Search
Menu
Try Optimal IDM

SEARCH IN A FEDERATED SHAREPOINT DEPLOYMENT

The Optimal People Picker is a vendor supported federated claims provider that re-enables search capabilities for users and groups in SharePoint within on-premise directories.

Register for a Free Trial Today!

Interested in the features and benefits of Optimal IdM? Request a demo!

Request Demo

Vendor Supported Federated Claims Provider

When deploying SharePoint with Federated Claims Authentication, the out of the box “People Picker” no longer searches your directory. Instead, it simply resolves whatever you type and accepts this as a claim value. This functionality is “as designed” by Microsoft, where SharePoint no longer has a physical connection to your Active Directory. While this makes sense when federating with external organizations where you wouldn’t search their directories for users and groups, SharePoint People Picker doesn’t allow users to search the on-premise directory. PeoplePickerSmall This is an especially frustrating problem for the many organizations that deploy SharePoint with Federated Claims Authentication with no intention of ever federating with external organizations. The Optimal People Picker/Claims Provider is a vendor-supported claims provider that re-enables SharePoint’s advanced claims search capabilities. This allows end users to confidently search for and select users and groups from their on-premise directory. Optimal People Picker/Claims Provider leverages Optimal IdM’s Virtual Identity Server (VIS). In doing so, it not only supports multiple AD forests, but it also allows users to exist in any directory or database. Finding and selecting the right object using the out-of-the-box SharePoint People Picker can be difficult, confusing and time-consuming. This increases costs and end-user frustration. To make matters worse, security can be compromised if the wrong user or group is selected with the People Picker.

Request a Free Trial Today Get Started
Testimonial

“We cannot be more pleased with our overall experience with Optimal IdM. They truly go above and beyond to make sure that all of our needs are met from sales, implementation, professional services, billing, to support. I wish more vendors were as customer oriented as Optimal IdM.”

- Identity & Access Management Manager,
Read More

Features of The Optimal People Picker

The Optimal People Picker/Claims Provider is a vendor-supported claims provider that provides advanced claims search functionality in SharePoint.


Advanced Filtering

Identity Anywhere

Search Capabilities

Awards

Benefits

Reduced IT Costs

Greater search functionality improves productivity, which increases the value of your existing Microsoft environment. To help you keep costs down, VIS:

– Leverages the existing investment in Microsoft technology, extending it with increased functionality.is developed in .NET technology and is designed to seamless integrate with your Microsoft environment.

– Is developed in .NET technology and is designed to seamless integrate with your Microsoft environment.

– Is a platform that continues to grow with an organization’s needs.

– Has proven solutions for Microsoft applications such as SharePoint and MIIS/ILM.

Eliminate Deployment Barriers

Optimal SharePoint People Picker is equipped with additional security features that:

– Provide administrators the capability to provide increased security to a SharePoint deployment.

– Ensure that the correct user/group is assigned permissions in SharePoint.

- When deployed as an advanced claims search for SharePoint, Virtual Identity Server can eliminate deployment barriers.

Increased Security and Control

VIS allows organizations to rapidly and easily deploy applications to users existing in multiple Active Directory forests or directories.

– The VIS Schema Manager™ eliminates the need to extend the Active Directory schema for third party LDAP applications.

– VIS allows you to rapidly deploy applications to users existing in multiple Active Directory Forests without any forest trusts.

– VIS simplifies your identity management deployment by accessing data at its source directly.

– VIS provides multiple views of data, allowing for easy discreet application views of enterprise data.

Key Features & Awards

Optimal People Picker for SharePoint is a full-featured application designed to provide safe and effective advanced claims searching. It:

  • Re-enables the search capability of the SharePoint People Picker when deployed in Federated Claims mode
  • Stops SharePoint from resolving/accepting whatever is typed into the People Picker
  • Allows users and groups to exist in any directory or database.
  • Provides full support for wildcard searches
  • Filters results based on a role/group, so one set of users cannot view or select another set of users/groups
  • Can be configured so the default ADFS 2.0 claims provider can remain or be hidden

The Optimal People Picker allows you to do all of these and much more.

2129_BOTE_2014_Winner

Seamless Cross-Forest Windows Authentication Module Without Trusts

The Virtual Identity Server (VIS) allows organizations to rapidly and easily to deploy SharePoint across multiple forests without the need for forest trusts with full Office integration. Many companies have multiple internal Active Directory forests that do not have any forest trust relationships. There are many valid reasons for separating and isolating these forests. However, this often conflicts with the business need to share and collaborate data across these forests. The Virtual Identity Server makes this once difficult task, easy to achieve. VIS bridges the gap of these siloed directories. This provides a single enterprise view of these isolated directories, while maintaining the security and control of the existing Active Directory infrastructure. [wpex more= “Read more” less= “Read less”] Active Directory infrastructure VIS for SharePoint includes an advanced cross-forest Windows authentication module. This module leverages a user’s existing Active Directory credentials, providing a seamless multi-forest Single Sign-On solution without requiring forest trusts. User’s who are logged into an Active Directory domain are automatically authenticated to SharePoint when accessing the site. Users who have not authenticated to an Active Directory domain are prompted for a user id and password. This enables organizations to quickly and easily deploy one instance of SharePoint to external and internal users without creating a forest trust or requiring internal users to re-authenticate and full Office integration. vis-authentication-modules-2x [/wpex]

Search Capabilities of The People Picker

Resolves Whatever You Type & Accepts This as a Claim Value

When deploying SharePoint with Federated Claims Authentication, the out of the box “People Picker” no longer searches your directory. This functionality is “as designed” by Microsoft, where SharePoint no longer has a physical connection to your Active Directory. While this makes sense when federating with external organizations where you wouldn’t search their directories for users and groups, it doesn’t allow users to search the on-premise directory. In fact, many organizations deploy SharePoint with federated claims authentication with no intention of ever federating with external organizations. The Optimal People Picker/Claims Provider is a vendor supported Claims Provider that re-enables the search capability for SharePoint. This allows end users to confidently search for and select users and groups from their on-premise directory. The claims provider leverages the Virtual Identity Server, so the claims provider not only supports multiple AD forests; users can exist in any directory or database.

Resources

White Paper: Top 10 Reasons for the Virtual Identity Server

Read More
Data Sheets

Read More
Videos

Read More

Frequently Asked Questions

Does VIS support Kerberos and/or NTLM/Negotiate authentications?

Yes, VIS supports Kerberos, NTLM and Negotiate as authentication options on both the listing side as well as the back-end connection sides.

Can I get a demo/evaluation version of VIS?

Yes. Please fill out a demo form with your contact information.

What data stores can the Virtual Identity Server connect to?

The Virtual Identity Server supports a number of data stores directly with out of the box adapters. Additionally, a customer or integrator can create adapters utilizing our built-in extensibility.

Is your product FIPS compliant?

Yes. Our software is running in both non-secure and secure government networks. [wpex more= “Read more” less= “Read less”]

Does VIS support caching?

Yes. There are multiple caching options with VIS. Caching can be configured on an object class by object class basis, with a time to live and cache size as well. Most organizations in most situations, however, do not need to use caching.

Do you SharePoint integration?

We support WSS 3.0, SharePoint 2007, 2010 & 2013.

Do you support server virtualization like HyperV or VMWARE?

Yes.

Does VIS come as a 64-bit application?

Yes. VIS is now only offered in a 64-bit version of the product.

Is VIS supported on Windows 2012?

Yes. The Virtual Identity Server is certified on both Windows Server 2012 and Windows Server 2012 R2.

Is VIS supported on Windows 2008?

Yes. The Virtual Identity Server is certified on both Windows Server 2008 and Windows Server 2008 R2.

Is VIS supported on Windows 2003?

Yes. The Virtual Identity Server is certified on both Windows Server 2003.

What additional software requirements does VIS have?

VIS was written in Microsoft’s .NET programming language and utilizes the .NET 4.5 Framework.

What encryption algorithms does your product support?

VIS can encrypt this information with any of the following algorithms Triple-DES (3DES), AES, RIJNDAEL and BLOWFISH

Does your product store any un-encrypted user id information or passwords?

Individual entries, such as bind accounts and passwords or even the entire XML file can be optionally encrypted using the GUI.

Is there a GUI to maintain the XML file?

Yes. There is a Windows GUI that provides an easy interface to edit the XML file. You can also edit the XML file manually if you prefer.

Can this XML file be shared across multiple VIS servers?

Yes. Multiple VIS server instances can all share the same XML file.

How does VIS store configuration information?

The product configuration is stored in one XML file, making the product extremely easy to configure and migrate.

What TCP/IP port does VIS run/listen on?

VIS can be configured to run on any port you choose provided another application is not using that port. You can choose the standard LDAP port of 389 or 636 (SSL).

Can VIS be load balanced?

Yes. VIS can be placed behind a load balancer (either software or hardware), allowing for a fail-over and load balancing configuration for the applications that connect to VIS. In addition, the connections that VIS makes to connected directories can be load balanced as well.

What types of listeners does VIS support?

VIS can listen via LDAP v3, REST Web Service, PowerShell out of the box, but can be extended to listen via any protocol/method desired using the API’s.  With 3rd party ODBC/ADO.NET Drivers, SQL calls can also be made.

How long does it take to install and configure VIS?

VIS installs in minutes, using a standard MSI/setup.exe. After installing the binary files, a wizard guides you through the configuration of the product. While the Virtual Identity Server has the most comprehensive features of any virtual directory product on the market, a key differentiator is how easy the product is to install and configure. [/wpex]


Can’t wait? Get Optimal IdM IAM Services Now

Contact Us Start Your Free Trial View Pricing

Get Started Today

By clicking Submit, you consent for us to use your personal data for sales and marketing efforts. If this is unacceptable, please contact us via telephone.

  • Connect With US
Copyright © 2024. All Rights Reserved