Microsoft prepares move on ID management

Microsoft is working on restructuring its identity management platform, adding services directly into the operating system with an eye toward lessening users' current integration chores.

The biggest additions would be folding Microsoft's Identity Integration Server (MIIS) - a separate product and cornerstone for Microsoft's identity platform - into Windows to add services such as provisioning and password management. The operating system already includes Active Directory, another foundation of Microsoft's identity platform.

The sources said Microsoft was developing new workflow technology for the operating system that would be used to orchestrate the provisioning and other identity services across multiple systems.

According to observers, Microsoft's intent was to centralise some identity services and make it easier to deploy its identity platform by reducing the amount of integration end-users must do and giving developers one point where they can tie their applications to the identity platform.

They also suggest Microsoft hopes to build a cohesive package around its enterprise identity platform, Web services development tools and standards support, and personalised identity services it is creating in its forthcoming Longhorn operating system, set to begin shipping in 2006.

Microsoft officials would not comment on their future plans for the identity platform.

The restructuring comes as Microsoft is battling rivals IBM, Sun and others who have put together tightly integrated identity suites at a time when identity management has become a corporate hot button.

While the MIIS change is not set in stone, it would dramatically change the capabilities of the operating system. For example, the integration would let users reset passwords across all Microsoft and other platforms from their Windows desktops. Today, users deploy MIIS or purchase third-party software to handle those services.

The catch is that while corporate users would get the provisioning engine in the operating system, they would have to buy the connectors to link the operating system capabilities to other platforms including directories, databases and applications such as Lotus Notes and SAP.

Microsoft's chief software architect, Bill Gates, referred to MIIS in his keynote address last week at the RSA Conference in San Francisco as a key element of the vendor's identity strategy.

"You go to one place, and that information is propagated in the right way across the different places it should be," he said.

Microsoft is also planning to add workflow services in the operating system, most likely with Longhorn, using a technology under development called Windows Orchestration Engine (WinOE). Work to include WinOE in MIIS and other Microsoft software is already underway.

While all this integration could be years down the road, it dovetails with identity services Microsoft is set to release by year-end in the next version of Windows Server, dubbed R2.

R2 includes Active Directory Federation Services (ADFS), which lets user identity information one company supplies be used to gain access on partner networks.

ADFS will eventually provide the Web single sign-on capabilities that Microsoft's identity platform currently lacks, and it is the foundation of the company's adoption of Web services security protocols in Windows, such as WS-Federation and the Security Assertion Markup Language (SAML).

The federation services will intersect with personalised identity services Microsoft is developing, including a revival of Passport with a focus on corporate users, sources say.

Passport was Microsoft's first pass at developing a single sign-on service, but bugs, privacy concerns and dwindling support caused its demise.

Sources claim Microsoft is developing an MIIS connector to synchronise Passport with corporate directories. The idea is that companies could set up their own Passport hubs to store their user information without any Microsoft involvement and use ADFS to federate their hub with their partners' Passport hubs.

Personalisation would be rounded out using the client-side Identity System and Information Card being developed for Longhorn. The Information Card technology is the exact opposite of Passport's design in that users are in control of their personal information and how it is shared.

The cards could be used in peer-to-peer relationships, including validating email senders, or as a single sign-on control. The cards also could secure access control and communication between a user and a company, and between departments or organisations.

Microsoft plans to tie the Identity System into its larger Web Services-based federated identity initiatives.

The vendor hopes to make the cards cross-platform, but critics say the key will be if Microsoft supports other federation standards, including the SAML and the Liberty Alliance's similar user-centric identity model.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

John Fontana

Network World
Show Comments

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Ada Chan

Dynabook Portégé X30L-G

I highly recommend the Dynabook Portégé® X30L-G notebook for everyday business use, it is a benchmark setting notebook of its generation in the lightweight category.

Tom Sellers


This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang


It really doesn’t get more “gaming laptop” than this.

Jack Jeffries


As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr


The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?