03/14/96

The meeting began with a discussion of potential future topics. Janani suggested we review the presentations from Decorum and see if there was interest in bringing the presenters to the next MDUG meeting. Highlights from Decorum were:

Tom Philips from Microsoft suggested David Chappelle present to us. David is very active in DCE and CORBA at a low level.Two very good presentations followed, Microsoft's strategy for Distributed Computing, and The Value of Computing Infrastructure by Deloitte and Touche. Unfortunately the speed of the presenters prohibited me from getting everything down. My apologies in advance for the disjointed nature of the minutes.

Microsoft's Strategy for Distributed Computing.

Tom Philips presented the strategy for Open Systems (and DCE) at Microsoft. Tom works with large customers looking for solutions. Tom also works with the NT developers on RPC and client interoperability.

Microsoft is the largest RPC developer in the world. Microsoft Exchange uses DCE RPC's for mail distribution. Microsoft is very focused on high-volume/low-cost software. If it will not sell one million units, it is not worth the effort.

Tom's talk addressed the following topics:
- The role of Open Services and Distributed Computing.
- Creating Distributed Applications.
- DCE Products shipping and under development
- Relevant Microsoft Product Releases
- Conclusions

Microsoft Network strategy.
- Open Clients to enable Information at Your Fingertips (IAYF).
- Open and Cooperative Servers, a single system image that provides back end services to enable
"IAYF"
- Practical and Effective Distributed Object Technology, OLE through the Component Object
Model.

Open Systems are Critical
- Provide interoperability in Heterogeneous Environments
- Simplify application development

Microsoft Commitment to Open System Components
- Windows Open Services Architecture.
- OLE/COM
- Systems Management
- Network connectivity standards, working with IETF and other standards bodies.
- DCE compatible RPC protocol will be in all products.
- Microsoft does not plan to be a provider of all DCE services.
- DCE will be the core solution for security at Microsoft. Microsoft will interoperate with
Kerberos and DCE security out of the box. Will not provide the security solution and will not

Microsoft white paper on DCE interoperability is available at ftp.microsoft.com. Written by
Tom, this paper discusses Microsoft's direction re: DCE. Tom feels that what he wrote about will
occur.

Windows NT already has many parts needed to integrate with DCE. All services except X.500
directory service are available today. This includes RPC's, DTS, threads, directory, security
services. Some solutions are done via wrappers (DTS, etc.)
Tom showed how to select alternate services through the NT control panel. For example, the
security service can use a security plug in to access alternate security solutions (DCE, RACF,
Top Secret, etc.) NT servers will be able to accept DCE tickets for authentication, available in
the 97-98 time frame.

- How does Microsoft see DCE?
Some parts are good and useful, some parts are not so good. DCE Inter-operability is
Microsoft's direction, but Microsoft is not going to provide the DCE API's.
Some good solutions to newer problems:
RPC (with optimized implementation). Microsoft RPC is shipping now.
Kerberos-based security. Shipping in a future version of Windows NT.
CDS/GDS and DTS have positive parts.
Some sizing and scalability limitations seen.
Some performance concerns.

Microsoft RPC.
OSF wanted too much money for Microsoft to license the code. Therefore Microsoft wrote their
own, using the OSF spec for direction.
Performance limitations drove them to write their own as well.
RPC is the base architecture for all Windows NT administrative tools. Remote admin., remote
log query, etc.
RPC is available on all client platforms (except Mac.)
WIN32 SDK contains an IDL compiler and RPC development tools.

Tom showed how a developer could build a distributed application in VB. Uses RPC's as
transport protocol. All the interoperability in OLE/COM is built upon Microsoft's DCE-like
RPC's. An example of calling a DCE RPC from Excel was given. OLE/COM was used to facilitate this.Case Study.

Automotive order entry application.

Microsoft Consulting Services assisted in the project. The client was created in VB. Microsoft
provided OBJCOM, an OLE server to sit below the application, above the network stack. This
isolated the developer from the connectivity model (Microsoft RPC, winsock, COM). The source
code for the OBJCOM solution is available from Microsoft. Janani will have the
address for it soon.

Note (from Janani): Here is Tom's reply about its availability
As discussed during the session, we are just
finalizing the build of ObjCom, and writing the MSJ article. Details to
follow. This will undoubtedly take longer than a few weeks to get put
into a release version. (Tom Philiips)

Tom spent a good amount of time discussing OLE and COM.
What is OLE? OLE is a backplane where applications can be plugged into to talk to each other,
intra-process, inter-process, or across the network.
Microsoft is working with vendors to provide OLE/COM to several platforms, UNIX, MVS, etc.
Network OLE is based on Microsoft RPC.

A request was made from the audience for Microsoft to ship DCE client services with their OS.
If you feel this is a good idea, send a note to Tom.

Tom would like to get feedback from customers on Microsoft direction. If you have any
questions or concerns, e-mail him at <strong>tomph@microsoft.com</strong>.

The Value of Computing Infrastructure: Benefits of DCE.

Scott Kandel and Mark Kolakowski from Deloitte and Touche.Contact: dce-info@dttus.com
Scott and Mark had a very slick presentation, complete with sound effects, flashy graphics andlong (100+ Meg) video clips.The technology is not the issue around DCE. The issue is keeping the momentum up, keepingthe interest of management. How do you justify $several million on an infrastructure?Technology needs to support the organization.

Misalignment of Technology? Is technology helping or hindering the organization? There are three sides to the business world, the organization, the business, and technology. The organization and the business each have needs and concerns that technology strives to meet.


Business concerns:
- increased competition, dynamic environment, generates a need to act and react, quickly.
Organization concerns:
- Empowered workers, flexible organization, leaner environment due to global competition.

Unfortunately technology today is:
- proprietary, incompatible, departmentalized. This causes technology to be a hindrance to
growing the corporation.

Challenges with current distributed environments.
- Integrating heterogeneous environments. The world is going to stay heterogeneous, MVS is
not going away anytime soon.
- Incompatibility between Legacy and New Systems. The old environment still has to be
supported even as the new environment grows. Businesses are finding they have to double (or
more) the support and management efforts when the new systems come up.
- Difficult to manage and administer.
- Immature tools and missing utilities.
- The technology is constantly changing and growing.

Options other than DCE.
- Do nothing, ignore the fact that things are changing. This solution may save money now but
will cost in the future. Distributed applications are being written, if no infrastructure is put in
place the future will be painful.
- Implement point / short term solutions. This solution generates a monster, is inflexible, limits
future options.
- Choose single proprietary system. This solution increases dependency on vendors, if the
vendor does not react to market changes, you are sunk.

- DCE as the solution.
Why? Wide industry support, especially IBM in the Open Blueprint, Microsoft's NT-based
RPC's. Several DCE enabled products are on the market. Several production systems have been
deployed based on DCE.
What does DCE provide? Highly interoperable across heterogeneous platforms, a solid security
platform, provides transparency of the underlying platforms.
DCE migration strategy is flexible, scalable, low risk. The cell can be implemented without
affecting the existing applications, then as the applications are DCE enabled, the cell is put into
use.

Mark and Scott showed a video from IBM discussing the Open Blueprint and IBM's support of
DCE.

Value of DCE to the Organization.
How do you get out of the lab and into production?
Complete corporate buy-in is required. Each level needs to understand what DE can give you and
why it is good.

Executive level.
Executives can be shown an economic analysis of DCE security. DCE adds in an initial lump
sum investment, but as security levels rise, the cost goes down.

Financial analysis concerns to show the executives.

Costs: Benefits:
Building the foundation Leveraging the infrastructure.
- short term - long term
- Infra structural - economies of scale
- expensive - hard to measure
  - Enormous Savings (training, development, etc.)

No one wants to pay for the infrastructure. There is little perceived benefit at this time. The top
levels need to realize that this is necessary. Over the long term, the benefits will come, but the
initial outlay is big. Quantifying the benefits is difficult. Single sign on, security,
interoperability, negotiating power with vendors, are all hard to put numbers on.

Video from CIO and Director of Distributed Computing from United Health Care on why they
used DCE.

Value of DCE to development managers.
Having the infrastructure in place, can respond to business needs faster. Once the security is in
place, the developers do not have to address it with each system. DCE provides a common set of
services for various platforms.

Value of DCE to Developers.
DCE can make the development process easier, if you provide wrappers above DCE. These are
available from vendors (Visual Age, Gradient, etc.). Developers will not be writing their own
RPC's, the process can be simplified. Once the programmer learns the provided API's, they do
not have to learn another one. DCE is fun. It is new and exciting stuff for the programmers.

Value of DCE to Technology Managers.
System management is eased, do not need to manage multiple security systems.

Value of DCE to clients and end-users.
SSO, single reference point for user inquiries, transparent to users, supports dynamic access to
resources. Clients can get a vested interest in success. If the client understands that DCE solves
the SSO problem, they will appreciate the investment.

Deloitte & Touche clients are using DCE more. SSO solutions based on DCE are being
implemented. All the services do not have to be used right away to see benefits. Once the
infrastructure is in place, it can be used for lots more down the road. Implementing DCE
infrastructure just to get SSO may be too expensive.

Thanks again to CITI for providing the location and the coffee.


DCE Users Group of Michigan (DUGM)
Author:
Janani Janakiraman
Revised: 06/14/96
URL: http://www.citi.umich.edu/dugm