Playing a high-stakes game of catch-up with rivals, Microsoft this week is scheduled to unveil a plan to develop a comprehensive platform for managing user identities.

The initial effort, however, appears to be more of an "everything but the kitchen sink" approach and an expansion of third-party alliances into non-Windows environments, and less about Microsoft digging in to create a cross-platform infrastructure.

Observers say this first strike at an identity management platform is a tactical move by Microsoft to address current identity management needs that support portals and Web-based single sign-on. They say the company's real goal is to leap over its rivals into a future in which Web services support identity management and access control across corporate boundaries.

"What you will see from them in this first round is more marketing veneer," says Mike Neuenschwander, an analyst with Burton Group. "There is no doubt that IBM and Novell have put some pressure on Microsoft around identity management. But this time I don't think Microsoft can announce something and stagnate the market. There are plenty of vendors, and this is a cross-platform issue at this point."

In the meantime, Microsoft lags behind IBM, Novell and Sun, each of which also has its eye on Web services. These competitors have built up their platforms over the past year to include the four basic elements of identity management: authentication, user management, access management and directory.

Microsoft's strategy revolves around Windows Server 2003, Active Directory and the revamped Microsoft Metadirectory Services 3.0, which is being renamed Microsoft Identity Integration Server (MIIS). MIIS is expected to ship next month.

The directory provides the core user repository, while MIIS provides connections to other data stores such as Lotus Notes and Novell e-Directory, and has basic provisioning capabilities.

The identity platform also includes Active Directory/Application Mode (AD/AM), a lightweight directory that can be dedicated to individual applications. It is expected to ship this week.

Click to see:

Those directory technologies have been promoted as the heart of Microsoft's identity management strategy, but users have been waiting for Microsoft to go beyond the directory and fill in the gaps.

"They need to establish themselves and say, 'We are a lot more than the directory and Passport [Microsoft's consumer service for single sign-on],'" says Jonathan Penn, an analyst for Forrester Research.

Microsoft's strategy has some weaknesses, experts say, in its user management features, such as self-service delegation and administration, and access management, most notably Web-based single sign-on.

"Virtually everyone but Microsoft has Web-based delegated administration, but with Microsoft it's either Windows account management or nothing," says one source who asked not to be identified.

Microsoft is pulling together existing products, sprinkling in new offerings and tapping third-party alliances to address the shortcomings. The company is adding tool kits to incorporate Web services standards into its .Net framework and guides for implementing products that support identity management services.

Microsoft would not comment on its plans.