Directory Services

Directory services are repositories for storing and managing accounts, identity information and security credentials. Although often they will be traditional LDAP directories, they may also be databases, or even files. Directory services within the greater context of identity and access management may comprise some or all of the following:

• A repository for security credentials used for authentication (username, password, certificates etc).
• A source of authorization data (group membership, role information etc).
• A source of descriptive data used by other services (email addresses, telephone number, home address etc).
• Part of a greater “identity data layer” joined together by data synchronization tools (commonly called a metadirectory or identity synchronization server) that automatically synchronizes attributes between objects in various applications.
• A Network Operating System directory such as AD, responsible primarily for providing network access, file and print services.
• An “enterprise directory” providing centralized identity data services, usually in the form of an LDAP directory, to various applications including access control mechanisms and internal “white pages” staff directories.

"The savings are expected to be considerable. Until the MIIS Service was implemented GAL updates were done on an ad-hoc manual basis. This was labour intensive and prone to errors. In addition the frequency of these updates actually being completed was considerable resulting in an out of date and incomplete GAL."

OCG provide directory services based on Windows Server Active Directory. Active Directory is already used by companies around the world to gain unified management of identities and resources across the enterprise network. It enables organizations to centrally manage and track information about users and their privileges. In addition, Active Directory Lightweight Directory Services (ADLDS), an LDAP directory service, provides organizations with flexible support for directory-enabled applications. Integration with Microsoft Federated Identity, Strong Authentication, Information Protection and Identity Lifecycle Management solutions, makes Active Directory an ideal foundation for building a comprehensive identity and access solution.

As well as providing authentication solutions that leverage AD and ADLDS (ADAM), OCG have solution components that enhance our IDA solutions and platforms. They include White Pages for search and presentation, self-service solutions, authorization solutions by maintaining data and structure and data synchronization solutions.

• Lower costs of managing Windows networks.
• Simplify identity management by providing a single view of all user information.
• Boost security with the ability to enable multiple types of security mechanisms within a single network.
• Improve compliance by using Active Directory as a primary source for audit data.