This resource is no longer available
Identity Simplification and Consolidation through Virtualization and Synchronization
If you're planning on simplifying and consolidating an IAM infrastructure, start with the foundational layer of the identity store. Rather than search for the monolithic master directory, directory virtualization and synchronization offer ways to add simplicity, flexibility and unification to the identity data infrastructure while leaving the data where it most belongs. A virtualization layer allows services in the underlying data store to be designed to their strengths - directories remain directories and databases remain databases - but are still able to deliver the data to applications the way they need to see it through common protocols.
Understanding and accounting for all the identity stores in the infrastructure is of paramount importance. Accounts belonging to the same person need to be identified and reconciled as such. Data that is redundant across multiple sources should be identified and evaluated for synchronization. Virtual directories can synchronize identity sources by updating through a virtual view which joins the sources. Also a synchronization product such as Sun's Identity Synchronization for Windows, can be leveraged to provide some reliable, easy to manage synchronization between different directories.