Identity Management

Applies To: Windows Server 2008

Establishing a valid user of information or resources in your environment requires that the user be able to provide two pieces of information to your network: identification and proof of identity. The technologies that support users in providing these essential pieces of information are described in the following sections.

Windows Authentication

Windows Authentication

Windows authentication includes components that verify the identity of an object or user in a Windows environment. This page links to technical documentation about authentication protocols, Windows authentication packages, smart cards, and interactive logon.

Central Identity Store

Active Directory Domain Services Overview

Active Directory Domain Services (AD DS) is a secure, highly available, distributed central identity store that is tightly integrated with Windows Server 2008. AD DS serves as the focal point for managing and administrating user accounts, authentication, security policies, and organizational resources such as computers, printers, and servers.

Identity Lifecycle

Identity Lifecycle Manager 2007 (ILM 2007) Technical Library

Identity Lifecycle Manager (ILM) 2007 enables IT organizations to reduce the cost of managing the identity and access lifecycle by providing a single view of a user's identity across the heterogeneous enterprise and through the automation of common tasks. ILM 2007 builds on the metadirectory and user provisioning capabilities in Microsoft Identity Integration Server (MIIS) 2003 and adds new capabilities for managing strong credentials such as smart cards with Certificate Lifecycle Manager (CLM) 2007. ILM 2007 provides an integrated approach that pulls together metadirectory, certificate and password management, and user provisioning across Windows and other enterprise systems.

Federated Identity

Active Directory Federation Services Overview

Active Directory Federation Services (AD FS) extends the ability to use single sign-on (SSO) functionality that is available within a single security or enterprise boundary to Internet-facing applications so that your customers, partners, and suppliers can have a streamlined user experience while accessing Web-based applications.

One-Time Passwords

Strong Authentication with One-Time Passwords in Windows 7 and Windows Server 2008 R2

A one-time password (OTP) authentication solution can be implemented with computers running the Windows 7 or Windows Server 2008 R2 operating systems to require two-factor authentication with remote access technologies such as DirectAccess.