Hierarchical processing for a virtual directory system for LDAP to SCIM proxy service
First Claim
1. A non-transitory computer-readable medium having instructions stored thereon that, when executed by one or more processors, cause the processors to hierarchically process LDAP (Lightweight Directory Access Protocol) operations against a SCIM (System for Cross-domain Identity Management) directory, the processing comprising:
- providing an LDAP Directory Information Tree (DIT) including a plurality of LDAP DIT entries that describe LDAP containers, users and groups, each LDAP DIT entry including a Distinguished Name (DN) and a plurality of LDAP attribute-value pairs, the DN providing LDAP DIT hierarchical information that uniquely identifies the LDAP DIT entry and describes a hierarchical position of the LDAP DIT entry in the LDAP DIT, each LDAP attribute-value pair including an attribute name and one or more attribute values;
providing a SCIM directory including a plurality of SCIM resource entries that describe SCIM users and groups, each SCIM resource entry including a plurality of SCIM attributes including an externalID and a resource type identifying the SCIM resource entry as belonging to a user or a group, each SCIM attribute including a name and one or more values;
migrating the plurality of LDAP DIT entries to the SCIM directory, including storing the LDAP DIT hierarchical information in the SCIM directory by mapping LDAP user DNs and group DNs to SCIM user externalIDs and group externalIDs, respectively;
receiving, from an LDAP-based application over a network, an LDAP operation request including an LDAP add request, an LDAP delete request, an LDAP modify request, or an LDAP search request;
processing the LDAP operation request; and
returning an LDAP operation response to the LDAP-based application over the network.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for hierarchically processing LDAP (Lightweight Directory Access Protocol) operations against a SCIM (System for Cross-domain Identity Management) directory is provided. The method includes providing an LDAP Directory Information Tree (DIT) including a plurality of LDAP DIT entries that describe LDAP containers, users and groups, providing a SCIM directory including a plurality of SCIM resource entries that describe SCIM users and groups, migrating the plurality of LDAP DIT entries to the SCIM directory, receiving, from an LDAP-based application over a network, an LDAP operation request, processing the LDAP operation request, and returning an LDAP operation response to the LDAP-based application over the network.
399 Citations
20 Claims
-
1. A non-transitory computer-readable medium having instructions stored thereon that, when executed by one or more processors, cause the processors to hierarchically process LDAP (Lightweight Directory Access Protocol) operations against a SCIM (System for Cross-domain Identity Management) directory, the processing comprising:
-
providing an LDAP Directory Information Tree (DIT) including a plurality of LDAP DIT entries that describe LDAP containers, users and groups, each LDAP DIT entry including a Distinguished Name (DN) and a plurality of LDAP attribute-value pairs, the DN providing LDAP DIT hierarchical information that uniquely identifies the LDAP DIT entry and describes a hierarchical position of the LDAP DIT entry in the LDAP DIT, each LDAP attribute-value pair including an attribute name and one or more attribute values; providing a SCIM directory including a plurality of SCIM resource entries that describe SCIM users and groups, each SCIM resource entry including a plurality of SCIM attributes including an externalID and a resource type identifying the SCIM resource entry as belonging to a user or a group, each SCIM attribute including a name and one or more values; migrating the plurality of LDAP DIT entries to the SCIM directory, including storing the LDAP DIT hierarchical information in the SCIM directory by mapping LDAP user DNs and group DNs to SCIM user externalIDs and group externalIDs, respectively; receiving, from an LDAP-based application over a network, an LDAP operation request including an LDAP add request, an LDAP delete request, an LDAP modify request, or an LDAP search request; processing the LDAP operation request; and returning an LDAP operation response to the LDAP-based application over the network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for hierarchically processing LDAP (Lightweight Directory Access Protocol) operations against a SCIM (System for Cross-domain Identity Management) directory, the method comprising:
-
providing an LDAP Directory Information Tree (DIT) including a plurality of LDAP DIT entries that describe LDAP containers, users and groups, each LDAP DIT entry including a Distinguished Name (DN) and a plurality of LDAP attribute-value pairs, the DN providing LDAP DIT hierarchical information that uniquely identifies the LDAP DIT entry and describes a hierarchical position of the LDAP DIT entry in the LDAP DIT, each LDAP attribute-value pair including an attribute name and one or more attribute values; providing a SCIM directory including a plurality of SCIM resource entries that describe SCIM users and groups, each SCIM resource entry including a plurality of SCIM attributes including an externalID and a resource type identifying the SCIM resource entry as belonging to a user or a group, each SCIM attribute including a name and one or more values; migrating the plurality of LDAP DIT entries to the SCIM directory, including storing the LDAP DIT hierarchical information in the SCIM directory by mapping LDAP user DNs and group DNs to SCIM user externalIDs and group externalIDs, respectively; receiving, from an LDAP-based application over a network, an LDAP operation request including an LDAP add request, an LDAP delete request, an LDAP modify request, or an LDAP search request; processing the LDAP operation request; and returning an LDAP operation response to the LDAP-based application over the network. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A system, comprising:
-
a memory; and one or more processors, coupled to the memory and a network, configured to hierarchically process LDAP (Lightweight Directory Access Protocol) operations against a SCIM (System for Cross-domain Identity Management) directory, the processing including; providing an LDAP Directory Information Tree (DIT) including a plurality of LDAP DIT entries that describe LDAP containers, users and groups, each LDAP DIT entry including a Distinguished Name (DN) and a plurality of LDAP attribute-value pairs, the DN providing LDAP DIT hierarchical information that uniquely identifies the LDAP DIT entry and describes a hierarchical position of the LDAP DIT entry in the LDAP DIT, each LDAP attribute-value pair including an attribute name and one or more attribute values, providing a SCIM directory including a plurality of SCIM resource entries that describe SCIM users and groups, each SCIM resource entry including a plurality of SCIM attributes including an externalID and a resource type identifying the SCIM resource entry as belonging to a user or a group, each SCIM attribute including a name and one or more values, migrating the plurality of LDAP DIT entries to the SCIM directory, including storing the LDAP DIT hierarchical information in the SCIM directory by mapping LDAP user DNs and group DNs to SCIM user externalIDs and group externalIDs, respectively, receiving, from an LDAP-based application over the network, an LDAP operation request including an LDAP add request, an LDAP delete request, an LDAP modify request, or an LDAP search request, processing the LDAP operation request, and returning an LDAP operation response to the LDAP-based application over the network. - View Dependent Claims (17, 18, 19, 20)
-
Specification