Mitch Irsfeld


"Can we see some ID, please?" In the digital world, the correct response would be, "Which one?"

Managing user identities means synchronizing those identities among different directories, databases and applications. That's where Microsoft Identity Lifecycle Manager (ILM) 2007 comes in. Understanding the key concepts of ILM can help reduce a very complex set of activities into the component parts that actually simplifies the process of managing directories across a heterogeneous enterprise. This month, John McClinchey walks us through the key elements of ILM and shows us how to write some provisioning code.

But implementing a successful digital identity system in the real world requires an understanding of human nature as well as the nature of identity systems. In Part Two of his "Thoughts on Identity" in the Security Watch column this month, Jesper M. Johansson provides eight more principles of a successful digital identity system. In this case, the real world is the business world, where an identity solution needs to be as inclusionary as possible while still securing the sensitive information of both the business and the customer. As Johansson points out, digital identity systems are quite complicated. But users in the business world need to be shielded from that complexity while still providing the appropriate level of trust. Does that mean single sign-on? Maybe not.

At the client level, managing user accounts is facilitated with User Account Control (UAC). First introduced with Windows Vista, UAC enables you to adjust the permission levels of user accounts and set policies for user rights. Windows 7 introduces two new modes for the Protected Administrator account level and a new auto-elevation mechanism. The changes enable standard users to now perform more operations without requiring administrative rights. Mark Russinovich goes inside the Windows 7 UAC this month as he explains the reasons for the changes and the new capabilities from both a user experience and a security standpoint.

Finally, we encourage you to examine the effectiveness of your database backups. While making sure you have backups of your SQL Server database may seem like a no-brainer, how do you know that you've made valid backups and that you have the right backups when and if you need to restore your database? Putting together a backup strategy for SQL Server databases doesn't have to be as onerous as it may appear. In the first of a three-part series, Paul Randal explains how the various types of backup work and how to put them together in your overall backup and restore strategy.

Mitch Irsfeld is managing editor of the TechNet Flash newsletter and TechNet Flash Feed, a daily news blog providing updates on the latest Microsoft engagements for IT professionals.

—Mitch Irsfeld

Thanks to the following Microsoft technical experts: Brjann Brekkan, Bobby Gill, Sushil Gupta, Jesper M. Johannson, John Macintyre, Michael Murgolo, Sanjeev Nair, Scott Schnoll, Sean Siler, and BJ Whalen.