Microsoft overhauls directories for ID management

The company will today start shipping a simplified Active Directory deployment option, as well as a renamed and feature-expanded edition of Microsoft Metadata Services (MMS), both designed for Windows Server 2003.

Microsoft is expected to change the name of MMS 2003 to Microsoft Identity Integration Server 2003. It will have a broader range of support for non-Microsoft directories, partners said, through a larger collection of connectors.

MIIS will be the first fully Microsoft-productized version of MMS, which Microsoft acquired from Zoomit Corp in 1999, said Adrien Ransom, VP of marketing at OpenNetwork Technologies Inc.

The server will use its own SQL Server as its data store, replacing the Zoomit repository, and will make use of XML standards for the first time. MIIS will support LDAP-compatible directories including those from IBM, Novell, and Sun.

MMS, in recognition of the fact that companies have diverse directories, was always designed to synchronize data between these directories. In the new version it will also have what partners characterized as rudimentary user provisioning features.

User identity management vendors OpenNetwork, Business Layers Inc and Oblix Inc are among about 10 companies that will express support for MIIS in varying degrees today. These firms have built applications that connect to MIIS for single sign-on and provisioning.

Oblix said its software will add onto MIIS to allow SSO and identity management to be scaled to millions of users. The two companies have built such a system to manage seven million users, senior director of technology alliances Beth Dabagian said.

Oblix’s access control suite currently integrates with provisioning software from BMC Software Inc, and Microsoft’s MIIS will be offered as an alternate in certain circumstances, Dabagian said.

OpenNetwork will today announce version 5.0 of its SSO software, which has been built specifically to fit into Microsoft environments and play to MIIS’s limitations. Ransom said the software will allow a broader range of directory connectivity.

A second announcement from Microsoft today will focus on the delivery of Active Directory Application Mode (AD/AM or ADAM), which is a version of Microsoft’s previously problematic directory that has been decoupled from Windows.

The Active Directory available as part of Windows 2000 came in for criticisms as being complex and too restrictive. The software was designed to help companies centralize their user directories, but the work involved in doing so was difficult.

Microsoft has shifted gears with ADAM, promising a more application-specific product. The software does not run as a service of the OS, and multiple iterations can run on the same server. It is simpler to deploy, by being not deployed on a domain controller.

Business Layers is one partner that is embracing ADAM strongly. The company will use ADAM as the default directory it offers when selling its eProvision software into companies not wanting to leverage an existing directory, VP of product strategy and marketing David Lavenda said.

Previously, Business Layers offered eDirectory from Novell Inc (one of Business Layers’ investors) as its preferred directory software. Lavenda said the company is seeing most traction in Microsoft shops, so the move makes sense.

Source: Computerwire

Sign up for our regular news round-up!

Give your business an edge with our leading Tech Monitor

Sign up