Metadirectory and Active Directory Management

Michael analyzed and wrote about Microsoft's operating systems, including the Windows client OS, as well as compliance and governance. Michael... more

By Michael Cherry

The integration between the Microsoft Active Directory (AD) and the Microsoft Metadirectory Services (MMS) allows MMS to assist with the rollout and ongoing management of AD.

MMS can provision (create and maintain) AD objects such as the following:

Contacts (accounts without any security permissions, typically used to represent external users)
Organizational units (containers to logically organize other AD containers and objects, such as users)
Users (security principals that can be assigned access permissions)

For example, if a company had information about its employees in a human resources (HR) system, it could use the metadirectory to take the information in the HR system, create organizational units, and then populate the organizational units with user IDs for its employees. Bringing the information into AD through the MMS would allow an organization to bring the identity data from several sources, eliminate duplicates and accounts that should no longer exist, format the identity data, and then create the appropriate AD entries.

Atlas Members have full access

Get access to this and thousands of other unbiased analyses, roadmaps, decision kits, infographics, reference guides, and more, all included with membership. Comprehensive access to the most in-depth and unbiased expertise for Microsoft enterprise decision-making is waiting.

Membership Options

Already have an account? Login Now