Microsoft Identity Integration Server (MIIS) is an

identity management Identity and access management (IAM or IdAM) or Identity management (IdM), is a framework of policies and technologies to ensure that the right users (that are part of the ecosystem connected to or within an enterprise) have the appropriate acce ...

(IdM) product offered by

Microsoft Microsoft Corporation is an American multinational corporation and technology company, technology conglomerate headquartered in Redmond, Washington. Founded in 1975, the company became influential in the History of personal computers#The ear ...

. It is a service that aggregates identity-related information from multiple data-sources. The goal of MIIS is to provide organizations with a unified view of a user's/resources identity across the heterogeneous enterprise and provide methods to automate routine tasks. MIIS manages information by retrieving identity information from the connected data sources and storing the information in the connector space as connector space objects or CSEntry objects. The CSEntry objects are then mapped to entries in the

metaverse The metaverse is a loosely defined term referring to virtual worlds in which users represented by avatars interact, usually in 3D and focused on social and economic connection. The term ''metaverse'' originated in the 1992 science fiction ...

called metaverse objects or MVEntry objects. This architecture allows data from dissimilar connected data sources to be mapped to the same MVEntry object. All back-end data is stored on Microsoft SQL Server. For example, through the metaverse an organization's e-mail system can be linked to its human resources database, its PBX system and any other data repositories containing relevant user information. Each employee's attributes from the e-mail system and the human resources database are imported into the connector space through respective management agents. The e-mail system can then link to individual attributes from the employee entry, such as the employee telephone number. If an employee's telephone number changes, the new telephone number will automatically be propagated to the e-mail system. One of the goals of the

is to establish and support authoritative sources of information for every known attribute and to preserve data integrity according to predetermined business rules. On IdM market of products MIIS stands out by implementing state-based architecture. The majority of competitors are offering transaction-based products. Due to this approach MIIS requires no software/drivers/agents/shims to be installed on the target system.

Extensibility

The product is extensible through the use of the .NET Framework, which allows developers and network administrators to extend out-of-the-box capabilities and perform complex tasks.

Versions

* Zoomit Via (pre 1999) * Microsoft Metadirectory Server MS(1999–2003) * Microsoft Identity Integration Server 2003 Enterprise Edition IIS(Retired) * Microsoft Identity Integration Server 2003 Feature Pack IFP(Retired) * Microsoft

Identity Lifecycle Manager Microsoft Forefront Identity Manager (FIM) is a state-based identity management software product, designed to manage users' digital identities, credentials, and groupings throughout the lifecycle of their membership in an enterprise computer syste ...

Server 2007 ILM (Retired) *

Microsoft Forefront Microsoft Forefront is a discontinued family of line of business, line-of-business security software by Microsoft Corporation. Microsoft Forefront products are designed to help protect computer networks, Server (computing), network servers (su ...

Identity Manager 2010 FIM (Retired) * Microsoft Identity Manager 2016 IM(Current)

History

MIIS has its origins in two Canadian companies' products, Linkage Software's metadirectory product LinkAge Directory Exchange (LDE) which Microsoft acquired on June 30, 1997 and Zoomit Corporation's metadirectory product, Via, which Microsoft acquired on July 7, 1999. LDE was strongly email system oriented but traces of it and its field mapping technology remain through MIIS 2003. After acquiring Zoomit Via Microsoft renamed it to MMS (Microsoft Metadirectory Services) and offered this product for free; however they will strongly encourage customers to hire Microsoft Consulting Services to install and configure product. Microsoft Identity Integration Server 2003 was completely re-written from ground up. No original Zoomit Via code was moved into MIIS. However Microsoft preserved methodology and original idea of the Via product. MIIS 2003 no longer uses ZScript (proprietary scripting language of Zoomit Via), instead it offered .NET Framework support. With this upgrade Microsoft did not offer a migration path from MMS to MIIS due to the significant differences in the products. Currently Service Pack 2 is available for MIIS 2003. IIFP is a slimmed-down version of MIIS that is limited to synchronization between AD, ADAM, and exchange datastores. In fall 2007 MIIS 2003 was incorporated into a new offering called

(ILM) 2007. This product was announced at the RSA Conference in February 2007 and made available to customers in May 2007. Identity Lifecycle Manager 2007 includes not only the original MIIS 2003 product, but also a component called Certificate Lifecycle Manager (CLM) which is used to manage X.509 digital certificate and smart card issuance.

Future developments

Future releases of MIIS/ILM are expected to be

x64 x86-64 (also known as x64, x86_64, AMD64, and Intel 64) is a 64-bit extension of the x86 instruction set. It was announced in 1999 and first available in the AMD Opteron family in 2003. It introduces two new operating modes: 64-bit mode an ...

only;

x86 x86 (also known as 80x86 or the 8086 family) is a family of complex instruction set computer (CISC) instruction set architectures initially developed by Intel, based on the 8086 microprocessor and its 8-bit-external-bus variant, the 8088. Th ...

support expected to be dropped, following suite of Exchange Server Public

Release Candidate The software release life cycle is the process of developing, testing, and distributing a software product (e.g., an operating system). It typically consists of several stages, such as pre-alpha, alpha, beta, and release candidate, before the fi ...

(RC) version for

'2' is available now (December 2008) The

Microsoft SQL Server Microsoft SQL Server is a proprietary relational database management system developed by Microsoft using Structured Query Language (SQL, often pronounced "sequel"). As a database server, it is a software product with the primary function of ...

2008 is a new back-end dependency of ILM '2'

Supported data sources

MIIS 2003, Enterprise Edition, includes support for a wide variety of identity repositories including the following. Network operating systems and directory services : Microsoft

Windows NT Windows NT is a Proprietary software, proprietary Graphical user interface, graphical operating system produced by Microsoft as part of its Windows product line, the first version of which, Windows NT 3.1, was released on July 27, 1993. Original ...

Active Directory Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. Windows Server operating systems include it as a set of processes and services. Originally, only centralized domain management used Active Direct ...

, Active Directory Application Mode, IBM Directory Server, Novell eDirectory , Resource Access Control Facility (RACF), SunONE/ iPlanet Directory, X.500 systems and other network directory products E-mail :

Lotus Notes HCL Notes (formerly Lotus Notes then IBM Notes) is a proprietary collaborative software platform for Unix ( AIX), IBM i, Windows, Linux, and macOS, sold by HCLTech. The client application is called Notes while the server component is branded ...

and

IBM Lotus Domino HCL Notes (formerly Lotus Notes then IBM Notes) is a proprietary collaborative software platform for Unix ( AIX), IBM i, Windows, Linux, and macOS, sold by HCLTech. The client application is called Notes while the server component is branded H ...

, Microsoft Exchange 5.5, 2000, 2003, 2007, 2010, & 2013. Application :

PeopleSoft PeopleSoft, Inc. was a company that provided human resource management systems (HRMS), financial management solutions (FMS), supply chain management (SCM), customer relationship management (CRM), and enterprise performance management (EPM) softw ...

SAP AG Sap is a fluid transported in the xylem cells (vessel elements or tracheids) or phloem sieve tube elements of a plant. These cells transport water and nutrients throughout the plant. Sap is distinct from latex, resin, or cell sap; it is a sep ...

products, ERP1, telephone switches PBX, XML- and

Directory Service Markup Language Directory Services Markup Language (DSML) is a representation of directory service information in an XML syntax. The DSML version 1 effort was announced on July 12, 1999 by creator Bowstreet (subsequently acquired by IBM in 2005). Initiative sup ...

DSML-based systems Database :

, Oracle RDBMS,

IBM Informix Informix is a product family within IBM's Information Management division that is centered on several relational database management system (RDBMS) and multi-model database offerings. The Informix products were originally developed by Infor ...

dBase dBase (also stylized dBASE) was one of the first database management systems for microcomputers and the most successful in its day. The dBase system included the core database engine, a query system, a Form (programming), forms engine, and a pr ...

, IBM Db2 File-based : DSMLv2, LDIF,

Comma-separated values Comma-separated values (CSV) is a text file format that uses commas to separate values, and newlines to separate records. A CSV file stores Table (information), tabular data (numbers and text) in plain text, where each line of the file typically r ...

CSV, delimited, fixed width, attribute value pairs Other: MIIS provides developers with well defined framework to create additional management agents (in any .NET Framework languages currently available on the market) that are not available out-of-the box. Microsoft itself as well as third party vendors provide a wide array of additional management agents, such as OpenLDAP, IBM UniData,

, Windows Live ID/

Hotmail Outlook.com, formerly Hotmail, is a free personal email service offered by Microsoft. It also provides a webmail interface accessible via web browser or mobile apps featuring mail, Calendaring software, calendaring, Address book, contacts, and ...

MySQL MySQL () is an Open-source software, open-source relational database management system (RDBMS). Its name is a combination of "My", the name of co-founder Michael Widenius's daughter My, and "SQL", the acronym for Structured Query Language. A rel ...

etc.

Limitations

While MIIS appears to support DSML, there is currently no out-of-the-box support for SPML version 1 or version 2.0. Standardization in the service provisioning space would benefit consumers and assist in avoiding costly lock-in to proprietary systems.

References

{{reflist, 2

External links

OpenLDAP Management Agent

Troubleshooting LDAP SSL connection issues between Microsoft ILM/MIIS & Novell eDirectory 8.7.3
Identity management systems Internet Protocol based network software Identity Integration Server