Last time, I outlined the reasons presented by Calendra Chief Marketing Officer Gregoire Michel for good management applications for directories. While most directory vendors do provide management utilities, services and applications for their own products few deal with management of an enterprise's entire identity management infrastructure.
What is needed, Michel concludes (and I concur) are management tools built from the ground up to manage directories and other identity storage devices without regard for the idiosyncrasies of any particular directory solution. After all, identity information could be in a standard directory information table, an SQL database, a spreadsheet, a text file or even in an e-mail message. The management tools must show no prejudices and treat all data storage facilities as being equal-access entities.
Michel thinks that what is most important to your success in deploying a robust infrastructure for directory and identity management is a strong commitment from end-users. We've seen that hiring a vast army of clerks to maintain the data is not conducive to a shareholder-friendly bottom line, so you need to convince the existing users - the ones who own or control the data - that it's to their benefit to maintain accuracy. But that's not enough.
You also need to offer a versatile, convenient user-interface on top of the directory services. But if that is not convenient or doesn't do the job well then the user isn't going to use the interface and the accuracy of the data will suffer. This seems almost axiomatic, but it's too often overlooked - and not only in the directory services area of technology.
Michel reminds us that the directory is actually distributed on multiple and heterogeneous sources, even when a virtual directory front-end makes it look like one datastore. Any complexity in the identity storage mechanisms has to be transparent to the user and it needs to be separated from the rest of the IT infrastructure.
The third requirement Michel mentioned is that access to the directory needs to be simplified and all technological constraints have to be overridden. That is, the various data storage facilities have to be seamlessly connected. There should be no requirement for the end-user (who we're now relying on to maintain the data) to have to jump through technology hoops to do the job.
Put down in black and white it seems easy, obvious - almost trivial: keep it simple, make it easy to use, hide the plumbing. We shouldn't have to mention it because we should all know to do these things, right? And the French soccer team should have known that it was necessary to score goals in order to win and advance in the tournament. Sometimes you do have to point out the obvious.