Managed directory service with extension

US 10,511,566 B2
Filed: 12/05/2013
Issued: 12/17/2019
Est. Priority Date: 11/11/2013
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method, comprising:

receiving, at a managed directory service, a request from a customer of a computing resources service provider to extend a customer computer system directory hosted in a customer computing environment by at least creating an extended customer computer system directory in a virtual network managed on behalf of the customer by the computing resources service provider in a computing environment of the computing resource service provider, the customer computer system directory referencing a set of data stored in the customer computing environment, wherein extending the customer computer system directory provides a service of the computing resource service provider access to the set of data based at least in part on a uniform resource identifier associated with the customer computer system directory;

determining whether fulfillment of the request is authorized based at least in part on a first set of credentials associated with the customer;

obtaining, by the managed directory service, information usable to access the customer computer system directory, the information based at least in part on a second set of credentials associated with the customer computer system directory; and

using the information to replicate the customer computer system directory from the customer computing environment to the extended customer computer system directory hosted in the computing environment of the computing resource service provider, based at least in part on the second set of credentials.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for connecting computer system entities to remotely extended local computer system resources are described herein. A computer system entity that requests access to a local computer system resource has that request fulfilled by a managed directory service which receives the request and connects the computer system entity to the local computer system resource. While connected, the managed directory service extends the local computer system resource to a corresponding extended remote computer system resource, receives commands to perform operations on the local or extended remote computer system resources and, if the computer system entity is authorized to perform the operations on the appropriate computer system resource, the managed directory service performs the operations on the appropriate computer system resource.

Citations

18 Claims

1. A computer-implemented method, comprising:
- receiving, at a managed directory service, a request from a customer of a computing resources service provider to extend a customer computer system directory hosted in a customer computing environment by at least creating an extended customer computer system directory in a virtual network managed on behalf of the customer by the computing resources service provider in a computing environment of the computing resource service provider, the customer computer system directory referencing a set of data stored in the customer computing environment, wherein extending the customer computer system directory provides a service of the computing resource service provider access to the set of data based at least in part on a uniform resource identifier associated with the customer computer system directory;
  
  determining whether fulfillment of the request is authorized based at least in part on a first set of credentials associated with the customer;
  
  obtaining, by the managed directory service, information usable to access the customer computer system directory, the information based at least in part on a second set of credentials associated with the customer computer system directory; and
  
  using the information to replicate the customer computer system directory from the customer computing environment to the extended customer computer system directory hosted in the computing environment of the computing resource service provider, based at least in part on the second set of credentials.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The computer-implemented method of claim 1, wherein the extended customer computer system directory utilizes a read-only replica of the customer computer system directory.
  - 3. The computer-implemented method of claim 2, wherein the extended customer computer system directory is configured to cause requests to modify the customer computer system directory received by the read-only replica to be processed by the customer computer system directory in the customer computing environment.
  - 4. The computer-implemented method of claim 1, further comprising:
    - receiving information indicative of changes to the customer computer system directory; and
      
      synchronizing the extended customer computer system directory in accordance with the information indicative of the changes.
  - 5. The computer-implemented method of claim 1, wherein the extended customer computer system directory is configured to fulfill requests to perform directory write operations and to cause the customer computer system directory to be updated in accordance with the fulfilled requests.
  - 6. The computer-implemented method of claim 1, wherein the extended customer computer system directory is configured such that, for each non-administrative user of a set of non-administrative users of the extended customer computer system directory, the non-administrative user is able to use a single set of credentials to authenticate with the extended customer computer system directory using a service of computing resource service provider.

7. A system, comprising:
- one or more processors; and
  
  memory to store executable instructions that, as a result of execution by the one or more processors, cause the system to at least;
  
  receive a request from a customer of a computing resources service provider to extend a customer computer system directory hosted in a customer computing environment by at least instantiating an extended customer computer system directory in a virtual network managed on behalf of the customer by the computing resource service provider in a computing environment of the computing resource service provider, the customer computer system directory referencing a set of data stored in the customer computing environment, wherein extending the customer computer system directory provides a service of the computing resource service provider access to the set of data based at least in part on a uniform resource locator associated with the customer computer system directory;
  
  determine whether fulfillment of the request is authorized based at least in part on a first set of credentials associated with the customer;
  
  obtain information usable to access the customer computer system directory, the information based at least in part on a second set of credentials associated with the customer computer system directory; and
  
  use the information to replicate at least a portion of the customer computer system directory from the customer computing environment to the extended customer computer system directory hosted by the computing resources service provider.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, wherein the extended customer computer system directory is read-only.
  - 9. The system of claim 8, wherein the extended customer computer system directory is configured to:
    - receive requests to update the extended customer computer system directory; and
      
      cause the received requests to be fulfilled by the customer computer system directory hosted in the customer computing environment.
  - 10. The system of claim 7, wherein the extended customer computer system directory is configured to:
    - receive requests to update the extended customer computer system directory; and
      
      cause the received requests to be fulfilled by the customer computer system directory hosted in the customer computing environment.
  - 11. The system of claim 7, wherein the instructions that cause the system to manage the extended customer computer system directory, if executed by the one or more processors, cause the system to perform management operations on the extended customer computer system directory, the management operations including updates to executable code used to operate the extended customer computer system directory.
  - 12. The system of claim 11, wherein:
    - the request specifies a domain name system in a computing environment of the customer; and
      
      the extended customer computer system directory is configured to utilize the specified domain name system to communicate with the customer computer system directory.

13. A non-transitory computer-readable storage medium comprising executable instructions that, as a result of being executed by one or more processors of a computer system, cause the computer system to at least:
- receive a request from a customer of a computing resources service provider to extend a customer computer system directory hosted in a customer computing environment by at least creating an extended customer computer system directory in a virtual network managed on behalf of the customer by the computing resources service provider in a computing environment of the computing resource service provider, the customer computer system directory referencing a set of data stored in the customer computing environment, wherein extending the customer computer system directory provides a service of the computing resource service provider access to the set of data based at least in part on a uniform resource locator associated with the customer computer system directory;
  
  determine whether fulfillment of the request is authorized based at least in part on a first set of credentials associated with the customer;
  
  obtain information usable to access the customer computer system directory, the information based at least in part on a second set of credentials associated with the customer computer system directory; and
  
  use the information to replicate at least a portion of the customer computer system directory from the customer computing environment to the extended customer computer system directory of the computing resources service provider.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The non-transitory computer-readable storage medium of claim 13, wherein the extended customer computer system directory is read-only.
  - 15. The non-transitory computer-readable storage medium of claim 14, wherein the extended customer computer system directory is configured to:
    - receive requests to update the extended customer computer system directory; and
      
      cause the received requests to be fulfilled by the customer computer system directory hosted in the customer computing environment.
  - 16. The non-transitory computer-readable storage medium of claim 13, wherein the extended customer computer system directory is configured to:
    - receive requests to update the extended customer computer system directory; and
      
      cause the received requests to be fulfilled by the customer computer system directory hosted in the customer computing environment.
  - 17. The non-transitory computer-readable storage medium of claim 13, wherein the instructions that cause the system to manage the extended customer computer system directory, when executed by the one or more processors, cause the system to perform management operations on the extended customer computer system directory, the management operations including updates to executable code used to operate the extended customer computer system directory.
  - 18. The non-transitory computer-readable storage medium of claim 13, wherein:
    - the request specifies a domain name system in a computing environment of the customer; and
      
      the extended customer computer system directory is configured to utilize the domain name system in the computing environment of the customer to communicate with the customer computer system directory.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Shah, Shon Kiran, Rizzo, Thomas Christopher, Mehta, Gaurang Pankaj, Rao, Guruprakash Bangalore, Palande, Sameer, Rai, Krithi
Primary Examiner(s)
Chang, Jungwon

Application Number

US14/098,454
Publication Number

US 20150134827A1
Time in Patent Office

2,203 Days
Field of Search

709226, 709248, 709227, 709203, 726 1, 726 4, 726 6, 726 12, 707639, 707790, 707831, 370352
US Class Current
CPC Class Codes

G06F 16/955   using information identifie...

G06F 16/9566   URL specific, e.g. using al...

G06F 2009/45562   Creating, deleting, cloning...

G06F 2009/45587   Isolation or security of vi...

G06F 2009/45595   Network integration; Enabli...

G06F 21/604   Tools and structures for ma...

G06F 2221/2141   Access rights, e.g. capabil...

G06F 40/134   Hyperlinking

G06F 9/455   Emulation; Interpretation; ...

G06F 9/45558   Hypervisor-specific managem...

H04L 2101/30   Types of network names

H04L 41/50   Network service management,...

H04L 41/5009   Determining service level p...

H04L 41/5041   characterised by the time r...

H04L 41/5058   Service discovery by the se...

H04L 41/5083   wherein the managed service...

H04L 47/70   Admission control; Resource...

H04L 61/10   of different types

H04L 61/4541   Directories for service dis...

H04L 61/4547   for personal communications...

H04L 61/50 : Address allocation

H04L 61/5007 : Internet protocol [IP] addr...

H04L 63/08 : for authentication of entit...

H04L 63/102 : Entity profiles

H04L 63/104 : Grouping of entities

H04L 67/02 : based on web technology, e....

H04L 67/10 : in which an application is ...

H04L 67/1095 : Replication or mirroring of...

H04L 67/51 : Discovery or management the...

View All

Managed directory service with extension

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Managed directory service with extension

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links