Microsoft has definetely not been the leader in identity management systems. For sure, MS Active Directory is being widely deployed. But it is an authentication and administration infrastructure, not an identity management solution. Because of MS ADAM (lightweight LDAP directory) and MS IIS (directory synchronization aka metadirectory) lacking features (compared to their competitors), I often thought that Microsoft was lacking some visionary approach of identity management. I was definitely wrong. They’ve got a guy who seems to have perfectly identified the (long term) future of identity management.