IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Does Verify can replacement the Active Directory (AD)?

    Posted Wed February 26, 2025 10:03 AM

    Hi team,

    We had question from our prospect client are Does Verify can replacement the Active Directory (AD), with some main functions, are:
    1. User storage (LDAP)
    2. Desktop Login (User domain login)
    3. Mass push policy (GPO)
    4. Mass push config such wallpaper change.

    Please need your advise, thanks.



    ------------------------------
    Ahmad Danni
    ------------------------------


  • 2.  RE: Does Verify can replacement the Active Directory (AD)?

    Posted Thu February 27, 2025 04:12 AM

    No - there are no IBM Verify products that provides that functionality - I believe there are opensource projects that can do some of these - but if you expect the deep integration replacing an AD/Azure infrastructure I do not believe there are any solutions that can do so.

    Migrating away from the Windows infrastructure requires much more than just a replacement of your AD functionality - it comes with some very hard choices to do that - and and completely different thinking. So my advice (not being a deep expert in this but I have seen a lot since OS/2 tried to do this) is to understand how to separate Windows infrastructure from other enterprise architectures (*ix, mainframes etc.) and develop a strategy to manage this with a tooling that is independent of the underlying infrastructure.

    HTH   



    ------------------------------
    Franz Wolfhagen
    WW IAM Solution Architect - Certified Consulting IT Specialist
    IBM Expert Labs
    ------------------------------

    Original Message


  • 3.  RE: Does Verify can replacement the Active Directory (AD)?

    Posted Fri February 28, 2025 04:16 AM

    Hi Ahmad

    It's probably fair to say that device identity and access management, and device configuration, are feature sets that are split out across two different types of products these days - this could also be said for Microsoft's strategy. 

    The features you mention can be achieved with a combination of IBM Verify and IBM MaaS360. IBM Verify can do the Identity and Access Management piece, integrate with existing directories or provide its own, multi-factor and strong authentication, and can integrate with Microsoft Azure so that you can enroll a Windows PC to Azure for app deployment and authentication and so on. IBM MaaS360 can do device configuration, once enrolled, for all popular market device types - computers (Windows/MacOS, iOS/Android). The configuration set covers a lot of features (including the wallpaper push, but a whole lot more), and it would be interesting for you to explore this. 

    Regarding GPO's I don't think there is any modern technology doing this, they were problematic and are not really used any more. Again IBM MaaS360 can do device management for probably any of the use cases you could find for GPO's. 

    For more information and to request a trial system and a demo you can request via these links. 

    IBM Verify demo/trial: https://www.ibm.com/security/digital-assets/iam/verify-demo-trial/#/

    IBM MaaS360 demo: https://mediacenter.ibm.com/media/Product+demoA+IBM+MaaS360/1_u5z2xp7w/98860242

    IBM MaaS360 trial: https://www.ibm.com/resources/security/maas360-uem-client-roles-free-trial

    Best regards



    ------------------------------
    Eamonn O'Mahony
    Client Success Manager
    IBM Security
    Dublin
    ------------------------------

    Original Message