News

Microsoft Renames 'Geneva' ID Management Solutions

Microsoft announced product names for its latest claims-based identity management server platform, dropping the "Geneva" code name.

The Geneva platform (once known as project "Zermatt") consists of three components, and Microsoft unveiled relatively straightforward product names for each. The name switch was announced on Monday at the Microsoft Worldwide Partner Conference in New Orleans.

Geneva Server will be called "Active Directory Federation Services" (ADFS). Essentially, ADFS is the same name used for Microsoft's current single sign-on federation product that's part of Windows Server 2003 R2 and Windows Server 2008.

The Geneva Framework used by developers will be called "Windows Identity Foundation" (WIF). Finally, Windows CardSpace, which helps with the management of access identities, will retain its same name.

Version numbers for the products will be announced later, according to the Vibro.NET Microsoft blog. The blog also emphasized the importance of elevating WIF as a .NET platform for developers.

"This is a Big Deal for developers on the .NET platform, and I want to make sure to give it as much visibility as I can," the blog states. "We claims tinkerers are now recognized first-class citizens in .NET, and it feels good."

Microsoft is planning to release the new ADFS product in the second half of 2009, and it will be available as part of Windows licensing. Geneva Server is currently available as beta 2, and was released in May.

Possibly, the ADFS product will be released in time for Microsoft's Professional Developers Conference in November, with WIF and CardSpace following soon after, according to Gerry Gebel, an analyst at the Burton Group.

The ADFS platform is important for Microsoft because it will be used to establish connections with Microsoft's Windows Azure platform, supporting hosted applications such as SharePoint Online and Exchange Online, Gebel explained.

The two biggest features of ADFS will be its claims-transform capability and its use of federation metadata, according to Donovan Follette, senior technical evangelist on Microsoft's Identity and Access technologies. The use of federation metadata makes it possible to configure relationships that used to take extra coding to establish.

"Flexibility with claims is the biggest shift that ADFS developers have to get their minds around," Follette explained, in a Microsoft Channel 9 video.

Microsoft changed some of the nomenclature with the new ADFS product. "Account partners" in the old version are now called "identity providers," Follette said. "Resource partners" are now called "relying parties" because they rely on a token that ADFS will provide to them. The use of the "applications" term disappears in ADFS because they are just considered to be another form of relying parties. Lastly, "organizational claims" or mappings will become "rules" in ADFS.

Developers will be able to use PowerShell to automate setups for relying parties (or applications), Follette explained. You can also use PowerShell to place rules, he said.

The new ADFS product will be interoperable with earlier versions of that server, Follette said. It will support the same SAML and WS protocols as the earlier version, but adds token support for SAML 2.0, he added.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.

Featured

  • Azure Active Directory Connect Preview Adds Support for Disconnected AD Forests

    Microsoft on Thursday announced a preview of a new "Cloud Provisioning" feature for the Azure Active Directory Connect service that promises to bring together scattered Active Directory "forests."

  • Microsoft Defender ATP Gets macOS Investigation Support

    The endpoint and detection response (EDR) feature in Microsoft Defender Advanced Threat Protection (ATP) has reached the "general availability" stage for macOS devices.

  • How To Block Self-Service Purchasing in Microsoft's Power Platform

    Microsoft threw Office 365 admins a bone when it gave them the ability to block users from purchasing Power Platform tools without IT approval. Here's how to prevent total anarchy.

  • Azure DevOps Services Losing Support for Alternate Credentials

    Microsoft gave notice last week that it's going to drop Alternate Credentials support for authenticating users of its Azure DevOps Services.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.