We hear a lot about cloud IAM vendors offering metadirectories or user repositories in the cloud. We predict that in 1-2 years we'll see AD being moved from on-premises installations into cloud based services. This has a benefit of simpler provisioning, higher availability, muc, much easier support for federation both into SaaS applications and with business partners. Today the only technical difficulty is latency of access to AD in the cloud from on-premises applications, but we believe this will be resolved by some type of customer premises equipment (much like the reverse of Symplified's Identity Router today).  Moving AD into the cloud will also have a huge impact on reducing the cost of AD management and improving delegated administration by providing easy-to-use web interfaces.