Application Security, Part 5

Now, of course, you are thinking that if the problem with storing my data in my relational database was that it added yet another repository of user data to the enterprise, thereby magnifying the effort required of them to administer their users, well, then, having my user data in my own ADAM directory service will have the same shortcoming. Well, that is where Microsoft Identity Integration Server 2003 comes in.



That product, which I am going to refer to by the acronym, MIIS, provides what is known as a meta-directory; indeed, the previous edition of the product was called Microsoft MetaDirectory Services. A meta-directory alleviates that problematic situation I described of an organization having multiple directory services. The meta-directory provides a way for information to flow among the various directory services, so that items in one of the directory services exist in the others, and changes to an item in one are propagated among the others, taking into account that one directory service’s value for a given attribute may be considered authoritative.


[This posting is provided "AS IS" with no warranties, and confers no rights.]