Virtual directory

From Wikipedia, the free encyclopedia - View original article

Jump to: navigation, search

In computing, the term virtual directory has a couple of meanings. It may simply designate (for example in IIS) a folder which appears in a path but which is not actually a subfolder of the preceding folder in the path. However, this article will discuss the term in the context of directory services and identity management.

A virtual directory or virtual directory server in this context is a software layer that delivers a single access point for identity management applications and service platforms. A virtual directory operates as a high-performance, lightweight abstraction layer that resides between client applications and disparate types of identity-data repositories, such as proprietary and standard directories, databases, web services, and applications.

A virtual directory receives queries and directs them to the appropriate data sources by abstracting and virtualizing data. The virtual directory integrates identity data from multiple heterogeneous data stores and presents it as though it were coming from one source. This ability to reach into disparate repositories makes virtual directory technology ideal for consolidating data stored in a distributed environment.

As of 2011, virtual directory servers most commonly use the LDAP protocol, but more sophisticated virtual directories can also support SQL as well as DSML and SPML.

Industry experts have heralded the importance of the virtual directory in modernizing the identity infrastructure. According to Dave Kearns of Network World,[1] “Virtualization is hot and a virtual directory is the building block, or foundation, you should be looking at for your next identity management project." In addition, Gartner analyst, Bob Blakley[2] said that virtual directories are playing an increasingly vital role. In his report, “The Emerging Architecture of Identity Management,” Blakley wrote: “In the first phase, production of identities will be separated from consumption of identities through the introduction of a virtual directory interface.”

Capabilities of Virtual Directories[edit]

Virtual directories can have some or all of the following capabilities:

Some advanced identity virtualization platforms can also:

Advantages of virtual directories[edit]

Virtual Directories:


An original disadvantage is public perception of "push & pull technologies" which is the general classification of "virtual directories" depending on the nature of their deployment. Virtual directories were initially designed and later deployed with "Push technologies" in mind, which also contravened with "Privacy laws" in the USA. This is no longer the case. There are, however, other disadvantages in the current technologies.

Sample terminology[edit]

Sample Virtual Directory Use Cases[edit]


  1. ^
  2. ^ The Emerging Architecture of Identity Management, Bob Blakley, April 16, 2010.