This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Microsoft Identity Management Product Line
Microsoft Identity Management Product Line

Version management

Difference between version and

At line 1 added 29 lines
!!! Overview [1]
Single Sign-On (SSO) and Access Control is represented by two pieces of technology: for Federation Services,
![ADFS]
Active Directory Federation Services 2.0 (ADFS2) provides standard SAML 2.0 compliance and WS* Federation compliance.
ADFS 2.0 provides the Security Token Service (STS) that can provide different claims formats, including SAML 2.0 and WS Federation.
ADFS 2.0 by itself allows for Federation against a single domain or single Active Directory forest without trusts built to multiple domains or forests.
! [VIS]
Additionally, complex claims augmentations can be supported by [Virtual Identity Server by Optimal IDM|VIS]. This allows for an easier management of claims without complex scripting to support claims augmentation.
![UAG]
Unified Access Gateway (UAG) allows for the organization to provide SSO to external users for web-based applications hosted by the client. UAG brings other services, but for the purpose of this discussion we will limit it to the SSO capabilities.
[UAG] incorporates remote access technologies such as reverse proxy, virtual private network (VPN), DirectAccess and Remote Desktop Services. UAG was released in 2010, and is the successor for Microsoft Intelligent Application Gateway (IAG) which was released in 2007.
![FIM]
Identity Management is provided by FIM 2010, which includes User Management across disparate systems. In the illustration, two Active Directory Forests — without trusts established — can be managed. FIM 2010 provides an interface for User Management, externally and internally, if necessary. Finally, Access Request can be managed via the FIM Portal. These Access Requests can be for any data system supported by FIM directly or indirectly.
!! [Microsoft IDM Products History]
Some [Microsoft IDM Products History].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [http://www.fishnetsecurity.com/6labs/blog/microsoft-architecture-identity-access-management-iam-part-1-overview] - retrieved 2013-04-15
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop