"Great product and even better support!"
- IT Director in the Retail Industry,Read More
Virtual Identity Server (VIS) is a Universal Directory that provides a single, real-time view of identity data from any data store. VIS is the fastest, most comprehensive virtual directory available. It’s used to enhance your directory infrastructure, providing key data transformation and virtualization needs.
VIS simplifies identity management deployment by accessing data it sources directly, making it beneficial for a variety of high-security industries.
Interested in the features and benefits of Optimal IdM? Request a demo! Request Demo
Most companies have multiple directory services deployed in their environments, such as multiple AD forests and domains. While this is a sound operational practice, it results in user identity (user id) information being scattered across separate directory repositories. This poses a significant challenge when attempting to deploy enterprise applications to the users existing in these directories. 
VIS is a virtual directory server (VDS) that solves this by providing a single joined view of data from these separate directories. Applications connect to VIS exactly as they do any normal LDAP directory. In fact, to the LDAP-enabled client application, VIS looks and behaves just like a standard Active Directory or ADAM server. The key benefit is that it allows multiple directories to be joined in real-time, without the need to duplicate LDAP objects. Virtual Identity Server can also join and merge data coming from other LDAP directories (such as eDirectory, Sun), as well as from SQL databases (such as Microsoft SQL Server, Oracle). To the calling application, the interface functions as one LDAP directory (VIS). In reality, data is being joined and merged in real-time from multiple disparate data stores.
VIS is the fastest, most comprehensive virtual directory available. It’s used to enhance your directory infrastructure, providing key data transformation and virtualization needs.
VIS’ virtual directory services increase the value of your existing Microsoft environment by:
– Enabling you to leverage the existing investment in Microsoft technology & extend it with increased functionality.
– Seamlessly integrating VIS, a true LDAP virtual directory server (VDS) that is developed in .NET technology, with your Microsoft environment.
– Providing you with a scalable virtual directory product and platform that continues to grow with an organization’s needs.
– Being a proven solution for Microsoft applications such as SharePoint and MIIS/ILM
- Being a Quest Virtual Directory replacement
VIS provides an enhanced application environment that allows organizations to rapidly and easily deploy applications to users existing in multiple Active Directory forests or directories.
– The VIS Schema Manager™ eliminates the need to extend the Active Directory schema for third party LDAP applications.
– VIS allows you to rapidly deploy applications to users existing in multiple Active Directory Forests without any forest trusts.
– VIS simplifies your identity management deployment by accessing data at its source directly.
– VIS provides multiple views of data, allowing for easy discreet application views of enterprise data.
Using a cloud virtual directory server (VDS) gives you unparalleled transparency for comprehensive auditing, compliance and network security purposes.
VIS can help you answer questions such as:
– Who has logged in and when?
– What changes were made to data and when?
– Who was added to the Administrators group today?
– What changes did “Bob” make?
VIS was written from the ground up to tightly integrate with Active Directory and leverage the existing investment that was made in the Microsoft infrastructure. VIS was written entirely in Microsoft .NET managed code and seamlessly integrates and extends the functionality of Active Directory, providing the necessary virtual directory/proxy and LDAP firewall needs for corporations.
The Virtual Identity Server is an extensible solution, allowing an organization to customize the software to meet specific needs.
The Virtual Identity Server provides powerful joining and merging options, allowing you to easily present multiple views or a single enterprise view of data existing across multiple siloed directories in real-time. VIS provides sophisticated data transformation and virtualization with the ease of a point and click configuration.
The LDAP Proxy acts as a barrier between client applications and data stored in your Active Directory. Instead of client applications directly accessing your sensitive data, which can leave it vulnerable to attack, applications connect to the proxy and the proxy accesses the necessary data. LDAP Proxy Firewall creates an added layer of security for your sensitive data while still offering real-time access when and where you need it.
The Virtual Identity Server eliminates the need to extend the Active Directory schema for 3rd party applications. Custom schema and data is stored at the virtual layer and is applied to objects automatically in real-time.
A schema manager is an important feature for an identity provider. With our custom schema manager, there is no need to extend the Active Directory schema for third party applications. Instead, data is applied virtually without affecting the AD environment.
The schema manager offers a streamlined process applied across multiple directories. There is no special coding or other processes required. The goal of the schema manager is to simplify the schema. Although it is a custom schema, the VIS environment allows it to be easily replicated and applied.
A single combined aggregate schema can span multiple AD forests, making it efficient and effective.
Built on the VIS platform, our identity server for Sharepoint combines the functionality of the Visual Directory and Federation programs. It authenticates and authorizes directly into Sharepoint, and it has several applications, including:
Its key features include the ability to access a view of identity data that comes from several data stores in real-time and single sign-on capabilities. Other benefits include:
Overall VIS for Sharepoint can save your company time and money with effective and secure deployment. Use it as part of your multi-forest SharePoint solution that is manageable and virtually eliminates security risk.
In many cases, applications that are written to Active Directory are written poorly and inefficiently. For example, many applications connect at the root of the Active Directory forest when they may only need to search one or two containers in the tree. Additionally, many applications only need to view users and groups, but in reality are granted access to view more than just users and groups. This is because Active Directory does not provide the ability to control what is searched, such as specific LDAP queries. VIS, however, easily publishes application specific views, granting only the data the application requires.
All LDAP operations are logged and stored to a Microsoft SQL Server database for easy reporting and retrieval. The Virtual Identity Server can help your organization meet audit and compliance initiatives such as those required by Sarbanes Oxley (SOX), Basel II, European Union Privacy Directive, Capital Accord HIPAA and Gramm-Leach-Bliley Act. Using the built-in web reporting, you can easily report on who logged in and when, and what changes they made. Reports can even be auto-scheduled for email distribution in a wide variety of formats (PDF, XLS, HTML).
The Virtual Identity Server (VIS) utilizes adapters to connect to and integrate with LDAP directories, databases and other data stores. These adapters handle connecting to and communicating with the given data repository. Now, utilizing the Virtual Identity Server your LDAP enabled applications have access to data that resides anywhere within your enterprise, regardless of the data format (i.e. SQL/LDAP). The Virtual Identity Server handles all of the data transformation from one data storage type to another. This is performed on-the-fly and in real-time. When the application queries the Virtual Identity Server, that query is translated and then proxied to the appropriate downstream data store. [wpex more= “Read more” less= “Read less”] 
Active Directory (AD) Active Directory is the most widely used directory service in use today. Active Directory is a core component of the Windows Server 2003, Windows Server 2008 and Windows Server 2012 operating systems. Active Directory serves as the foundation for not only Microsoft’s Identity and Access solutions, but also for application servers such as SharePoint. Active Directory has proven to be the world’s fastest and most scalable directory server in existence today. Many customers utilize Active Directory as their user repository and have easily scaled the solution to multi-million user repositories. Testing by independent sources has shown that Active Directory scales linearly to meet the increased demands of a customer. Likewise, the Virtual Identity Server (VIS) was written from the ground up to tightly integrate with and leverage the existing investment that was made in Active Directory and the Microsoft infrastructure. VIS was written entirely in Microsoft .NET managed code and seamlessly integrates and extends the functionality of Active Directory, providing the necessary virtual directory/proxy and LDAP firewall needs for corporations. As a key differentiator of other virtual directory products, VIS does not contain a built-in LDAP server and instead leverages the powerful and scalable Active Directory or ADAM/AD LDS LDAP directories as its data repository. This insures that at the core, companies are relying on the fastest, most scalable and widely used LDAP directory in the world as the backbone for the virtual directory deployment. The Virtual Identity Server is the only virtual directory product that is certified on all of the following: Windows Server 2003, Windows Server 2008, Windows Server 2012.
Active Directory Application Mode (ADAM) Active Directory Application Mode is a standalone LDAP directory based on Microsoft’s Active Directory. The key difference between AD and ADAM is that the ADAM server has all of the network operating system code removed. In essesnce, it is the core LDAP features of Active Directory and can be considered a lightweight version of Active Directory. (see AD LDS below). Many organizations utilize ADAM as a standalone application directory. ADAM was formerly a standalone download and then later included as a core component of Windows 2003 R2 Server and can be installed using add/remove programs/Windows components.
Active Directory Lightweight Directory Services (AD LDS) Active Directory Lightweight Directory Services (AD LDS) is the next generation of ADAM. AD LDS is a core component of Windows Server 2008 and can be installed by adding the AD LDS Role to a Windows Server.
Novell eDirectory Novell eDirectory (formerly called NetWare Directory Services – NDS) is an LDAP directory server that is a part of the operating system developed by Novell. The eDirectory adapter allows organizations that are migrating from eDirectory to Active Directory with a rapid means of accessing users, groups and data as they perform the often time consuming process of migration.
Sun One Directory Server (iPlanet) Sun One Directory Server is the directory server sold by Sun Microsystems that was originally developed by Netscape. Under a joint partnership both Sun and AOL (which purchased Netscape) retained rights to the software.
Oracle Internet Directory (OID) Oracle Internet Directory is the directory server sold by Oracle.
IBM Directory IBM Directory Server is the directory server sold by IBM.
Lotus Domino Directory Lotus Domino Directory is the directory server sold by Lotus.
RedHat Directory RedHat Directory is the directory server sold by RedHat.
OpenLDAP OpenLDAP is a free, open source implementation of an LDAP Server. It was developed by the OpenLDAP Project.
OpenDS OpenDS is a free, open source implementation of an LDAP Server. It was developed by the OpenDS.
Generic LDAP V3 Server The Generic LDAP V3 server adapter can be used for any V3 LDAP server not specifically listed as an adapter.
Directory Service Markup Language (DSML) Directory Service Markup Language (DSML) is a standards-based XML representation of directory access operations that are transmitted via Simple Object Access Protocol (SOAP). Many applications support DSML as a means for providing data access over the Internet.
Microsoft SQL Server Database The Microsoft SQL Server adapter provides the ability for LDAP applications to query and update data in a SQL database via LDAP calls. The Virtual Identity Server translates the LDAP queries into SQL queries and likewise LDAP updates into SQL Updates. Additionally, objects (i.e. users) existing in an LDAP directory such as Active Directory can be joined in real-time to objects in SQL. This allows LDAP applications to leverage data existing in SQL directly.
Oracle Database The Oracle database adapter provides the ability for LDAP applications to query and update data in an Oracle database via LDAP calls. The Virtual Identity Server translates the LDAP queries into SQL queries and likewise LDAP updates into SQL Updates. Additionally, objects (i.e. users) existing in an LDAP directory such as Active Directory can be joined in real-time to objects in Oracle. This allows LDAP applications to leverage data existing in Oracle directly.
Windows Azure Active Directory The Windows Azure Active Directory adapter provides the ability for LDAP applications to query and update data in the Microsoft cloud directory including Office 365.
Google Cloud The Google Cloud adapter provides the ability for organizations to manage their users in the Google Cloud (Google Apps) as well as leverage that data in realtime LDAP applications. [/wpex]
Yes, VIS supports Kerberos, NTLM and Negotiate as authentication options on both the listing side as well as the back-end connection sides.
Yes. Please fill out a demo form with your contact information.
The Virtual Identity Server supports a number of data stores directly with out of the box adapters. Additionally, a customer or integrator can create adapters utilizing our built-in extensibility.
Yes. Our software is running in both non-secure and secure government networks. [wpex more= “Read more” less= “Read less”]
Yes, VIS supports Kerberos, NTLM and Negotiate as authentication options on both the listing side as well as the back-end connection sides.
Yes. Please fill out a demo form with your contact information.
The Virtual Identity Server supports a number of data stores directly with out of the box adapters. Additionally, a customer or integrator can create adapters utilizing our built-in extensibility.
Yes. Our software is running in both non-secure and secure government networks.
Yes. There are multiple caching options with VIS. Caching can be configured on an object class by object class basis, with a time to live and cache size as well. Most organizations in most situations, however, do not need to use caching.
We support WSS 3.0, SharePoint 2007, 2010 & 2013.
Yes.
Yes. VIS is now only offered in a 64-bit version of the product.
Yes. The Virtual Identity Server is certified on both Windows Server 2008 and Windows Server 2008 R2.
Yes. The Virtual Identity Server is certified on both Windows Server 2003.
VIS was written in Microsoft’s .NET programming language and utilizes the .NET 4.5 Framework.
VIS can encrypt this information with any of the following algorithms Triple-DES (3DES), AES, RIJNDAEL and BLOWFISH
Individual entries, such as bind accounts and passwords or even the entire XML file can be optionally encrypted using the GUI.
Yes. There is a Windows GUI that provides an easy interface to edit the XML file. You can also edit the XML file manually if you prefer.
Yes. Multiple VIS server instances can all share the same XML file.
The product configuration is stored in one XML file, making the product extremely easy to configure and migrate.
VIS can be configured to run on any port you choose provided another application is not using that port. You can choose the standard LDAP port of 389 or 636 (SSL).
Yes. VIS can be placed behind a load balancer (either software or hardware), allowing for a fail-over and load balancing configuration for the applications that connect to VIS. In addition, the connections that VIS makes to connected directories can be load balanced as well.
VIS can listen via LDAP v3, REST Web Service, PowerShell out of the box, but can be extended to listen via any protocol/method desired using the API’s. With 3rd party ODBC/ADO.NET Drivers, SQL calls can also be made.
VIS installs in minutes, using a standard MSI/setup.exe. After installing the binary files, a wizard guides you through the configuration of the product. While the Virtual Identity Server has the most comprehensive features of any virtual directory product on the market, a key differentiator is how easy the product is to install and configure.
Give us a call or fill out our online form today to learn more.
