A Well Written Post on Common Virtual Directory Scenarios

Matt Flynn has written a concise post on VD scenarios... I've cut and pasted below:

Common Virtual Directory Scenarios

The discussion
regarding possible uses for Virtual Directory is on-going. The following are 8
easy-to-understand scenarios for Virtual Directory in no particular order. This
is by no means an exhaustive list, but I think it covers the simplest scenarios.
I look forward to questions or comments.

Protocol Translation - Provide
access to relational and other non-standardized data over standard LDAP and Web
Services protocols without altering the data.

Web Service Enablement -
Respond to identity data requests made via DSML, SPML or any other
service-oriented data format (standards-based or custom).

Multi-Repository Search - Enable a single search over standard protocols
to return a single clean result-set containing identity data that resides in
multiple repositories in multiple formats.

Joined Identity View - Enable
a search that returns a view of single identities that are comprised of data
from multiple repositories. e.g.) A single user record is presented with name
and phone number from the HR system and the email address from Active Directory.

Permission-Based Results - Enable a customized view into a single data
universe based on which application or which user is performing the search.
e.g.) Employees inside the corporate firewall see a full view of fellow
employees while customers accessing an external-facing application see a reduced
set of attributes and phone number is formatted using the (toll-free +
extension) format.

Dynamic DIT - Build an on-the-fly Directory
Information Tree based on identity data attributes. e.g.) The application calls
for LDAP views based on job title so the virtual directory dynamically presents
an OU for each job title in the database and presents employees within the
appropriate OU based on their job title.

Authentication - Enable
pass-through authentication from a single point of entry into multiple identity
data stores. e.g.) Authentication requests are directed to a single point. The
Virtual Directory authenticates non-employees against a back-end Sun Directory
and employees against Active Directory.

Real-Time Data Access - Provide
real-time access into back-end systems. Because requests are passed to the
originating data source, the search results can be as real-time as required.

Summary

Virtual Directory technologies eliminate boundaries.
Hassles related to LDAP object types, attribute definitions and other
schema-related issues are eliminated by virtualizing the view into the backend
identity stores. You're no longer limited by the existing data format or
database branding. There's no requirement to migrate the data from a relational
database into an LDAP directory in order to make the data LDAP- or Web Service-
accessible.