The company released to manufacturing Microsoft Identity Integration Server (MIIS) 2003, an updated version of Microsoft Metadirectory Services (MMS), which it originally acquired as Zoomit Via from Zoomit Corp.
Microsoft, meanwhile, said it planned this summer to release Active Directory Application Mode (ADAM), a version of Active Directory for management of application data.
Since February 2000, when Active Directory launched with Windows 2000, Microsoft’s directory has only been available with the operating system. Support from ISVs and systems integrators was also announced.
Michael Stephenson, lead product manager for Windows server development, said the package would help simplify identity management for customers.
Identity management has become a hot topic recently, thanks to web services re-inventing the need for directory servers. Increasingly, directory servers, once a means to manage groups of users, their access rights and network-based assets, are seen as the underpinning of systems that federate secure authentication and user access rights to XML-based services inside and outside the firewall.
Microsoft’s strategy is designed to grow the company’s presence against vendors like Novell Corp and Sun Microsystems Inc with firmly established directory products.
These companies are now evolving their directories to underpin identity management. Novell’s eDirectory is expected to support the Liberty Alliance Project specifications while Sun’s One Identity Server, launched in 2000, consumes data from Sun’s directory server to manage single sign-in and also supports Liberty.
Both companies are skeptical of Microsoft’s strategy. Novell director of Nsure solutions Wendy Steinle said Microsoft has let identity management pass it by. Microsoft is starting with a directory and working to enhance the meta directory. They are playing catch-up.
Sun’s senior director of marketing John Fianelli called the launch a validation of Sun’s own actions, but added Microsoft is simply re-branding the company’s existing meta directory product while relying on ISVs and consultants for deeper functionality.
As previously reported, Microsoft partner Oblix Inc’s software, for example, will allow MIIS’s single sign-on and identity management to scale to millions of users. ISVs announcing their support also included Business Layers Inc, DigitalPersona Inc, ePresence Inc, M-Tech Information Technology Inc and OpenNetwork Technologies.
PricewaterhouseCoopers, meanwhile, has developed a set of implementation guidelines with Microsoft consulting. Others backing Microsoft include Cap Gemini Ernst & Young, Fujitsu Services, HP Services and Unisys Corp.
Microsoft has re-named a meta directory product an identity server product, and is working with partners to fill-out holes in the strategy, Fianelli said.
Stephenson denied Microsoft is playing catch up to Novell and Sun, adding MIIS is re-architechted to add to management capabilities. These include the ability to detect when a user is added or deleted from a system, such as on a human resources server, creating or removing relevant privileges and access rights. MIIS 2003 achieves this via a set of business rules. MIIS also features a web-based password reset feature for end-users.
ADAM is application focussed, designed to off-load data from the central Active Directory while customers use their distributed Active Directory infrastructure for single sign-on. ADAM gives greater flexibility in deploying an identity infrastructure, Stephenson said.
Also planned, is an Audit Collection System to consolidate and present sign-in data in a unified format. The system unifies separate Windows-based audit systems, and is due for release later this year.
Missing from yesterday’s announcement was Trustbrige, unveiled last year at the same time as plans for MIIS and ADAM were revealed.
Trustbridge is Microsoft’s planned mechanism for exchange of information between different organization’s Active Directory systems. Microsoft said last year Trustbridge would be based on WS-Security, which defines a standard set of Simple Object Access Protocol (SOAP) extensions in message headers.
Stephenson said Active Directory would evolve towards support for WS-Security but was unable to say when Trustbridge would be launched.
Source: Computerwire
