Active directory bridging of external network resources
First Claim
1. An Active Directory Bridge system for joining an external network resource to an internal network, the system comprising:
- an Active Directory (AD) Bridge Gateway device residing in a first network, the AD Bridge Gateway device including a memory and a processor;
an AD Bridge Gatekeeper device residing in a second network, the second network external to the first network, the AD Bridge Gatekeeper device in networked communication with the AD Bridge Gateway device; and
an AD Bridge Agent residing on an external network resource in a third network, the third network external to the second network and to the first network, the external network resource unable to directly join the first network;
wherein the AD Bridge Gateway device processor is configured to;
validate credentials received from the AD Bridge Agent through the AD Bridge Gatekeeper device at the AD Bridge Gateway device;
generate a registration token for the AD Bridge Agent based on the validated credentials;
generate a reference object based on the registration token; and
provide the reference object to a domain controller to join the external network resource to the first network.
1 Assignment
0 Petitions
Accused Products
Abstract
An Active Directory Bridge (AD Bridge) provides the ability to register, represent, and manage external network resources on an internal network. The external network resources may include cloud resources, such as Internet of Things (IoT) devices, Software-as-a-Service applications (SaaS apps), cloud-hosted virtual machines (VMs), cloud-hosted computers, and other networked cloud resources. The external network resources may be unable to communicate directly with or join the internal network due to various network connection obstacles. The AD Bridge includes an AD Bridge Gateway, an AD Bridge Gatekeeper, and an AD Bridge Agent. The AD Bridge Agent resides on each external network resource, and provides the connection of the host external network resource through the AD Bridge Gatekeeper and through the AD Bridge Gateway to the internal network. The AD Bridge provides the ability to register, represent, and manage these external network resources on an internal network.
-
Citations
20 Claims
-
1. An Active Directory Bridge system for joining an external network resource to an internal network, the system comprising:
-
an Active Directory (AD) Bridge Gateway device residing in a first network, the AD Bridge Gateway device including a memory and a processor; an AD Bridge Gatekeeper device residing in a second network, the second network external to the first network, the AD Bridge Gatekeeper device in networked communication with the AD Bridge Gateway device; and an AD Bridge Agent residing on an external network resource in a third network, the third network external to the second network and to the first network, the external network resource unable to directly join the first network; wherein the AD Bridge Gateway device processor is configured to; validate credentials received from the AD Bridge Agent through the AD Bridge Gatekeeper device at the AD Bridge Gateway device; generate a registration token for the AD Bridge Agent based on the validated credentials; generate a reference object based on the registration token; and provide the reference object to a domain controller to join the external network resource to the first network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An Active Directory Bridge method for joining an external network resource to an internal network, the method comprising:
-
validating credentials at an Active Directory (AD) Bridge Gateway device, the credential received from an AD Bridge Agent on an external resource through an AD Bridge Gatekeeper device; generating a registration token for the AD Bridge Agent based on the validated credentials; generating a reference object based on the registration token; and providing the reference object to a domain controller to join the external network resource to the first network; wherein; the AD Bridge Gateway device resides in a first network; the AD Bridge Gatekeeper device resides in a second network, the second network external to the first network, the AD Bridge Gatekeeper device in networked communication with the AD Bridge Gateway device; and the AD Bridge Agent resides in a third network, the third network external to the second network and to the first network, the external network resource unable to directly join the first network. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. At least one non-transitory machine-readable storage medium, comprising a plurality of instructions that, responsive to being executed with processor circuitry of a computer-controlled device, cause the computer-controlled device to:
-
validate credentials at an Active Directory (AD) Bridge Gateway device, the credential received from an AD Bridge Agent on an external resource through an AD Bridge Gatekeeper device; generate a registration token for the AD Bridge Agent based on the validated credentials; generate a reference object based on the registration token; and provide the reference object to a domain controller to join the external network resource to the first network; wherein; the AD Bridge Gateway device resides in a first network; the AD Bridge Gatekeeper device resides in a second network, the second network external to the first network, the AD Bridge Gatekeeper device in networked communication with the AD Bridge Gateway device; and the AD Bridge Agent resides in a third network, the third network external to the second network and to the first network, the external network resource unable to directly join the first network. - View Dependent Claims (20)
-
Specification