In this client presentation the author would like to share his experience approaching an Identity Management initiative in the public sector. The Presentation explains why among all other IAM components at UNDP, the virtual directory was the one of the first to adopt. Virtual directories help to "prepare" infrastructure for implementation of more complex components such as User Provisioning and Federated Access where formalization of all processes is the key factor to success. Virtual Directories can be plugged into the infrastructure seamlessly helping to overcome issues with different data formats and schema deviation. They are very useful for upgrade and migration processes as well as for data format unification.
Implemented at UNDP in 2006, virtual directories serve as a glue for several data stores, propagating fractional account information to LDAP and non-LDAP stores and perform a highly available load-balancing front-end for accessing UNDP's Identity stores.
The presentation contains a practical overview of the design, planning and deployment phases, outlines challenges and their possible resolutions.