- Nokia's new N97 vs. the iPhone
- 10 Microsoft research projects
- Hard to get justice in MySpace case
- Smartphone smackdown: Storm vs. iPhone
- Apple removes antivirus support page
Virtual directory servers that aggregate identity information from a variety of sources promise to solve problems with directories and databases while creating an identity “layer” that can provide identity services to any application.
Directories and databases act as identity storage for an enterprise’s identity-management system. In most enterprises, identity information is dispersed in multiple directories, which are often managed autonomously by a business unit. Over the years many enterprises have attempted to consolidate directories into “meta-directories” to reduce complexity and operational costs. Still, political issues regarding control of the information in the directories make it difficult to wrest control of all directories and put them under one single management.
The virtual directory server does not hold any identity info itself. Instead, virtual directory servers work by aggregating identity data from multiple sources, such as LDAP-enabled directories, Microsoft’s Active Directory, databases, and so on. When an application requests identity information, the virtual directory server will use a set of rules from its configuration to decide how to join the identity data from different sources.
Each different source may only have part of the picture: HR databases may contain a person’s name and title; an Active Directory server may hold the user’s memberships in various groups, and so forth. The virtual directory server can merge the information into a single virtual identity and present it to an application.
The benefits of virtual directory servers are significant:
Political - By leaving the identity information in the original data stores, there are no political arguments over control of the data. HR can still maintain and manage its own database of employees, while making that information available for all kinds of applications.
Application migration - New applications can be written to access identity information from the virtual directory server. This abstraction allows administrators to move or re-engineer the original data sources without any disruption to applications. This creates a much smoother migration and consolidation roadmap.
Availability - Virtual directory servers can source identity information from two or more equivalent sources. If one goes down, the request can be routed to another. This increases overall availability and allows for data migration work without downtime.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
SMART Steps Toward Consolidated Workload Automation
Consolidating job scheduling into a single, comprehensive workload automation solution is a critical first step to effective workload automation (WLA).
White paper on WLA here
A Comprehensive Approach to Practicing ITIL Change Management
Read a compelling whitepaper by EMA, Inc. to learn best practices for integrating workload automation.
Whitepaper here
2 Minutes to IT workload automation
BMC CONTROL-M can put money back into your IT budget and strip the complexity and risk from workload automation.
View video here
Gain a faster, cheaper way to manage workload
BMC CONTROL-M can help you migrate to a workload automation solution to meet your organization’s goals.
Listen here for more info
Comment