Identity Data Anywhere
Virtual Identity Server (VIS) is a
.NET LDAP Virtual Directory
that provides a single, real-time view of identity data from any data store.
.NET LDAP Virtual Directory
Most companies have multiple directory services deployed in their environments, such as multiple AD forests and domains. While this is a sound operational practice, it results in user identity information being scattered across separate directory repositories. This poses a significant challenge when attempting to deploy enterprise applications to the users existing in these directories.
VIS is an LDAP virtual directory server that solves this by providing a single joined view of data from these separate directories. Applications connect to the VIS exactly as they do any normal LDAP directory. In fact, to the LDAP-enabled client application, VIS looks and behaves just like a standard Active Directory or ADAM server. The key benefit is that it allows multiple directories to be joined in real-time, without the need to duplicate LDAP objects.
Virtual Identity Server can also join and merge data coming from other LDAP directories (such as eDirectory, Sun), as well as from SQL databases (such as Microsoft SQL Server, Oracle). To the calling application, the interface functions as one LDAP directory (VIS). In reality, data is being joined and merged in real-time from multiple disparate data stores.
Built on Microsoft technology for Microsoft technology
Virtual Identity Server (VIS) was written from the ground up to tightly integrate with Active Directory and leverage the existing investment that was made in the Microsoft infrastructure. VIS was written entirely in Microsoft .NET managed code and seamlessly integrates and extends the functionality of Active Directory, providing the necessary virtual directory/proxy and LDAP firewall needs for corporations.
- LDAP V3 (SSL and non-SSL) – Basic Authentication, NTLM & now Kerberos Support!
- RESTful Interface
- PowerShell Interface
- Extensible Interface with Powerful full-featured API’s
Reduced IT Costs
VIS’ virtual directory services increase the value of your existing Microsoft environment. VIS:
- leverages the existing investment in Microsoft technology, extending it with increased functionality.
- is a true LDAP virtual directory server, developed in .NET technology. It’s designed to seamlessly integrate with your Microsoft environment.
- is a scalable virtual directory platform that continues to grow with an organization’s needs.
- is a proven solution for Microsoft applications such as SharePoint and MIIS/ILM
Eliminate Deployment Barriers
The Virtual Identity Server provides an enhanced application environment. VIS allows organizations to rapidly and easily deploy applications to users existing in multiple Active Directory forests or directories
- The VIS Schema Manager™ eliminates the need to extend the Active Directory schema for third party LDAP applications.
- VIS allows you to rapidly deploy applications to users existing in multiple Active Directory Forests without any forest trusts.
- VIS simplifies your identity management deployment by accessing data at its source directly.
- VIS provides multiple views of data, allowing for easy discreet application views of enterprise data.
Meet Audit and Compliance Initiatives
Using a virtual directory server gives you unparalleled transparency for auditing, compliance and security purposes. VIS can help you answer questions such as:
- Who has logged in and when?
- What changes were made to data and when?
- Who was added to the Administrators group today?
- What changes did “Bob” make?
Increased Security and Control
The Virtual Identity Server (VIS) utilizes adapters to connect to and integrate with LDAP directories, databases and other data stores. These adapters handle connecting to and communicating with the given data repository.
Now, utilizing the Virtual Identity Server your LDAP enabled applications have access to data that resides anywhere within your enterprise, regardless of the data format (i.e. SQL/LDAP). The Virtual Identity Server handles all of the data transformation from one data storage type to another. This is performed on-the-fly and in real-time. When the application queries the Virtual Identity Server, that query is translated and then proxied to the appropriate downstream data store.Read more
Active Directory (AD)
Active Directory is the most widely used directory service in use today. Active Directory is a core component of the Windows Server 2003, Windows Server 2008 and Windows Server 2012 operating systems. Active Directory serves as the foundation for not only Microsoft’s Identity and Access solutions, but also for application servers such as SharePoint.
Active Directory has proven to be the world’s fastest and most scalable directory server in existence today. Many customers utilize Active Directory as their user repository and have easily scaled the solution to multi-million user repositories. Testing by independent sources has shown that Active Directory scales linearly to meet the increased demands of a customer.
Likewise, the Virtual Identity Server (VIS) was written from the ground up to tightly integrate with and leverage the existing investment that was made in Active Directory and the Microsoft infrastructure. VIS was written entirely in Microsoft .NET managed code and seamlessly integrates and extends the functionality of Active Directory, providing the necessary virtual directory/proxy and LDAP firewall needs for corporations.
As a key differentiator of other virtual directory products, VIS does not contain a built-in LDAP server and instead leverages the powerful and scalable Active Directory or ADAM/AD LDS LDAP directories as its data repository. This insures that at the core, companies are relying on the fastest, most scalable and widely used LDAP directory in the world as the backbone for the virtual directory deployment.
The Virtual Identity Server is the only virtual directory product that is certified on all of the following: Windows Server 2003, Windows Server 2008, Windows Server 2012.
Active Directory Application Mode (ADAM)
Active Directory Application Mode is a standalone LDAP directory based on Microsoft’s Active Directory. The key difference between AD and ADAM is that the ADAM server has all of the network operating system code removed. In essesnce, it is the core LDAP features of Active Directory and can be considered a lightweight version of Active Directory. (see AD LDS below).
Many organizations utilize ADAM as a standalone application directory. ADAM was formerly a standalone download and then later included as a core component of Windows 2003 R2 Server and can be installed using add/remove programs/Windows components.
Active Directory Lightweight Directory Services (AD LDS)
Active Directory Lightweight Directory Services (AD LDS) is the next generation of ADAM. AD LDS is a core component of Windows Server 2008 and can be installed by adding the AD LDS Role to a Windows Server.
Novell eDirectory (formerly called NetWare Directory Services – NDS) is an LDAP directory server that is a part of the operating system developed by Novell.
The eDirectory adapter allows organizations that are migrating from eDirectory to Active Directory with a rapid means of accessing users, groups and data as they perform the often time consuming process of migration.
Sun One Directory Server (iPlanet)
Sun One Directory Server is the directory server sold by Sun Microsystems that was originally developed by Netscape. Under a joint partnership both Sun and AOL (which purchased Netscape) retained rights to the software.
Oracle Internet Directory (OID)
Oracle Internet Directory is the directory server sold by Oracle.
IBM Directory Server is the directory server sold by IBM.
Lotus Domino Directory
Lotus Domino Directory is the directory server sold by Lotus.
RedHat Directory is the directory server sold by RedHat.
OpenLDAP is a free, open source implementation of an LDAP Server. It was developed by the OpenLDAP Project.
OpenDS is a free, open source implementation of an LDAP Server. It was developed by the OpenDS.
Generic LDAP V3 Server
The Generic LDAP V3 server adapter can be used for any V3 LDAP server not specifically listed as an adapter.
Directory Service Markup Language (DSML)
Directory Service Markup Language (DSML) is a standards-based XML representation of directory access operations that are transmitted via Simple Object Access Protocol (SOAP). Many applications support DSML as a means for providing data access over the Internet.
Microsoft SQL Server Database
The Microsoft SQL Server adapter provides the ability for LDAP applications to query and update data in a SQL database via LDAP calls. The Virtual Identity Server translates the LDAP queries into SQL queries and likewise LDAP updates into SQL Updates. Additionally, objects (i.e. users) existing in an LDAP directory such as Active Directory can be joined in real-time to objects in SQL. This allows LDAP applications to leverage data existing in SQL directly.
The Oracle database adapter provides the ability for LDAP applications to query and update data in an Oracle database via LDAP calls. The Virtual Identity Server translates the LDAP queries into SQL queries and likewise LDAP updates into SQL Updates. Additionally, objects (i.e. users) existing in an LDAP directory such as Active Directory can be joined in real-time to objects in Oracle. This allows LDAP applications to leverage data existing in Oracle directly.
Windows Azure Active Directory
The Windows Azure Active Directory adapter provides the ability for LDAP applications to query and update data in the Microsoft cloud directory including Office 365.
The Google Cloud adapter provides the ability for organizations to manage their users in the Google Cloud (Google Apps) as well as leverage that data in realtime LDAP applications.
Does VIS support Kerberos and/or NTLM/Negotiate authentications?
Yes, VIS supports Kerberos, NTLM and Negotiate as authentication options on both the listing side as well as the back-end connection sides.
Can I get a demo/evaluation version of VIS?
Yes. Please fill out a demo form with your contact information.
What data stores can the Virtual Identity Server connect to?
The Virtual Identity Server supports a number of data stores directly with out of the box adapters. Additionally, a customer or integrator can create adapters utilizing our built-in extensibility.
Is your product FIPS compliant?
Yes. Our software is running in both non-secure and secure government networks.