Virtual Directories Corral IDs

By Cameron Sturdevant  |  Posted 2005-06-06 Print this article Print

Virtual directories can reduce the technical and cost barriers of identity management, but some big questions still remain.

The next big thing in identity management is virtual directories. And we do mean big: big potential for big returns, with big questions still remaining. Virtual directories can significantly change the way identity information is used in midsize and large organizations and can reduce the technical and cost barriers of identity management. However, IT managers must commit to centralizing application access to authoritative data sources—no small task in todays global work force.

Virtual directories are software tools that connect to identity data in a variety of authoritative sources, including LDAP directories and databases. Virtual directories broker requests from applications that need access to this identity information. Metadirectories, in contrast, create copies of directory data, resulting in a usually costly infrastructure of replication and synchronization procedures to ensure that data is current. Virtual directories ultimately rely on the original data source for identity information.

Click here to read eWEEK Labs review of two virtual directory systems. Virtual directories also have the potential to lower licensing costs over products like metadirectories that are based primarily on synchronizing data from many sources into a central authority. However, additional features, such as data reconciliation and identity mapping among information sources, can easily drive up virtual directory costs.

Virtual directory tools act as a go-between for data repositories and applications. To the application, the virtual directory appears to be a customized directory that supplies precisely the identity information the application requires. To data repositories, the virtual directory appears as an application that asks only for information that the repository can supply.

At the end of the day, virtual directories make it possible for IT staff to implement new enterprise applications—such as human resources, CRM (customer relationship management) and e-mail—without creating a whole new user credential store to control access.

Virtual directories ability to monitor and record user access also could help businesses comply with the audit requirements embodied in regulations including HIPAA (Health Insurance Portability and Accountability Act), the Graham-Leach-Bliley Act and the Sarbanes-Oxley Act.

In fact, IT managers who decide to evaluate virtual directory technology are well advised to look at the regulatory compliance aspects of these products as a way to get executive sign-off. After the products are in place, IT staff likely will be able to drive significant identity management costs out of application implementations. For these cost savings to become reality, however, IT managers must convince other divisions in the organization that centralized identity management can work.

Next page: Directory politics.

Cameron Sturdevant Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel