Virtual Identity Server (VIS)

.NET LDAP Virtual Directory


Most companies have multiple directory services deployed in their environments, such as multiple AD forests and domains. While this is a sound operational practice, this results in user identity information being scattered across separate directory repositories. This poses a significant challenge when attempting to deploy enterprise applications to the users existing in these directories.

The Virtual Identity Server solves this by providing a single joined view of data from these separate directories. Applications connect to the VIS exactly as they do any normal LDAP directory. In fact, VIS looks and behaves just like a standard Active Directory or ADAM server to the LDAP enabled client application. The key benefit is multiple directories can be joined in real-time without the need to duplicate LDAP objects.

The Virtual Identity Server can also join and merge data coming from other LDAP directories (such as eDirectory, Sun) as well as from SQL databases (such as Microsoft SQL Server, Oracle). To the calling application the interface is one LDAP directory (VIS), but in reality data is being joined and merged in real-time from multiple disparate data stores.

virtual identity server architecture

Built on Microsoft technology for Microsoft technology

The Virtual Identity Server (VIS) was written from the ground up to tightly integrate with and leverage the existing investment that was made in Active Directory and the Microsoft infrastructure. VIS was written entirely in Microsoft .NET managed code and seamlessly integrates and extends the functionality of Active Directory, providing the necessary virtual directory/proxy and LDAP firewall needs for corporations.

Listeners/Protocols/Interfaces Supported

  • LDAP V3 (SSL and non-SSL) – Basic Authentication, NTLM & now Kerberos Support!
  • RESTful Interface
  • PowerShell Interface
  • Extensible Interface with Powerful full-featured API’s

The Virtual Identity Server is the only virtual directory product that is certified on Windows Server 2008/R2 and Windows Server 2012/R2.


VIS at a Glance

  • VIS is a Microsoft centric virtual directory and is the only virtual directory developed entirely in .NET managed code to enhances the functionality of Active Directory/ADAM and ILM.
  • VIS provides a merged view of multiple data stores in real-time, such as LDAP directories and databases.
  • The Virtual Schema Manager™ eliminates the need to extend the Active Directory Schema for applications. Custom third party schema and the data is stored at the virtual layer.
  • The Virtual Group Manager™ allows group membership to span multiple domains/forests, without the need for forest trusts. Groups can even have dynamic membership that changes automatically based on user attributes such as tile or location.
  • Built-in auditing and complicance capabilities track and store all LDAP activity (binds, search, deletes, modifies) to a SQL Server database.
  • VIS scales horizontally or vertically to meet the needs of enterprise deployments. Built-in connection pooling, and full support for failover and load balancers.
  • VIS requires no external data store.*
  • The use of the optional features Virtual Group Manager and the Virtual Schema Manager requires the use of an ADAM LDAP instance.