more features, functionality and control than NT user man- agement programs, this is not a problem. Some de-tails, such as access to the NT disk, must still be controlled using the NT administration tools.

Setting access by groups makes life easier because NT disk access controls are less fine-grained than those for NetWare users and volumes.

Users from the NT domain appear under their own icon in NWAdmin. ''Synchronized'' users must be created in a portion of the NDS tree common to the NDS user context and the NT domain (see screenshot). Configuration settings within Synchronicity determine whether newly created users are automatically linked, and whether to sync their passwords. External programs are supplied to synchronize passwords for linked users created before installing Synchronicity.

Importing existing users to either NT or NDS creates potential for name conflict, and Synchronicity takes that into account. NT users can be placed in any NDS container, and algorithms are available to ensure names are unique.

Passwords can be assigned, set to the user name or left off. Users may be forced to supply a new password the first time they log on.

User profile modifications common between NT and NetWare will show when applied to either the NT group user or the corresponding NDS user, assuming the two are synchronized.

In other words, changing the allowed logon times for the NDS user will also change those times for the synchronized NT user. When the NT synchronizer program is active, the change is nearly instantaneous, at least on the small lab network.

User account items tracked by NDS, such as charges for disk use or connect time, don't have analogs on the NT side. Synchronicity obviously can't do anything about that. The only control NDS has over the NT workgroup server is typical user details, such as forcing password changes and allowable connection times. You can't control user access to NT files and directories.

Synchronicity also does not let you create a printer or print queue on the NT domain from NWAdmin.

Not burdensome

Maximum memory use on the server during the test was 11K bytes; the NetVision Global Event Services NLM is not a resource hog. The NT synchronization program may run constantly, or you can force updates after making NDS changes. For active systems you should leave it on so user profile changes happen immediately.

We saw no impact on the NetWare server in normal background mode, although early NDS modifications bumped utilization up slightly. However, busy application servers would be a poor choice for running Synchronicity in the background; the occasional CPU spike from updates adds to the server load, and synchronizing is delayed.

Log information tracking user modifications can be written to the NT System Event Log or a file of your choice. You can limit file size so as not to be surprised one day by the log file taking over your disk, and you can set how much change information is logged.

Synchronicity for NT installs easily and includes comprehensive online documentation. Installing the product on a NetWare 4.10 server may require multiple file upgrades, but all the necessary files are included on the CD-ROM and can be applied automatically. We had to reboot the Windows NT server and the station modifying the NWAdmin program to load some of the new programs.

The NetWare server did not require rebooting; loading one new Synchronicity NLM pulled up the second required NLM automatically.

Snapins to the NT version of NWAdmin worked without our intervention, which is not always the case, even with Novell's own snapins.

Good for mixed environments

Network managers in mixed environments will find Synchronicity a help. However, the price of adding both NetWare and Synchronicity makes it fairly expensive to use this product for an all-NT shop.

Microsoft and Novell could each make the product obsolete, but recent delays from both companies suggest the niche for Synchronicity will exist for quite some time.