Providing mapped user account information to a storage server
First Claim
Patent Images
1. A method comprising:
- operating a first Lightweight Directory Access Protocol (LDAP) directory server and a second LDAP directory server which communicate with a storage server through a network;
extending an LDAP directory schema of the first LDAP directory server and the second LDAP directory server to store, at the first LDAP directory server, a first mapping of user account information from a first operating system to a second operating system, and to store, at the second LDAP directory server, a second mapping of the user account information from the second operating system to the first operating system, wherein each of the first and second LDAP directory serves retrieving the first and second mappings by searching LDAP records using user IDs, and by automatically limiting searches of the LDAP records for the user account information within a domain to which the user belongs, the domain being a subtree of a directory tree;
in response to a first request from the storage server to map a Unix user'"'"'s ID to a Windows account, searching for and identifying the Unix user by the first LDAP directory server with ldap.nssmap.objectClass.posixAccount and ldap.nssmap.attribute.uid, retrieving the Windows account with ldap.usermap.attribute.windowsaccount as an LDAP query attribute, and returning the Windows account, to the storage server; and
in response to a second request from the storage server to map the Windows account to the Unix user, determining an identifier of the Unix user by the second LDAP directory server with ldap.usermap.windows-to-unix.objectClass and ldap.usermap.attribute.unixaccount, and returning the identifier of the Unix user, to the storage server,wherein the identifier of the Unix user determined in response to the second request is different from the Unix user'"'"'s ID in the first request.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for storage of user mapping data associated with users of data stored by storage servers includes operating multiple storage servers, each configured to provide a set of clients with access to data stored in a set of mass storage devices, and using one or more directory servers, which may be coupled to the storage servers via a network. The directory server stores and provides access to user account information associated with a second operating system based on user account information associated with a first operating system, when the user account information associated with the second operating system is needed to access data stored in accordance with the second operating system.
37 Citations
15 Claims
-
1. A method comprising:
-
operating a first Lightweight Directory Access Protocol (LDAP) directory server and a second LDAP directory server which communicate with a storage server through a network; extending an LDAP directory schema of the first LDAP directory server and the second LDAP directory server to store, at the first LDAP directory server, a first mapping of user account information from a first operating system to a second operating system, and to store, at the second LDAP directory server, a second mapping of the user account information from the second operating system to the first operating system, wherein each of the first and second LDAP directory serves retrieving the first and second mappings by searching LDAP records using user IDs, and by automatically limiting searches of the LDAP records for the user account information within a domain to which the user belongs, the domain being a subtree of a directory tree; in response to a first request from the storage server to map a Unix user'"'"'s ID to a Windows account, searching for and identifying the Unix user by the first LDAP directory server with ldap.nssmap.objectClass.posixAccount and ldap.nssmap.attribute.uid, retrieving the Windows account with ldap.usermap.attribute.windowsaccount as an LDAP query attribute, and returning the Windows account, to the storage server; and in response to a second request from the storage server to map the Windows account to the Unix user, determining an identifier of the Unix user by the second LDAP directory server with ldap.usermap.windows-to-unix.objectClass and ldap.usermap.attribute.unixaccount, and returning the identifier of the Unix user, to the storage server, wherein the identifier of the Unix user determined in response to the second request is different from the Unix user'"'"'s ID in the first request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method comprising:
-
accessing, from a storage server, a first Lightweight Directory Access Protocol (LDAP) directory server that stores a first mapping of user account information from a first operating system to a second operating system and a second LDAP directory server that stores a second mapping of the user account information from the second operating system to the first operating system, wherein each of the first and second LDAP directory servers retrieving the first and second mappings by searching LDAP records using user identifiers, and by automatically limiting searches of the LDAP records for the user account information within a domain to which the user belongs, the domain being a subtree of a directory tree; in response to a first request from a first client, the storage server accessing the first LDAP directory server to map a Unix user'"'"'s ID to a Windows account, wherein the first LDAP directory server searches for and identifies the Unix user with ldap.nssmap.objectClass.posix.Account and ldap.nssmap.attribute.uid, retrieves the Windows account with ldap.usermap.attribute.windowsaccount as an LDAP query attribute, and returns the Windows account to the storage server; and in response to a second request from a second client, the storage server accessing the second LDAP directory server to map the Windows account to the Unix user, wherein the second LDAP directory server determines an identifier of the Unix user with lap.usermap.windows-to-unix.objectClass and ldap.usermap.attribute.unixaccount, and returns the identifier of the Unix user to the storage server, wherein the identifier of the Unix user determined in response to the second request is different from the Unix user'"'"'s ID in the first request; and operating the storage server to provide the first client and the second client with access to data on the storage server upon the storage server receiving the user account information from the first LDAP directory server and the second LDAP directory server. - View Dependent Claims (10, 11)
-
-
12. A storage server comprising:
-
a processor; a storage adapter through which to communicate with a set of mass storage devices; a network adapter through which to communicate with a client; and a memory containing instructions to cause the processor to; receive at the storage server a request by a client for access to data stored by the storage server, the request including a first set of user account information of a user associated with a first operating system; access a first Lightweight Directory Access Protocol (LDAP) directory server that stores a first mapping of user account information from a first operating system to a second operating system and a second LDAP directory server that stores a second mapping from the second operating system to the first operating system, wherein each of the first and second LDAP directory servers retrieving the first and second mappings by searching LDAP records using user identifiers, and by automatically limiting searches of the LDAP records for the user account information within a domain to which the user belongs, the domain being a subtree of a directory tree representing the first mapping or the second mapping; in response to a first request, access the first LDAP directory server to map a Unix user'"'"'s ID to a Windows account, wherein the first LDAP directory server searches for and identifies the Unix user with ldap.nssmap.objectClass.posix.Account and ldap.nssmap.attribute.uid, retrieves the Windows account with the ldap.usermap.attribute.windowsaccount as an LDAP query attribute, and returns the Windows account to the storage server; in response to a second request, access the second LDAP directory server to map the Windows account to the Unix user, wherein the second LDAP directory server determines an identifier of the Unix user with the ldap.usermap.windows-to-unix.objectClass and ldap.usermap.attribute.unixaccount, and returns the identifier of the Unix user to the storage server, wherein the identifier of the Unix user determined in response to the second request is different from the Unix user'"'"'s ID in the first request; and receive at the storage server user account information. - View Dependent Claims (13, 14, 15)
-
Specification