OpenText eDirectory has been quietly running as the production identity store for UK SMEs, schools, government suppliers and mid-market businesses for over twenty years. It is mature, multi-protocol, replicated to its core, and remains the single most underrated piece of infrastructure in the organisations that still run it. For SMEs thinking about identity architecture in 2026, eDirectory is the kind of platform that does not need marketing — it has been earning its place by working reliably through every Windows, Linux and SaaS transition of the last two decades.
What eDirectory actually is
eDirectory is a directory service that began life as Novell Directory Services in the early 1990s. It is built around a replicated, multi-master tree model that treats every replica as equally authoritative. It speaks LDAP for the modern world, NDS for legacy Novell clients, and a long list of authentication protocols for the systems that came and went around it. The tree is partitioned for scale, replicated for resilience, and managed through a combination of graphical tools (iManager, ConsoleOne), command-line utilities, and a comprehensive schema that has been extended to cover essentially every directory use case an SME is likely to have.
What eDirectory is genuinely better at
- Multi-master replication: every replica can take writes. There is no single-master fail-over story to design, no catastrophe scenario in which the entire directory goes read-only.
- Schema richness: eDirectory has a richer schema than either Active Directory or Entra ID by default, with strong support for location, organisational and class-of-service extensions that map naturally to complex SME structures.
- Protocol coverage: LDAP, NDS, Kerberos, RADIUS, NMAS, NTP — eDirectory speaks more authentication protocols out of the box than any competing directory and has done for years.
- Operational maturity: the tooling, the well-understood failure modes and the operational patterns around eDirectory are deeper than for newer directories.
- Local control: eDirectory runs on hardware the SME owns, in a location the SME chooses, administered by people the SME employs.
Identity sovereignty as a strategic choice
Identity sovereignty is the property of being able to authenticate, authorise and audit your people without depending on a third-party service that could change its terms, raise its prices, lose its accreditation or have an outage on the morning of your board meeting. For most SMEs in 2026 that is not a strong enough requirement on its own to override the productivity advantages of moving identity into the cloud. But for a meaningful minority — regulated sectors, defence-adjacent supply chains, sites with strict data-residency requirements — it is. eDirectory is one of the few mature, supported identity platforms that delivers that sovereignty without requiring the SME to build it themselves from scratch.
Bridging eDirectory to the modern world
The criticism that eDirectory cannot talk to the modern SaaS world is no longer accurate. The current generation of OES runs eDirectory comfortably alongside Active Directory, including as a side-by-side identity source for GroupWise, file and print services. Identity bridges — including the OpenText-branded tools and a number of mature third-party solutions — synchronise eDirectory trees with Entra ID, give modern SaaS applications a usable identity, and let the SME keep eDirectory as the authoritative store while migrating consumers gradually. The integration pattern is well understood and is one of the more elegant answers in identity architecture for SMEs with a Novell heritage.
MFA, conditional access and the modern security stack
The honest gap in 2026 is in the modern security story above the directory itself. Cloud-native directories now ship with conditional access, MFA enforcement, identity protection, risk-based policies and the full Microsoft XDR loop wired in. eDirectory has to be bridged into that stack, typically via Entra ID as a consumer. The work is well understood but adds operational complexity compared with an organisation that has identity and modern security in the same platform. The right conversation is always: do you have the operational skill to bridge eDirectory into the modern security stack cleanly, or is your team struggling to keep the tree healthy on its own?
When to keep eDirectory as the authoritative identity
Three signals say the authoritative identity should stay in eDirectory rather than being consolidated into Entra ID. The first is that the SME genuinely needs identity sovereignty as described above and is not willing to give that up for productivity gain. The second is that the existing identity tree still contains authoritative data — security clearances, complex group memberships, custom schema for line-of-business systems — that the SME has no appetite to migrate. The third is that the team looking after the estate is genuinely fluent in eDirectory and would lose operational grip if forced to migrate. None of those signals is permanent, but all of them are real reasons to keep eDirectory in the role it is doing well.
When to admit the consolidation call
Three other signals point the other way. The first is that the eDirectory tree is genuinely aging — schema drift, partition imbalance, replica servers running on hardware past its support horizon. The second is that the people who know the tree are retiring or moving on and the team that replaces them is no longer fluent. The third is that the rest of the estate is consolidating into Microsoft 365 anyway and the operational complexity of running two parallel identity stores outweighs the sovereignty benefit. In all three cases the right move is a deliberate migration to Entra ID as the authoritative store, with eDirectory kept in a transitional role that is itself documented and time-bounded.
We help SMEs across Hertfordshire, Bedfordshire and London design identity architectures that genuinely fit their operational, security and sovereignty requirements — including the eDirectory implementations that are still earning their place in 2026 and the consolidation projects that make sense when they no longer do. If you are weighing the case for keeping eDirectory authoritative against the case for consolidating into Entra ID, get in touch for a short, practical conversation.

