You have users in different SQL databases, in Active Directory, in LDAP. You have dozens of existing applications that use each of these as their definitive source for users and their access entitlements. Your user population is stored in multiple different data silos, each with their own schema, set of attributes, and protocols. Centralized management of users is brittle, with one-off connectors to end systems at risk with every patch. Adding access to a new user population (for instance with a new corporate acquisition) means a complex and expensive deployment.
Directory Virtualization can help. Acting as an abstraction layer, a virtual directory can interface between dozens of backend systems – LDAPs, Active Directories, SQL-based repositories – aggregating and mapping these data structures into a common namespace and object representation. The solution is ideal for merging disparate AD domains, eliminating security challenges that a blind “trust” can’t. Directory virtualization can join user profiles and attributes from multiple sources, creating a complete user profile – useful for enabling global entitlement and authorization policies.
Stack Solutions can help you determine if Directory Virtualization makes sense for your identity strategy -- and how best to introduce it to your environment if it does.