Integrating eDirectory campus-wide in 1995 solved some big problems for Clemson's user base and IT administration; however, bringing eDirectory into full production introduced another not-unexpected hurdle. Everyone was using eDirectory authentication and a single password to log in to various systems on campus, but users still had to log in to the campus mainframe with a separate password. Which meant there were over 30,000 people still needing to log in separately to the mainframe for housing and course registration access—a source of confusion for students, faculty and others, as well as a support bottle-neck for administrators.

Clemson has always been a strong development shop, so they set about designing a system to meet their needs. Their first efforts to synchronize the passwords proved to be quite challenging, given that due to strong security in eDirectory, it is nearly impossible to trap a password change and then forward it on to other systems. Also, Clemson discovered from working with eDirectory that data synchronization is tricky without reliable time synchronization between systems as a basis. Condrey and his team of developers decided that, instead of trying to synchronize passwords with other systems, other systems would simply use eDirectory to authenticate in real time.

"We were looking for something to unify these environments. eDirectory looked like the only thing out there that could help us do that. NT was in its infancy, so it wasn't an option," Mr. Condrey explained. "In fact, I don't think we could cram the 36,000 users we have today into an NT domain. We could have done some things with UNIX and NFS, but I really felt that eDirectory was the resource from which we could derive greater benefits rather than hodge-podging everything together."

Clemson's authentication server project, referred to as CUPID, pushed development of eDirectory APIs through development of tools for managing large numbers of user Ids, home directories and collaborative storage space. They added a number of functions that push eDirectory security out onto their network to embrace all of the campus' heterogeneous systems. For example, Clemson's implementation of eDirectory can now authenticate a user and verify if that user has permission to access data on a specific system to be logged into. To accomplish this, Clemson developers wrote a set of NLMs™ (NetWare Loadable Modules™) to accept requests form other systems and created hooks on the other systems to redirect both local user authentication and password change requests to the NLM. They spent two months prototyping and the next four developing and testing the production version of the code.

The result of integrating these various systems through eDirectory? Clemson network administrators now keep the entire system—including the campus mainframe—secure and organized, offering users trouble-free login access. All user ID operations are automated. As students register for the first time and later graduate, user IDs are generated and deleted automatically. Similarly, employee accounts are also automated as people are hired and leave the university. Along with providing users with single-password login for accessing information resources, another important benefit of Clemson's eDirectory integration is the location-independent access to information enjoyed by everyone—whether on campus or off. "With eDirectory, assigning unique access privileges of each group of students, faculty and staff is now simple and straightforward," says Mr. Condrey. "When it comes to our directory needs, we wouldn't have done anything differently. This project has been hugely successful."

Asked about the quality of developer support provided by DeveloperNet®, Novell's standards-based program for developers, Mr. Condrey answers, "If you can do one thing better than anyone else, you've found your place in the world. I've seen real dedication from the people there. Talk is cheap, but from Novell I see action— especially in the developer area."

For developers, Clemson University's successful campus-wide directory integration illustrates the functional and market advantages of eDirectory for building high-performing directory-based solutions that operate seamlessly in mixed environments. No matter how you measure performance, Clemson's implementation of eDirectory as a cornerstone of their technology infrastructure is clearly a winning application. Just what you expect from yet another application that leverages the world's directory standard, eDirectory.

*All other third-party trademarks are the property of their respective owners.