Just spent the morning looking at Jackson Shaw’s IdM and AD blog. Jackson once worked at Zoomit, the company that created the original MIIS, before being bought out by Microsoft. He’s now at Quest, who seem to doing some interesting things with IdM, including tools which integrate with MIIS. Perhaps I’ll get to have some hands-on experience with their suite one day.
I particularly enjoyed reading his Tenets of Identity Management article. It’s probably of greatest relevance to people in the product selection phase of an IdM project, but even if you’re already underway with MIIS it’s worth being reminded about the advantages of consolidating your directories and simplifying your solution. His other excellent point is about monitoring of the system. This is so important that I should probably pinch it for my Reducing Fear and Loathing of IdM article, though instead I may just put together a new post about the specific monitoring I’ve implemented in the past.
I also couldn’t help agreeing with Jackson that MIIS is way too complicated. It was a great shock to me, when I first started out, to realise that I had to learn .NET to do something as simple, and Microsoft-based, as creating a user account in AD (see What do you mean I have to WRITE CODE???). But whatever toolsets and out-of-the-box functionalities are added in the future, I can’t help but hope that those in the know will still be able to dive under the bonnet and make all sorts of other interesting things happen. Because once you’ve got the hang of it, it really is good fun!