Quest is using an interesting term that I am seeing more often now: “Identity Consolidation” or as it’s sometimes referred to: “Directory Consolidation”. The notion here is that instead of using a meta-directory style of synchronizing accounts like most provisioning systems do, you instead configure the disparate systems to use a central identity service, which you then manage.
Jackson Shaw of Quest is the go-to-guy in the area, having been with both Vintela and Zoomit.
This will make a lot of sense in many cases. It’s usually better to consolidate identities than to synchronize them. Of course in many cases there are systems that just can’t be consolidated and a meta-directory approach is needed. If I understand Quest’s strategy here, it’s to leverage Active Roles Server and its integration with Microsoft ILM to handle cases where identities can’t be consolidated.
Of course this strategy puts AD right into the center of the authentication universe, which will drive many in the identity comunity into a fit. But for a lot of enterprises, that’s where they are going anyway.
It will be very interesting to see where this goes.