Preserving LDAP Hierarchy in a SCIM Directory Using Special Marker Groups
First Claim
1. A computer-readable medium having instructions stored thereon that, when executed by at least one processor, cause the processor to preserve Lightweight Directory Access Protocol (LDAP) hierarchy in a System for Cross-domain Identity Management (SCIM) directory, the processing comprising:
- providing an LDAP Directory Information Tree (DIT) including a plurality of LDAP DIT entries that describe LDAP containers, users and groups, each LDAP DIT entry including a Distinguished Name (DN) and a plurality of LDAP attribute-value pairs, the DN providing LDAP DIT hierarchical information that uniquely identifies the LDAP DIT entry and describes a hierarchical position of the LDAP DIT entry in the LDAP DIT, each LDAP attribute-value pair including an attribute name and one or more attribute values;
providing a SCIM directory including a plurality of SCIM resource entries that describe SCIM users and groups, each SCIM resource entry including a plurality of SCIM attributes including an externallD and a resource type identifying the SCIM resource entry as belonging to a user or a group, each SCIM attribute including a name and one or more values;
migrating the plurality of LDAP DIT entries to the SCIM directory, including storing the LDAP DIT hierarchical information in the SCIM directory by mapping LDAP containers in the LDAP DIT to special marker SCIM groups in the SCIM directory;
receiving, from an LDAP-based application over a network, an LDAP operation request including an LDAP add request, an LDAP delete request, an LDAP modify request, or an LDAP search request;
processing the LDAP operation request; and
returning an LDAP operation response to the LDAP-based application over the network.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for hierarchically processing Lightweight Directory Access Protocol (LDAP) operations against a System for Cross-domain Identity Management (SCIM) directory is provided. The method includes providing an LDAP Directory Information Tree (DIT) including a plurality of LDAP DIT entries that describe LDAP containers, users and groups, providing a SCIM directory including a plurality of SCIM resource entries that describe SCIM users and groups, migrating the plurality of LDAP DIT entries to the SCIM directory including storing the LDAP DIT hierarchical information in the SCIM directory by mapping LDAP containers in the LDAP DIT to special marker SCIM groups in the SCIM directory, receiving, from an LDAP-based application over a network, an LDAP operation request, processing the LDAP operation request, and returning an LDAP operation response to the LDAP-based application over the network.
-
Citations
20 Claims
-
1. A computer-readable medium having instructions stored thereon that, when executed by at least one processor, cause the processor to preserve Lightweight Directory Access Protocol (LDAP) hierarchy in a System for Cross-domain Identity Management (SCIM) directory, the processing comprising:
-
providing an LDAP Directory Information Tree (DIT) including a plurality of LDAP DIT entries that describe LDAP containers, users and groups, each LDAP DIT entry including a Distinguished Name (DN) and a plurality of LDAP attribute-value pairs, the DN providing LDAP DIT hierarchical information that uniquely identifies the LDAP DIT entry and describes a hierarchical position of the LDAP DIT entry in the LDAP DIT, each LDAP attribute-value pair including an attribute name and one or more attribute values; providing a SCIM directory including a plurality of SCIM resource entries that describe SCIM users and groups, each SCIM resource entry including a plurality of SCIM attributes including an externallD and a resource type identifying the SCIM resource entry as belonging to a user or a group, each SCIM attribute including a name and one or more values; migrating the plurality of LDAP DIT entries to the SCIM directory, including storing the LDAP DIT hierarchical information in the SCIM directory by mapping LDAP containers in the LDAP DIT to special marker SCIM groups in the SCIM directory; receiving, from an LDAP-based application over a network, an LDAP operation request including an LDAP add request, an LDAP delete request, an LDAP modify request, or an LDAP search request; processing the LDAP operation request; and returning an LDAP operation response to the LDAP-based application over the network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for preserving Lightweight Directory Access Protocol (LDAP) hierarchy in a System for Cross-domain Identity Management (SCIM) directory, the method comprising:
-
providing an LDAP Directory Information Tree (DIT) including a plurality of LDAP DIT entries that describe LDAP containers, users and groups, each LDAP DIT entry including a Distinguished Name (DN) and a plurality of LDAP attribute-value pairs, the DN providing LDAP DIT hierarchical information that uniquely identifies the LDAP DIT entry and describes a hierarchical position of the LDAP DIT entry in the LDAP DIT, each LDAP attribute-value pair including an attribute name and one or more attribute values; providing a SCIM directory including a plurality of SCIM resource entries that describe SCIM users and groups, each SCIM resource entry including a plurality of SCIM attributes including an externallD and a resource type identifying the SCIM resource entry as belonging to a user or a group, each SCIM attribute including a name and one or more values; migrating the plurality of LDAP DIT entries to the SCIM directory, including storing the LDAP DIT hierarchical information in the SCIM directory by mapping LDAP containers in the LDAP DIT to special marker SCIM groups in the SCIM directory; receiving, from an LDAP-based application over a network, an LDAP operation request including an LDAP add request, an LDAP delete request, an LDAP modify request, or an LDAP search request; processing the LDAP operation request; and returning an LDAP operation response to the LDAP-based application over the network. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A system for preserving Lightweight Directory Access Protocol (LDAP) hierarchy in a System for Cross-domain Identity Management (SCIM) directory, the system comprising:
-
a first processor, coupled to a network, configured to; provide an LDAP Directory Information Tree (DIT), stored in a first memory coupled to the first processor, including a plurality of LDAP DIT entries that describe LDAP containers, users and groups, each LDAP DIT entry including a Distinguished Name (DN) and a plurality of LDAP attribute-value pairs, the DN providing LDAP DIT hierarchical information that uniquely identifies the LDAP DIT entry and describes a hierarchical position of the LDAP DIT entry in the LDAP DIT, each LDAP attribute-value pair including an attribute name and one or more attribute values; a second processor, coupled to the network, configured to; provide a SCIM directory, stored in a second memory coupled to the second processor, including a plurality of SCIM resource entries that describe SCIM users and groups, each SCIM resource entry including a plurality of SCIM attributes including an externallD and a resource type identifying the SCIM resource entry as belonging to a user or a group, each SCIM attribute including a name and one or more values; migrate the plurality of LDAP DIT entries to the SCIM directory, including storing the LDAP DIT hierarchical information in the SCIM directory by mapping LDAP containers in the LDAP DIT to special marker SCIM groups in the SCIM directory; receive, from an LDAP-based application over the network, an LDAP operation request including an LDAP add request, an LDAP delete request, an LDAP modify request, or an LDAP search request; process the LDAP operation request; and return an LDAP operation response to the LDAP-based application over the network. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification