To that point I'd like to talk about the seldom discussed Virtual Directory Server. I've always loved VDS and it's MaXware predecessor, MVD. There's just so much this product can do. While most of the SAP world is familiar with the Virtual Directory as a Web Services proxy for GRC or use with HCM, it is so powerful and flexible that it can do everything from provisioning to authorization and authentication management, to representing data sources in all kinds of different ways.
That's one of the things I'd like to talk about today. Ask most Directory Services administrators about a recommended architecture and they will tell you straight out, "flat, as flat as possible." However there are a number of reasons that this tends not to happen.
So how do we deal with this. Simple, via the Virtual Directory Server. Set up the flat structures that the administrators want, then use VDS to represent the directory with different views, deep organized by geography department, types of equipment, whatever. Present the displayname and other attributes as the different divisions request. Create separate customer facing views of your Identity Data. Also don't be limited by only using Directory Services information for your Virtual View of data, use the Identity Store, UME and other sources separately or joined together to create your new interface. Information on this can be found here. The advantage here is that you can create a virtually (if you'll pardon the pun) unlimited number of data representations. Now go forth and create Virtual Directories make your Identity Management group, the "Can do!" group that provides everyone the flexibility that your external customers need while providing the optimal efficiency that the back office wants to deliver.
No comments:
Post a Comment