Microsoft Identity Integration Server (MIIS) is an identity management (IdM) product offered by

Microsoft Microsoft Corporation is an American multinational technology corporation producing computer software, consumer electronics, personal computers, and related services headquartered at the Microsoft Redmond campus located in Redmond, Washing ...

. It is a service that aggregates identity-related information from multiple data-sources. The goal of MIIS is to provide organizations with a unified view of a user's/resources identity across the heterogeneous enterprise and provide methods to automate routine tasks. MIIS manages information by retrieving identity information from the connected data sources and storing the information in the connector space as connector space objects or CSEntry objects. The CSEntry objects are then mapped to entries in the

metaverse In science fiction, the "metaverse" is a hypothetical iteration of the Internet as a single, universal, and immersive virtual world that is facilitated by the use of virtual reality (VR) and augmented reality (AR) headsets. In colloquial usage, ...

called metaverse objects or MVEntry objects. This architecture allows data from dissimilar connected data sources to be mapped to the same MVEntry object. All back-end data is stored in Microsoft SQL Server. For example, through the metaverse an organization's e-mail system can be linked to its human resources database to the organization's PBX system to any other data repository containing relevant user information. Each employee's attributes from the e-mail system and the human resources database are imported into the connector space through respective management agents. The e-mail system can then link to individual attributes from the employee entry, such as the employee telephone number. If an employee's telephone number changes, the new telephone number will automatically be propagated to the e-mail system. One of the goals of the identity management is to establish and support authoritative source of information for every known attribute and to preserve data integrity according to predetermined business rules. On IdM market of products MIIS stands out by implementing state-based architecture. The majority of competitors are offering transaction-based products. Due to this approach MIIS requires no software/drivers/agents/shims being installed on the target system.

Extensibility

The product is extensible through the use of the

.NET Framework The .NET Framework (pronounced as "''dot net"'') is a proprietary software framework developed by Microsoft that runs primarily on Microsoft Windows. It was the predominant implementation of the Common Language Infrastructure (CLI) until bein ...

, which allows developers and network administrators to extend out-of-the-box capabilities and perform complex tasks.

Versions

* Zoomit Via (pre 1999) * Microsoft Metadirectory Server MS(1999–2003) * Microsoft Identity Integration Server 2003 Enterprise Edition IIS(Retired) * Microsoft Identity Integration Server 2003 Feature Pack

IFP IFP may refer to: Film * Ian Fleming Publications, a film production company formerly known as both Glidrose Productions Limited and Glidrose Publications Limited * Independent Filmmaker Project, a series of membership-based, not-for-profit organi ...

(Retired) * Microsoft Identity Lifecycle Manager Server 2007 ILM (Retired) *

Microsoft Forefront Microsoft Forefront is a discontinued family of line-of-business security software by Microsoft Corporation. Microsoft Forefront products are designed to help protect computer networks, network servers (such as Microsoft Exchange Server and Mic ...

Identity Manager 2010

FIM FIM may refer to: Organizations and companies * Fédération Internationale de Motocyclisme, the International Motorcycling Federation * Flint Institute of Music, in Michigan, United States * Fox Interactive Media, now News Corp. Digital Media * ...

(Retired) * Microsoft Identity Manager 2016 IM(Current)

History

MIIS has its origins in two Canadian companies' products, Linkage Software's metadirectory product LinkAge Directory Exchange (LDE) which Microsoft acquired on June 30, 1997 and Zoomit Corporation's metadirectory product, Via, which Microsoft acquired on July 7, 1999. LDE was strongly email system oriented but traces of it and its field mapping technology remain through MIIS 2003. After acquiring Zoomit Via Microsoft renamed it to MMS (Microsoft Metadirectory Services) and offered this product for free; however they will strongly encourage customers to hire Microsoft Consulting Services to install and configure product. Microsoft Identity Integration Server 2003 was completely re-written from ground up. No original Zoomit Via code was moved into MIIS. However Microsoft preserved methodology and original idea of the Via product. MIIS 2003 no longer uses ZScript (proprietary scripting language of Zoomit Via), instead it offered

support. With this upgrade Microsoft did not offer a migration path from MMS to MIIS due to the significant differences in the products. Currently Service Pack 2 is available for MIIS 2003. IIFP is a slimmed-down version of MIIS that is limited to synchronization between AD, ADAM, and exchange datastores. In fall 2007 MIIS 2003 was incorporated into a new offering called Identity Lifecycle Manager (ILM) 2007. This product was announced at the RSA Conference in February 2007 and made available to customers in May 2007. Identity Lifecycle Manager 2007 includes not only the original MIIS 2003 product, but also a component called Certificate Lifecycle Manager (CLM) which is used to manage X.509 digital certificate and smart card issuance.

Future developments

Future releases of MIIS/ILM are expected to be

x64 x86-64 (also known as x64, x86_64, AMD64, and Intel 64) is a 64-bit version of the x86 instruction set, first released in 1999. It introduced two new modes of operation, 64-bit mode and compatibility mode, along with a new 4-level paging mod ...

only;

x86 x86 (also known as 80x86 or the 8086 family) is a family of complex instruction set computer (CISC) instruction set architectures initially developed by Intel based on the Intel 8086 microprocessor and its 8088 variant. The 8086 was introd ...

support expected to be dropped, following suite of Exchange Server Public Release Candidate (RC) version for Identity Lifecycle Manager '2' is available now (December 2008) The

Microsoft SQL Server Microsoft SQL Server is a relational database management system developed by Microsoft. As a database server, it is a software product with the primary function of storing and retrieving data as requested by other software applications—which ma ...

2008 is a new back-end dependency of ILM '2'

Supported data sources

MIIS 2003, Enterprise Edition, includes support for a wide variety of identity repositories including the following. Network operating systems and directory services : Microsoft

Windows NT Windows NT is a proprietary graphical operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems sc ...

Active Directory Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was used only for centralize ...

Active Directory Application Mode Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was used only for centralize ...

, IBM Directory Server, Novell eDirectory ,

Resource Access Control Facility Introduction RACF, ronounced Rack-Effshort for Resource Access Control Facility, is an IBM software product. It is a security system that provides access control and auditing functionality for the z/OS and z/VM operating systems. RACF was in ...

(RACF), SunONE/

iPlanet iPlanet was a product brand that was used jointly by Sun Microsystems and Netscape Communications Corporation when delivering software and services as part of a non-exclusive cross marketing deal that was also known as "A Sun, Netscape Alliance" ...

Directory,

X.500 X.500 is a series of computer networking standards covering electronic directory services. The X.500 series was developed by the ITU-T, Telecommunication Standardization Sector of the International Telecommunication Union (ITU-T). ITU-T was former ...

systems and other network directory products E-mail : Lotus Notes and IBM Lotus Domino, Microsoft Exchange 5.5, 2000, 2003, 2007, 2010, & 2013. Application : PeopleSoft, SAP AG products, ERP1, telephone switches PBX, XML- and

Directory Service Markup Language Directory Services Markup Language (DSML) is a representation of directory service information in an XML syntax. The DSML version 1 effort was announced on July 12, 1999 by creator Bowstreet (subsequently acquired by IBM in 2005). Initiative su ...

DSML-based systems Database :

, Oracle RDBMS,

IBM Informix IBM Informix is a product family within IBM's Information Management division that is centered on several relational database management system (RDBMS) offerings. The Informix products were originally developed by Informix Corporation, whose I ...

dBase dBase (also stylized dBASE) was one of the first database management systems for microcomputers and the most successful in its day. The dBase system includes the core database engine, a query system, a forms engine, and a programming language ...

IBM Db2 Db2 is a family of data management products, including database servers, developed by IBM. It initially supported the relational model, but was extended to support object–relational features and non-relational structures like JSON a ...

File-based : DSMLv2,

LDIF The LDAP Data Interchange Format (LDIF) is a standard plain text data interchange format for representing Lightweight Directory Access Protocol (LDAP) directory content and update requests. LDIF conveys directory content as a set of records, on ...

Comma-separated values A comma-separated values (CSV) file is a delimited text file that uses a comma to separate values. Each line of the file is a data record. Each record consists of one or more fields, separated by commas. The use of the comma as a field separat ...

CSV, delimited, fixed width, attribute value pairs Other: MIIS provides developers with well defined framework to create additional management agents (in any

languages currently available on the market) that are not available out-of-the box. Microsoft itself as well as third party vendors provide a wide array of additional management agents, such as

OpenLDAP OpenLDAP is a free, open-source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. It is released under its own BSD-style license called the OpenLDAP Public License. LDAP is a platform-independe ...

, IBM UniData, PeopleSoft,

Windows Live ID A Microsoft account or MSA (previously known as Microsoft Passport, .NET Passport, and Windows Live ID) is a single sign-on Microsoft user account for Microsoft customers to log in to Microsoft services (like Outlook.com), devices running on on ...

/ Hotmail,

MySQL MySQL () is an open-source relational database management system (RDBMS). Its name is a combination of "My", the name of co-founder Michael Widenius's daughter My, and "SQL", the acronym for Structured Query Language. A relational database o ...

etc.

Limitations

While MIIS appears to support DSML, there is currently no out-of-the-box support for

SPML Service Provisioning Markup Language (SPML) is an XML-based framework, being developed by OASIS, for exchanging user, resource and service provisioning information between cooperating organizations. The Service Provisioning Markup language is the ...

version 1 or version 2.0. Standardization in the service provisioning space would benefit consumers and assist in avoiding costly lock-in to proprietary systems.

References

{{reflist, 2

External links

OpenLDAP Management Agent

Troubleshooting LDAP SSL connection issues between Microsoft ILM/MIIS & Novell eDirectory 8.7.3
Identity management systems Internet Protocol based network software Identity Integration Server