Mark Squires II

I have just been doing some reading about ADAM, and it spawned a few questions. If you were to build a large scale ASP.NET website, let's assume it is a social networking site, and your goal is to have millions of users registered on this website. Also, its possibly that as the business grows, different departments within the ogranization want to make different "sub-applications" that may only be of interest to a particular subset of the user base.

Lets also assume these sub-applications had their own set of user roles for authorization purposes.

Do you think there is more merit to using ADAM in a situation such as this

Is this a proper use of ADAM If we were to compare and contrast against the ASP.NET Schema for membership what are the pros and cons

To me it seems like you would get a performance benefit from using ADAM, once the user base hits some threshold, lets say 5 million users. Do you think this could provide good separation between applications to allow different areas of the business to be more agile and keep up with current trends in the market while still maintaining the ability to efficiently manage users at an enterprise level. Is it also a benefit of using ADAM that the user management can be done in a similar fashion to how AD accounts are managed in a typical AD environment in large corporations

I have various ideas about alot of these things, but am trying to get a feel for whether I am understanding the appropriate uses of the technologies.

Thanks for your input.

Mark



Re: Architecture General Active Directory Application Mode vs ASP.NET Memberhsip Repository

Martin Platt

Sounds to me like it could be a possible choice, one among many...

I think the pros of this approach would be that it uses Active Directory which has been tested with something like 60 million objects. It allows you to leverage a existing technology for you application.

What I would ask is, is it likely that you will have such a large amount of users, and would using AD be the most effective choice for authentication What would you need to do to maintain such an application, and does that maintenance then lend itself to ADAM

I think that the other difficulty may be that you could use the technology, then later perhaps find that it is no longer viable, however since you're basing the architecture around a technology choice, not the technology choice around the requirements, I think you might get yourself into difficulty

I hope this helps you start to ask yourself the difficult questions!

Good luck,

Martin.






Re: Architecture General Active Directory Application Mode vs ASP.NET Memberhsip Repository

Ahmed Nagy

Hi;

Your scenario sounds fine and it matches Scenarios of using ADAM. Let's list some facts...

  • ADAM and AD share the same code
  • AD was tested for 60 millions but ADAM was tested for 5 Millions only (I'm not questioning the capacity, but these are the records).
  • AD and ADAM support load balancing
  • AD supports server clustering but ADAM does not

According to Microsoft, you need to use AD for Authentication and ADAM to store personalization information of your category. Before making your decision, evaluate the following...

* Query of information for reporting, how fast will that be

* What about consolidating data from different ADAMs

* Do you need clustering

* What will you have in your database and how this will be sync. with ADAM

* How will you manage the complexity of InfraStructure solution on which your applications is based on

Now my suggestion is, if your will be using AD solution then ADAM sounds fit. However, try to evaluate the alternative solution of using DB solution against using ADAM. Again evaluate both solutions regarding both complexity and your application requirements.






Re: Architecture General Active Directory Application Mode vs ASP.NET Memberhsip Repository

LeoTic

Hi Ahmed,

One small query on your answer.

When we use active directory for authentication and ADAM for storing user profile like address, credit card number,how do we achieve synchronisation of data between AD and ADAM.

Also when performance of database is comparable or even better than ADAM, what are driving factors for storing user profiles in ADAM,when it even don't supports clustering.

Is there anything else that cases when hierarchy based(user,manager) scenario needs to be catered.

Cheers





Re: Architecture General Active Directory Application Mode vs ASP.NET Memberhsip Repository

Ahmed Nagy

Hi Leo;

For Synch. You can do it manually or use adamsync tool (check this link). Please check technet for best practices of using ADAM here. From this article for best practices, "When the application needs to access the special schema data about the user (for example, shoe size or shirt size), it can read the data from or write the data to the ADAM instance. In this example, data like shoe size and favorite color do not belong in the corporate authentication directory."

As I said before, the driving factor is basically your requirements and the complexity of the solution. In some scenarios ADAM will be simple, In others DB solution will be perfect.