Distributed high availability agent architecture
First Claim
1. A non-transitory computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to provide an Identity Bridge (IDBridge) between an on-premises Active Directory (AD) and a cloud-based Identity Cloud Service (IDCS), the providing comprising:
- establishing a connection to an AD, coupled to a first network, the AD including a plurality of organizational units (OUs), a plurality of groups and a plurality of users, each group being a member of an OU, and each user being a member of an OU and a group;
establishing a connection to an IDCS, coupled to a second network, the IDCS including a System for Cross-domain Identity Management (SCIM) directory having a plurality of user resource entries and a plurality of group resource entries;
displaying the plurality of OUs in a graphical user interface (GUI), each OU being selectable by a user;
receiving a selection of one or more OUs;
displaying each member group of the selected OUs in the GUI, each group being selectable by the user;
receiving a selection of one or more member groups of the selected OUs;
monitoring the users of the selected OUs to identify users that have been added, modified or deleted;
monitoring the selected member groups of the selected OUs to identify groups that have been added, modified or deleted;
synchronizing the identified users to the SCIM directory; and
synchronizing the identified groups to the SCIM directory.
1 Assignment
0 Petitions
Accused Products
Abstract
A high availability (HA) Identity Bridge (IDBridge) between an on-premises Active Directory (AD) and a cloud-based Identity Cloud Service (IDCS) is provided. A connection to an AD, coupled to a first network, is established. A connection to an IDCS, coupled to a second network, is established, the IDCS including a System for Cross-domain Identity Management (SCIM) directory. A plurality of selectable AD OUs are displayed in a GUI, and a selection of one or more OUs is then received. Each member group of the selected OUs is displayed in the GUI, and a selection of one or more member groups of the selected OUs is then received. The users of the selected OUs and the selected member groups of the selected OUs are monitored to identify users and groups that have been added, modified or deleted. The identified users and groups are then synchronized to the SCIM directory.
308 Citations
20 Claims
-
1. A non-transitory computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to provide an Identity Bridge (IDBridge) between an on-premises Active Directory (AD) and a cloud-based Identity Cloud Service (IDCS), the providing comprising:
-
establishing a connection to an AD, coupled to a first network, the AD including a plurality of organizational units (OUs), a plurality of groups and a plurality of users, each group being a member of an OU, and each user being a member of an OU and a group; establishing a connection to an IDCS, coupled to a second network, the IDCS including a System for Cross-domain Identity Management (SCIM) directory having a plurality of user resource entries and a plurality of group resource entries; displaying the plurality of OUs in a graphical user interface (GUI), each OU being selectable by a user; receiving a selection of one or more OUs; displaying each member group of the selected OUs in the GUI, each group being selectable by the user; receiving a selection of one or more member groups of the selected OUs; monitoring the users of the selected OUs to identify users that have been added, modified or deleted; monitoring the selected member groups of the selected OUs to identify groups that have been added, modified or deleted; synchronizing the identified users to the SCIM directory; and synchronizing the identified groups to the SCIM directory. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for providing an Identity Bridge (IDBridge) between an on-premises Active Directory (AD) and a cloud-based Identity Cloud Service (IDCS), the method comprising:
-
establishing a connection to an AD, coupled to a first network, the AD including a plurality of organizational units (OUs), a plurality of groups and a plurality of users, each group being a member of an OU, and each user being a member of an OU and a group; establishing a connection to an IDCS, coupled to a second network, the IDCS including a System for Cross-domain Identity Management (SCIM) directory having a plurality of user resource entries and a plurality of group resource entries; displaying the plurality of OUs in a graphical user interface (GUI), each OU being selectable by a user; receiving a selection of one or more OUs; displaying each member group of the selected OUs in the GUI, each group being selectable by the user; receiving a selection of one or more member groups of the selected OUs; monitoring the users of the selected OUs to identify users that have been added, modified or deleted; monitoring the selected member groups of the selected OUs to identify groups that have been added, modified or deleted; synchronizing the identified users to the SCIM directory; and synchronizing the identified groups to the SCIM directory. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system for providing an Identity Bridge (IDBridge) between an on-premises Active Directory (AD) and a cloud-based Identity Cloud Service (IDCS), the system comprising:
-
a memory; and a processor, coupled to the memory, a first network and a second network, the processor being configured to; establish a connection to an AD, coupled to the first network, the AD including a plurality of organizational units (OUs), a plurality of groups and a plurality of users, each group being a member of an OU, and each user being a member of an OU and a group; establish a connection to an IDCS, coupled to the second network, the IDCS including a System for Cross-domain Identity Management (SCIM) directory having a plurality of user resource entries and a plurality of group resource entries; display the plurality of OUs in a graphical user interface (GUI), each OU being selectable by a user; receive a selection of one or more OUs; display each member group of the selected OUs in the GUI, each group being selectable by the user; receive a selection of one or more member groups of the selected OUs; monitor the users of the selected OUs to identify users that have been added, modified or deleted; monitor the selected member groups of the selected OUs to identify groups that have been added, modified or deleted; synchronize the identified users to the SCIM directory; and synchronize the identified groups to the SCIM directory. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification