Most enterprises today have heterogeneous IT environments, with Microsoft Active Directory (AD) providing Windows access for most users, but with other platforms such as Unix, Linux, and Mac OS X providing critical services as well. But each of these systems has its own identity, authentication, and access requirements. This means users can have dozens or hundreds of passwords to remember and enter, and administrators may have dozens or hundreds of identities per user to provision, re-provision, deprovision, and administer.