Identity, Authentication and Data - Same or different

Another technology I've been looking at is Microsoft Identity Lifecycle Manager as a possible solution to managing identities for people across education. This seems to me to do much the same as SIF but less. If SIF can synchronise data and some of that data can be data from a school MIS system like SIMS and an account in Active Directory (or any directory) then why would we need ILM? Anyone like to enlighten me? All we need is agreement in a SIF data model for an identiyy zone and any identity system to write SIF agents. I guess there may be issues about passwords? And how does this all connect with Shibboleth and something like the UK Access Management Federation? If we use Shibbleth to get Single Sign On authentication across several services then why would we need to synchronise identities? Surely attributes could be synchronised using Shibboleth transactions. Or would Shibboleth trigger a SIF transaction? It's a confusing field alright.