If no product is available (or satisfies your needs) in the marketplace, you may have to build something yourself. Currenlt, I am unable to post my own custom IT IAM solutions (such as group management, remote access management, smart card management, password mangement etc.) because they are pending patent application. I recommend you check out following links for other customer solutions at Microsoft.

Microsoft - Microsoft Identity and Access Management Series:

http://www.microsoft.com/technet/security/topics/identitymanagement/idmanage/default.mspx?mfr=true

Microsoft Consulting service - Zero Touch Provisioning:

http://www.gotdotnet.com/workspaces/workspace.aspx?id=cba3e1ea-1148-41f6-baf0-8953c68eabf1