Using Microsoft Metadirectory Services Effectively

Previous page
Table of content
Next page

When Active Directory designs encompass multiple forests or when the design has to account for mergers and acquisitions, the Microsoft Metadirectory Services (MMS) tool can be invaluable in keeping directories in synch. MMS, now called Microsoft Identity Integration Server 2003 (MIIS 2003), enables you to integrate and manage identity information across multiple directories. These directories can be different systems or platforms. MIIS 2003 adds functionality to Active Directory by providing enhanced interoperability capabilities. These capabilities include integration with a various identity repositories, synchronizing identity information across multiple systems, managing changes of identity information by automatically detecting updates and passing the changes across systems as well as managing passwords. Prudent use of MMS enables you to keep an entire enterprise of various directories in sync by managing them through a single authoritative source.

Features of Microsoft Identity Integration Server

Microsoft Identity Integration Server 2003 (MIIS) was built with four primary features in mind; centralization of identity information, managing identity information, managing changes to identity information, and broad connectivity.

Centralization of Identity Information

In most companies, identity information is stored in various data sources. This can and usually does result in the duplication of identity information. Data stored in incompatible formats requires you to have access to multiple connected data sources, often with multiple clients .

To solve these issues, MIIS 2003 can do the following:

  • Combine the data for a specific object in the metadirectory, creating a single entry that contains all or some subset of the identity information from each separate data source.

  • Present a single, unified view of some or all of the attributes from the separate data sources even if the connected data sources are incompatible.

  • Provide a single authoritative location from which administrators, users, or even applications can read or manage the identity information for a given object.

Managing Identity Information

Disparate directories usually contain dissimilar identity information on the same person or resource. Invariably, the group that owns and manages the data in a specific data source believes that its data is accurate and authoritative compared to similar data that is owned and managed by another group. In these cases, identity data owners are often opposed to relinquishing control of the data.

To solve the issues resulting from conflicting identity information, MIIS 2003 can do the following:

  • Manage the flow of data between identity information stores to resolve conflicts in identity data throughout the enterprise.

  • Determine what identity data should be imported from each data source.

  • Create rules to determine which identity data store contains the authoritative value for a specific attribute in the metadirectory and pass that authoritative value to other data stores.

Managing Changes to Identity Information

An organization's identity data is often located in different data sources. As such, a change made to data in one source is not automatically made in the other data sources. Propagating the change throughout the enterprise often requires you to manually update the data in each information store. Failure to properly manage identity data can cause the data to become disorganized and out of synch across the enterprise.

To solve issues resulting from changes to identity data, MIIS 2003 can do the following:

  • Determine when a change to identity data has occurred anywhere in the enterprise.

  • Automatically propagate changes in identity data to all appropriate data sources.

  • Ensure that enterprisewide updates to identity data are appropriate based on their authoritative source.

Broad Connectivity

MIIS 2003 excels in the area of connectivity capabilities. MIIS 2003 ships with connectivity to most Network Operating Systems, e-mail systems, popular databases, directories, applications, and even flat-files.

MIIS 2003 ships with the "Management Agents" required to integrate with many various types of repositories, including the following:

  • Microsoft Windows NT

  • Active Directory

  • Active Directory in Application Mode

  • Novell eDirectory

  • SunONE/iPlanet Directory

  • X.500 systems

  • Lotus Notes and Domino

  • Microsoft Exchange 5.5

  • PeopleSoft

  • SAP

  • ERP

  • Telephone switches

  • XML- and DSML-based systems

  • Microsoft SQL Server

  • Oracle

  • IBM DB2

  • Informix

  • Sybase

  • OLE/DB-based systems

  • DSMLv2

  • LDIF

  • CSV

  • Delimited or fixed width flat files


Previous page
Table of content
Next page
Microsoft Windows Server 2003 Insider Solutions
Microsoft Windows Server 2003 Insider Solutions
ISBN: 0672326094
EAN: 2147483647
Year: 2003
Pages: 325
Authors: Rand Morimoto, Andrew Abbate, Eric Kovach, Ed Roberts
BUY ON AMAZON
Qshell for iSeries
Adobe After Effects 7.0 Studio Techniques
Postfix: The Definitive Guide
Quantitative Methods in Project Management
DNS & BIND Cookbook
FileMaker 8 Functions and Scripts Desk Reference
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy