The end of Microsoft Identity Manager and SAP IDM, why consider MidPoint as a replacement

The identity management world is experiencing a seismic shift. Two major enterprise identity platforms—SAP Identity Management and Microsoft Identity Manager are approaching their end-of-life dates.

Organizations worldwide are challenged to find suitable replacements that won’t break the bank or compromise their security posture. Why considering MidPoint – the open-source solution – might be a better fit than you expect.

The End-of-Life Crisis: On-premise options are shrinking

SAP IDM: The 2027 Deadline Approaches

SAP Identity Management users are facing a hard stop. Mainstream support ends December 31, 2027, with only costly extended maintenance available until 2030. With no successor product planned, SAP has essentially abandoned the on-premises identity management space, pushing customers toward cloud-only solutions that may not fit every organization’s needs.

The writing is on the wall: SAP wants you to migrate to Microsoft Entra (formerly Azure AD) or cobble together a solution using SAP Cloud Identity services. But these options come with significant limitations, especially for organizations with complex on-premises requirements or strict data sovereignty needs.

Microsoft Identity Manager: Extended Life, Limited Future

Microsoft Identity Manager (MIM) received a reprieve, with extended support lasting until January 9, 2029. However, this extension is more of a life support system than a long-term solution. Microsoft stopped actively developing MIM in 2021, focusing instead on Entra ID, a cloud-first platform that doesn’t provide feature parity with MIM’s on-premises capabilities.

Organizations still using MIM are essentially on borrowed time. They receive only security patches and miss out on innovation and new features that modern identity governance demands.

Against European trends

The last few dynamic months with the new US president have turned the direction of the trend regarding US-based software services. Data sovereignty is more important than ever. It shows that being risky depends entirely on cloud services, as proven by the following example from the Criminal Court of Justice.

Trends are turning back to on-premise installations or at least, locally based data centres. All commercial vendors are pushing their products towards the cloud, lacking the latest features in their on-premise solutions.  Luckily, there are initiatives like Evolveum that push fully open-sourced solutions built especially for on-premise deployment, loaded with all the features a modern IGA solution must have.

Real-World Migration Success Stories

Over the years, MidPoint has repeatedly proven that it is a suitable IGA solution for every possible business vertical. It provides plenty of supporting features to overcome the pains of migration. For example, it is one of the very few competitors that provides real-time what-if analysis, a.k.a. Simulations, that significantly reduce deployment times and potential data corruption risk (case study).

Inalogy has plenty of experience with migration from legacy systems, such as DirX at Orange Slovakia (case study), or migrations from homegrown systems at universities in Namur or Bratislava. Hundreds of other deployments around the world would confirm our right.

The time to act is now! Your Migration Timeline

With SAP IDM support ending in 2027 and Microsoft Identity Manager extended support ending in 2029, now is the time to begin planning your migration. A typical IGA implementation requires 12-24 months from planning to full deployment, a time that’s rapidly diminishing for organizations still running end-of-life platforms. Don’t forget procurement processes, which will significantly cut the remaining time as well.

Immediate Next Steps:

1. Conduct a Migration Audit: Assess your current identity management implementation and identify IGA migration requirements. 
2. Engage Professional Services: Given the shortage of time, performing migration on your own would be extremely challenging. Consider partnering with certified partners (like Inalogy) for migration planning and implementation.
3. Build Internal Support: Present the business case to stakeholders, emphasizing cost savings and risk mitigation. Stakeholders’ support is critical for successful IGA projects.

Common Migration Plan

Phase 1: Assessment and Planning (Months 1-3)

• Current state analysis of your SAP IDM or MIM deployment
• Gap analysis identifies features that need migration or replacement
• MidPoint architecture design tailored to your requirements

Phase 2: Pilot Implementation (Months 4-6)

• Deploy MidPoint in a test environment
• Migrate a subset of users and applications
• Validate functionality and performance

Phase 3: Production Migration (Months 7-18)

• Phased migration of remaining systems and users
• Parallel operation during the transition period
• Final cutover and legacy system decommissioning

Phase 4: Optimization and Enhancement (Ongoing)

• Leverage cost savings for additional features and integrations
• Implement advanced governance and analytics capabilities
• Expand to additional use cases and business units

MidPoint: The Clear Choice for Identity Management’s Future

The end-of-life crisis facing SAP IDM and Microsoft Identity Manager users isn’t just a challenge—it’s an opportunity to modernize your identity management strategy while dramatically reducing costs and vendor risk.

MidPoint offers everything you need in a modern identity governance platform: enterprise-grade functionality, proven scalability, active development, and a cost structure that makes sense in today’s economic environment. More importantly, it provides the flexibility and transparency that will serve your organization for years to come.