Client-specific transformation of distributed data

US 7,774,310 B2
Filed: 04/27/2007
Issued: 08/10/2010
Est. Priority Date: 04/27/2007
Status: Expired due to Fees

First Claim

Patent Images

1. A system comprising:

a server communicatively connected to a global data store, the global data store containing global data including at least one global object comprising at least one attribute represented by a set of values; and

wherein the server is operative to transfer to a client a complete copy of the global data and at least one transformation rule, the at least one transformation rule configured to be used by the client to generate client-specific data from the complete copy of the global data, wherein the client-specific data is to be stored in a local data store of the client to the global data, wherein the at least one transformation rule is further configured to transform a global set of administrators identified in the complete copy of the global data into a client-specific set of administrators different from the global set of administrators, the at least one transformation rule including;

a scope including one or more rules configured to assign the at least one transformation rule to the client, the one or more rules selected from a group comprising;

a list of one or more clients;

Boolean predicates specific to properties of the client including client name;

organizational unit membership; and

security group membership;

a priority configured to prioritize the at least one transformation rule with respect to other transformation rules; and

a transformation that defines an operation applied to the at least one global object, wherein the transformation includes at least one of;

an object override configured to replace the global set of administrators with the client-specific set of administrators;

a value exclusion configured to remove one or more administrators from the global set of administrators; and

a value extension configured to add one or more administrators to the global set of administrators.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data store is distributed between a server and a client. The distributed data store includes global data. A transformation is applied to the global data to generate client-specific data based on the global data. The client-specific data is stored on the client which uses the client-specific data to perform tasks relating to the client-specific data.

Citations

19 Claims

1. A system comprising:
- a server communicatively connected to a global data store, the global data store containing global data including at least one global object comprising at least one attribute represented by a set of values; and
  
  wherein the server is operative to transfer to a client a complete copy of the global data and at least one transformation rule, the at least one transformation rule configured to be used by the client to generate client-specific data from the complete copy of the global data, wherein the client-specific data is to be stored in a local data store of the client to the global data, wherein the at least one transformation rule is further configured to transform a global set of administrators identified in the complete copy of the global data into a client-specific set of administrators different from the global set of administrators, the at least one transformation rule including;
  
  a scope including one or more rules configured to assign the at least one transformation rule to the client, the one or more rules selected from a group comprising;
  
  a list of one or more clients;
  
  Boolean predicates specific to properties of the client including client name;
  
  organizational unit membership; and
  
  security group membership;
  
  a priority configured to prioritize the at least one transformation rule with respect to other transformation rules; and
  
  a transformation that defines an operation applied to the at least one global object, wherein the transformation includes at least one of;
  
  an object override configured to replace the global set of administrators with the client-specific set of administrators;
  
  a value exclusion configured to remove one or more administrators from the global set of administrators; and
  
  a value extension configured to add one or more administrators to the global set of administrators.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein the global data is global policy data.
  - 3. The system of claim 2, wherein the client-specific data is client-specific policy data.
  - 4. The system of claim 1, wherein the server is a domain controller.
  - 5. The system of claim 4, wherein the transformation rule is stored in the global data store.
  - 6. The system of claim 4, wherein the transformation rule is stored in the local data store.

7. A computer storage medium containing computer executable instructions which when executed by a computer perform a method of generating client-specific data, the method comprising:
- storing global data in a memory of a computing device including at least one global object comprising at least one attribute represented by a set of values;
  
  storing transformation rules in the memory of the computing device, including at least one transformation rule configured to transform a global set of administrators into a client- specific set of administrators different from the global set of administrators, the at least one transformation rule including;
  
  a scope including one or more rules configured to assign the at least one transformation rule to one or more clients, the one or more rules selected from a group comprising;
  
  a list of one or more clients;
  
  Boolean predicates specific to properties of each of the one or more clients including client name;
  
  organizational unit membership; and
  
  security group membership;
  
  a priority configured to prioritize the at least one transformation rule with respect to remaining transformation rules; and
  
  a transformation that defines an operation applied to the at least one global object, wherein the transformation includes at least one of;
  
  an object override configured to replace the global set of administrators with the client-specific set of administrators;
  
  a value exclusion configured to remove one or more administrators from the global set of administrators; and
  
  a value extension configured to add one or more administrators to the global set of administrators;
  
  applying with the computing device the transformation rules to the global data in an order corresponding to the priority to generate client-specific data; and
  
  storing the client-specific data in the memory of the computing device the client-specific data configured to be used by a client of the one or more clients that is within the scope of the transformation rules.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15)
- - 8. The computer storage medium of claim 7, wherein applying the transformation rules to the global data is performed by a server.
  - 9. The computer storage medium of claim 7, wherein applying the transformation rules to the global data is performed by the client of the one or more clients after receiving the global data from a server.
  - 10. The computer storage medium of claim 7, wherein applying the transformation rules to the global data is performed by a domain controller.
  - 11. The computer storage medium of claim 7, wherein storing the client-specific data comprises storing the client-specific data in a registry of the client of the one or more clients.
  - 12. The computer storage medium of claim 7, wherein defining global data comprises defining a policy.
  - 13. The computer storage medium of claim 7, wherein storing the client-specific data comprises storing the client-specific data on a local data store of the client of the one or more clients.
  - 14. The computer storage medium of claim 7, wherein the transformation rules are divided into a server set of transformation rules and a client set of transformation rules.
  - 15. The computer storage medium of claim 7, wherein the global data conforms to a lightweight directory access protocol.

16. A directory service database comprising:
- a first domain controller having a global data store containing global policy data, wherein the first domain controller distributes the global policy data;
  
  a second domain controller storing transformed global policy data used to determine access rights, wherein the transformed global policy data is generated by applying a transformation rule to the global policy data comprising transforming a global set of administrators into a client-specific set of administrators different from the global set of administrators; and
  
  a local data store communicatively connected to the second domain controller, the local data store containing transformation rules that are applied to the global policy data by the second domain controller to generate transformed global policy data, wherein each of the transformation rules comprise;
  
  a scope including one or more rules configured to assign a respective transformation rule to a client, the one or more rules selected from a group comprising;
  
  a list of one or more clients;
  
  Boolean predicates specific to properties of the client including client name;
  
  organizational unit membership; and
  
  security group membership;
  
  a priority configured to prioritize the at least one transformation rule with respect to other transformation rules; and
  
  a transformation that defines an operation applied to the at least one global object, wherein the transformation includes at least one of;
  
  an object override configured to replace the global set of administrators with the client-specific set of administrators;
  
  a value exclusion configured to remove one or more administrators from the global set of administrators; and
  
  a value extension configured to add one or more administrators to the global set of administrators.
- View Dependent Claims (17, 18, 19)
- - 17. The directory service database of claim 16, wherein the global data store of the first domain controller is a distributed data store comprising a directory service.
  - 18. The directory service database of claim 16, wherein the global policy data conforms to lightweight directory access protocol.
  - 19. The directory service database of claim 16, wherein the transformed global policy data is registry data stored in a registry.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
He, Xin, Balarajan, Sanjeev, Muggli, Nathan, Gavrilov, Dmitri
Primary Examiner(s)
Wong; Don
Assistant Examiner(s)
Hwa; Shyue Jiunn

Application Number

US11/741,521
Publication Number

US 20080270413A1
Time in Patent Office

1,201 Days
Field of Search

None
US Class Current

707/636
CPC Class Codes

G06F 16/258   Data format conversion from...

G06F 16/27   Replication, distribution o...

H04L 61/4552   Lookup mechanisms between a...

H04L 67/1095   Replication or mirroring of...

H04L 67/306   User profiles

H04L 67/56   Provisioning of proxy servi...

H04L 67/568   Storing data temporarily at...

Client-specific transformation of distributed data

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Client-specific transformation of distributed data

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links