Method for managing objects created in a directory service
First Claim
1. A computer implemented method for selective restoring of policy objects associated with a directory service of a computer system, comprising:
- backing up a plurality of the policy objects associated with the directory service of the computer system;
detecting a problem with a selected one of the plurality of policy objects; and
restoring the selected one of the plurality of policy objects without restoring others of the plurality of policy objects, further comprising at least one of the following;
wherein backing up includes storing object settings, links to directory service objects, and security information regarding directory service objects;
wherein restoring includes restoring the selected one of the plurality of objects to a domain of the computer system from which it was backed up;
wherein restoring includes restoring the selected one of the plurality of objects to a parent domain of a domain of the computer system from which it was backed up;
wherein restoring includes restoring the selected one of the plurality of objects to a child domain of a domain of the computer system from which it was backed up;
orwherein a security privilege of the computer system is required to effect a particular setting of the policy objects and wherein the method further comprises delegating the security privilege to selected users for selected objects in the directory service, wherein various levels of security privileges can be delegated and wherein the levels of security privileges that can be delegated include the ability to configure an entire policy object or the ability to configure only one or a plurality of administrative templates contained in a policy object.
20 Assignments
0 Petitions
Accused Products
Abstract
A computerized method for managing objects created in a directory service of a distributed computing environment, including a component for backing up and restoring a single or plurality of directory service objects, a component for delegating security privileges to permit access to directory service objects, a component for retrieving data in policy storage format and representing the data in human-readable form, a component having a graphical user interface including a display capable of searching and reporting policy storage data in human readable form, a component capable of replicating a single or plurality of directory service objects across the domain tree boundaries of the directory service, a component for analyzing the effect a particular setting will have on a particular target represented as a directory service object before the setting is added to the directory service.
19 Citations
19 Claims
-
1. A computer implemented method for selective restoring of policy objects associated with a directory service of a computer system, comprising:
-
backing up a plurality of the policy objects associated with the directory service of the computer system; detecting a problem with a selected one of the plurality of policy objects; and restoring the selected one of the plurality of policy objects without restoring others of the plurality of policy objects, further comprising at least one of the following; wherein backing up includes storing object settings, links to directory service objects, and security information regarding directory service objects; wherein restoring includes restoring the selected one of the plurality of objects to a domain of the computer system from which it was backed up; wherein restoring includes restoring the selected one of the plurality of objects to a parent domain of a domain of the computer system from which it was backed up; wherein restoring includes restoring the selected one of the plurality of objects to a child domain of a domain of the computer system from which it was backed up;
orwherein a security privilege of the computer system is required to effect a particular setting of the policy objects and wherein the method further comprises delegating the security privilege to selected users for selected objects in the directory service, wherein various levels of security privileges can be delegated and wherein the levels of security privileges that can be delegated include the ability to configure an entire policy object or the ability to configure only one or a plurality of administrative templates contained in a policy object. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer system configured for selective restoring of policy objects associated with a directory service of a computer system, comprising:
- means for backing up a plurality of the policy objects associated with the directory service of the computer system;
means for detecting a problem with a selected one of the plurality of policy objects; and means for restoring the selected one of the plurality of policy objects without restoring others of the plurality of policy objects, further comprising at least one of the following; wherein the means for backing up includes means for storing object settings, links to directory service objects, and security information regarding directory service objects; wherein the means for restoring includes means for restoring the selected one of the plurality of objects to a domain of the computer system from which it was backed up; wherein the means for restoring includes means for restoring the selected one of the plurality of objects to a parent domain of a domain of the computer system from which it was backed up; wherein the means for restoring includes means for restoring the selected one of the plurality of objects to a child domain of a domain of the computer system from which it was backed up;
orwherein a security privilege of the computer system is required to effect a particular setting of the policy objects and wherein the system further comprises means for delegating the security privilege to selected users for selected objects in the directory service, wherein various levels of security privileges can be delegated and wherein the levels of security privileges that can be delegated include the ability to configure an entire policy object or the ability to configure only one or a plurality of administrative templates contained in a policy object.
- means for backing up a plurality of the policy objects associated with the directory service of the computer system;
Specification