Microsoft's forthcoming Windows Server Longhorn operating system is scheduled to fold several identity services into Active Directory
Active Directory currently allows network administrators to set policies for groups of users and centrally deploy new applications to many computers.
"In [Longhorn], you'll see that domonain controller role that customers historically thought about with active directory, become just one of the roles, " Mike Atalla, a group product manager for Microsoft's identity and access product group, told vnunet.com in an interview at the RSA Conference in San Francisco.
Longhorn Server is slated for availability by the end of this year. The software will add identity, certificate and rights management services as well as federation management services to Active Directory.
Identity and certificate services allow administrators to manage user accounts and their digital certificates that allow them to access certain services and systems. Rights management services let users set limitations on information that they create, for instance to prevent an email from being forwarded beyond the original recipient. Federation management services enable companies to share credentials with partners and customers, allowing a consultant to use his company username and password to log in on a client's network.
Although these services are available in Windows Server 2003, they currently exist as stand alone services and don't work together.
Companies for instance have to set up a separate user accounts if an outside consultants needs to be able to receive messages that are governed by rights management services. Bundling the services under Active Directory allows users to combine federated identity and digital management services, as well as any of the other Active Directory services.
The Longhorn enhancements are driven by Microsoft's vision for an identity meta system, which is designed to allow services and systems to connect and interoperate regardless of their underlying technologies.
Consumers received the first part of this meta system as the InfoCard digital identity service that ships as part of Windows Vista. Longhorn Server will provide some of the infrastructure components, but Atalla estimated that it would take up to five more years for the vision to be fully implemented.
Microsoft in the next phase will focus on building tools that allow IT staff and developers to more easily manage identities and services, he said. These services for instance will allow IT staff to set boundaries within which users can reset their own passwords or create internal mailing lists without any outside assistence.
"Empowering the IT pro always will be part of the identity management challenges. But empowering the end user to do the right things with the right tools when they need to do them is what a huge focus of our time will be on. It's an important gap that is in the identity management space today," said Atalla.