Managing distributed computers

US 8,028,077 B1
Filed: 07/12/2002
Issued: 09/27/2011
Est. Priority Date: 07/12/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method of managing at least one client computer on a network, comprising the acts of:

managing a client computer, under the control of the client computer, using information retrieved from the network such that the client computer is operable to manage the information when disconnected from the network, the managing including;

determining, in the client computer, a unique identifier for the client computer in response to activating a login system of the client computer, the unique identifier being unique to the client computer such that the unique identifier is determinable before user login on the client computer;

determining, under the control of the client computer, location information for the client computer;

locating, under the control of the client computer, a first record in a directory service of a server via the network, the first record associated with the unique identifier for the client computer, the server separate from the client computer, the client computer operating connected to the network;

retrieving the first record into the client computer from the network such that the first record is received from the network into the client computer through a cache of the client computer such that the cache operates as a first source of the first record and other records retrieved from the network for use in and by the client computer;

locating, under the control of the client computer, a second record associated with the location information, wherein each of the first and second records comprises preference data;

locating, under the control of the client computer, management information associated with the first and second records, wherein the management information includes policy data;

combining, in the client computer, the preference data from the first and second records into managed preference data that a user is not allowed to change and unmanaged preference data that a user is allowed to change, based on the policy data;

sending, internally in the client computer, current computer records and location records of the client computer to the cache following the combining of the preference data, while connected to the network prior to user login on the client computer, such that the cache, running concurrently a login window of the client computer, operates on the current computer and location records in the cache; and

managing, in the client computer, the client computer through use of said managed preference data and said unmanaged preference data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, apparatus, system, and signal-bearing medium that in an embodiment provides for a management and resource policy for computers. The policy may control whether users can access or not access local and network software and hardware resources and affects the computer'"'"'s human interface. A hierarchy of management data may be combined into managed and unmanaged preference data and conflicts within the management data are resolved based on the policy.

64 Citations

View as Search Results

67 Claims

1. A method of managing at least one client computer on a network, comprising the acts of:
- managing a client computer, under the control of the client computer, using information retrieved from the network such that the client computer is operable to manage the information when disconnected from the network, the managing including;
  
  determining, in the client computer, a unique identifier for the client computer in response to activating a login system of the client computer, the unique identifier being unique to the client computer such that the unique identifier is determinable before user login on the client computer;
  
  determining, under the control of the client computer, location information for the client computer;
  
  locating, under the control of the client computer, a first record in a directory service of a server via the network, the first record associated with the unique identifier for the client computer, the server separate from the client computer, the client computer operating connected to the network;
  
  retrieving the first record into the client computer from the network such that the first record is received from the network into the client computer through a cache of the client computer such that the cache operates as a first source of the first record and other records retrieved from the network for use in and by the client computer;
  
  locating, under the control of the client computer, a second record associated with the location information, wherein each of the first and second records comprises preference data;
  
  locating, under the control of the client computer, management information associated with the first and second records, wherein the management information includes policy data;
  
  combining, in the client computer, the preference data from the first and second records into managed preference data that a user is not allowed to change and unmanaged preference data that a user is allowed to change, based on the policy data;
  
  sending, internally in the client computer, current computer records and location records of the client computer to the cache following the combining of the preference data, while connected to the network prior to user login on the client computer, such that the cache, running concurrently a login window of the client computer, operates on the current computer and location records in the cache; and
  
  managing, in the client computer, the client computer through use of said managed preference data and said unmanaged preference data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 57, 58, 64, 65, 66, 67)
- - 2. The method of claim 1, wherein the combining further comprises resolving conflicts among the preference data in accordance with the policy data.
  - 3. The method of claim 1, further comprising:
    - detecting that location of the client computer has changed;
      
      locating a third record based, at least in part, on location information that corresponds to the changed location of the client computer and locating management information associated with the third record; and
      
      updating the preference data with preference data of the third record based, at least in part, on the management information associated with the third record.
  - 4. The method of claim 1, further comprising:
    - detecting that the client computer has disconnected from the network; and
      
      updating the unmanaged preference data in response to the detecting.
  - 5. The method of claim 1, further comprising:
    - notifying an application of the managed preference data and the unmanaged preference data.
  - 6. The method of claim 5, further comprising:
    - changing access to a user-interface element in response to the notifying.
  - 7. The method of claim 6, wherein the changing access further comprises:
    - enabling access to the user-interface element for an item in the unmanaged preference data.
  - 8. The method of claim 6, wherein the changing access further comprises:
    - disabling access to the user-interface element for an item in the managed preference data.
  - 9. The method of claim 1, wherein the combining further comprises retrieving and utilizing default preference data.
  - 10. The method of claim 1, wherein the unmanaged preference data is unmodified when the managed preference data is removed.
  - 11. The method of claim 1, further comprising:
    - removing the managed preference data when the management information changes.
  - 57. The method of claim 1, further comprising:
    - determining an identifier for a user;
      
      determining a group;
      
      locating a third and a fourth records in a directory service based, at least in part, on the user identifier and the group, respectively; and
      
      retrieving management information associated with the third and fourth records,wherein the combining also combines the preference data of the first and the second records with the preference data of the third and fourth records in accordance with the management information.
  - 58. The method of claim 1, further comprising checking, in the cache of the client computer, an age of previously cached client computer records and location records and, upon determining that the cached client computer records or the cached location records are out-of-date, updating the cache with the records and the management information.
  - 64. The method of claim 1, wherein the method includes managing the client computer configured as a mobile client.
  - 65. The method of claim 1, wherein all records, acquired from the network, that correspond to preference data for managing the client computer, in the client computer, are received from the network into the client computer through the cache of the client computer.
  - 66. The method of claim 1, wherein the combining further comprises resolving conflicts between managed preference data and unmanaged preference data in accordance with the policy data.
  - 67. The method of claim 1, wherein managing, in the client computer, the client computer includes, in accordance with the policy data, designating default management information to be applied if no other applicable management is determined and creating temporary managed preference data that is only in effect when in a specified hierarchical environment.

12. An apparatus for managing at least one client computer on a network, comprising:
- means for determining, in the client computer, a unique identifier for the client computer in response to activating a login system of the client computer, the unique identifier being unique to the client computer such that the unique identifier is determinable before user login on the client computer;
  
  means, in the client computer, for determining location information for the client computer;
  
  means, in the client computer, for locating a first record in a directory service of a server via the network, the first record associated with the unique identifier for the client computer and for locating a second record associated with the location information and for locating management information associated with the first and second records, wherein each of the records comprise preference data and the management information includes policy data, the server separate from the client computer;
  
  a cache in the client computer, the cache configured to receive the first record from the network such that the first record is received from the network into the client computer through the cache of the client computer such that the cache operates as a first source of the first record received from the network for use in and by the client computer, the cache configured to receive, from internally in the client computer, computer records and current location records of the client computer following combining the preference data from the first and second records prior to user login on the client computer, while connected to the network, such that the cache is operable to run concurrently a login window of the client computer and operate on the current computer and location records in the cache;
  
  means, in the client computer, for combining the preference data from the first and second records into managed preference data that a user is not allowed to change and unmanaged preference data that a user is allowed to change, based on the policy data; and
  
  means, in the client computer, for managing the client computer through use of said managed preference data and said unmanaged preference data, wherein all records, acquired from the network, that correspond to preference data for managing the client computer, in the client computer, are received from the network into the client computer through the cache of the client computer such that the cache operates as a first source of the records received from the network for use in and by the client computer.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 59, 60)
- - 13. The apparatus of claim 12, wherein the means for combining further comprises means for resolving a conflict among the preference data in accordance with the policy data.
  - 14. The apparatus of claim 12, further comprising:
    - means for detecting that location of the client computer has changed;
      
      means for locating a third record based, at least in part, on location information that corresponds to the change location of the client computer and for locating management information associated with the third record; and
      
      updating the preference data with preference data of the third record based, at least in part, on the management information associated with the third record.
  - 15. The apparatus of claim 12, further comprising:
    - means for detecting that the hierarchy of management data has changed; and
      
      means for notifying an application of the managed preference data and the unmanaged preference data in response to the detecting.
  - 16. The apparatus of claim 15 further comprising:
    - means for changing access to a user-interface element in response to the notifying.
  - 17. The apparatus of claim 16, wherein the means for changing access further comprises:
    - means for enabling access to the user-interface element for an item in the unmanaged preference data.
  - 18. The apparatus of claim 16, wherein the means for changing access further comprises:
    - means for disabling access to the user-interface element for an item in the managed preference data.
  - 19. The apparatus of claim 12, wherein the means for combining further comprises means for retrieving and utilizing default preference data.
  - 20. The apparatus of claim 12, wherein the unmanaged preference data is unmodified when the managed preference data is removed.
  - 21. The apparatus of claim 12, further comprising:
    - means for removing the managed preference data when the management information changes.
  - 59. The apparatus of claim 12 further comprising:
    - means for determining an identifier for a user;
      
      means for determining a group;
      
      means for locating a third and a fourth records in a directory service based, at least in part, on the user identifier and the group, respectively; and
      
      means for retrieving management information associated with the third and fourth records,wherein the means for combining also combine the preference data of the first and the second records with the preference data of the third and fourth records in accordance with the management information.
  - 60. The apparatus of claim 12 further comprising checking, in the cache of the client computer, an age of previously cached client computer records and location records and, upon determining that the cached client computer records or the cached location records are out-of-date, updating the cache with the records and the management information.

22. A signal-bearing non-transitory storage medium encoded with instructions, wherein the instructions when executed comprise:
- determining, in a client computer, a unique identifier for the client computer attached to a network in response to activating a login system of the client computer, the unique identifier being unique to the client computer such that the unique identifier is determinable before user login on the client computer;
  
  determining, under the control of the client computer, location information for the client computer;
  
  locating, under the control of the client computer, a first record in a directory service of a server via the network, the first record associated with the unique identifier for the client computer, the server separate from the client computer, the client computer operating connected to the network;
  
  retrieving the first record into the client computer from the network such that the first record is received from the network into the client computer through a cache of the client computer;
  
  locating, under the control of the client computer, a second record associated with the location information, wherein each of the first and second records comprises preference data;
  
  locating, under the control of the client computer, management information associated with the first and second records, wherein the management information includes policy data;
  
  combining, in the client computer, the preference data from the first and second records into managed preference data that a user is not allowed to change and unmanaged preference data that a user is allowed to change, based on the policy data;
  
  managing, in the client computer, the client computer through use of said managed preference data and said unmanaged preference data, wherein all records, acquired from the network, that correspond to preference data for managing the client computer, in the client computer, are received from the network into the client computer through the cache of the client computer such that the cache operates as a first source of the records acquired from the network for use in and by the client computer; and
  
  sending, internally in the client computer, current computer records and location records of the client computer to the cache following the combining of the preference data, while connected to the network prior to user login on the client computer, such that the cache, running concurrently a login window of the client computer, operates on the current computer and location records in the cache.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 61, 62)
- - 23. The signal-bearing non-transitory storage medium of claim 22, wherein the combining further comprises resolving conflicts among the preference data in accordance with the policy data.
  - 24. The signal-bearing non-transitory storage medium of claim 22, wherein the instructions further comprise:
    - detecting that location of the client computer has changed;
      
      locating a third record based, at least in part, on location information that corresponds to the changed location of the client computer and locating management information associated with the third record; and
      
      updating the preference data with preference data of the third record based, at least in part, on the management information associated with the third record.
  - 25. The signal-bearing non-transitory storage medium of claim 22, wherein the instructions further comprise:
    - detecting that the client computer has disconnected from the network; and
      
      updating the unmanaged preference data in response to the detecting.
  - 26. The signal-bearing non-transitory storage medium of claim 22, further comprising:
    - notifying an application of the managed preference data and the unmanaged preference data.
  - 27. The signal-bearing non-transitory storage medium of claim 26, further comprising:
    - changing access to a user-interface element in response to the notifying.
  - 28. The signal-bearing non-transitory storage medium of claim 27, wherein the changing access further comprises:
    - enabling access to the user-interface element for an item in the unmanaged preference data.
  - 29. The signal-bearing non-transitory storage medium of claim 27, wherein the changing access further comprises:
    - disabling access to the user-interface element for an item in the managed preference data.
  - 61. The signal-bearing non-transitory storage medium of claim 22 further encoded with instructions executable to:
    - determine an identifier for a user;
      
      determine a group;
      
      locate a third and a fourth records in a directory service based, at least in part, on the user identifier and the group, respectively; and
      
      retrieve management information associated with the third and fourth records,wherein the combining also combines the preference data of the first and the second records with the preference data of the third and fourth records in accordance with the management information.
  - 62. The signal-bearing non-transitory storage medium of claim 22 further encoded with instructions executable to update the cache with the records and the management information.

30. A computer, comprising:
- one or more processors; and
  
  a storage device coupled to the one or more processors, wherein the storage device comprises instructions that, when executed on the one or more processors, perform operations that comprise;
  
  determining, in the computer, a unique identifier for the computer in response to activating a login system of the computer, the unique identifier being unique to the computer such that the unique identifier is determinable before user login on the computer, the computer operable as a client on a network;
  
  locating, under the control of the computer, in a directory service of a server, via the network with the computer operating connected to the network, the server separate from the computer, a first record associated with the computer, a second record associated with location information of the computer, and management information associated with the records, wherein the records each comprise preference data and wherein the management information includes policy data;
  
  retrieving the first record, the second record, and the management information into the computer from the network such that the first record, the second record, and the management information are received from the network into the computer through a cache of the computer such that the cache operates as a first source of the first record, the second record, and the management information received from the network for use in and by the client computer;
  
  combining, in the computer, the preference data from the first and second records into managed preference data that a user is not allowed to change and unmanaged preference data that a user is allowed to change, based on the policy data; and
  
  sending, internally in the computer, current computer records and location records of the computer to the cache following the combining of the preference data, while connected to the network prior to user login on the client computer, such that the cache, running concurrently a login window of the computer, operates on the current computer and location records in the cache.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
- - 31. The computer of claim 30, wherein the operations further comprise:
    - prohibiting the user from changing the managed preference data.
  - 32. The computer of claim 30, wherein the operations further comprise:
    - allowing the user to change the unmanaged preference data.
  - 33. The computer of claim 30, wherein the combining further comprises performing a union of the preference data.
  - 34. The computer of claim 30, wherein the combining further comprises resolving a conflict in the preference data based on the policy.
  - 35. The computer of claim 30, wherein the combining further comprises retrieving and utilizing default preference data.
  - 36. The computer of claim 30, wherein the unmanaged preference data is unmodified when the managed preference data is removed.
  - 37. The computer of claim 30, wherein the operations further comprise:
    - detecting that a location of the computer has changed; and
      
      updating the unmanaged preference data in response to the detecting.
  - 38. The computer of claim 30, wherein the operations further comprise:
    - detecting that the computer has disconnected from the network; and
      
      updating the unmanaged preference data in response to the detecting.
  - 39. The computer of claim 30, wherein the operations further comprise:
    - notifying an application of the managed preference data and the unmanaged preference data.
  - 40. The computer of claim 30, wherein the operations further comprise:
    - determining a second unique identifier when another user accesses the computer;
      
      locating a third record with the second unique identifier; and
      
      combining the preference data of the second and third records.
  - 41. The computer of claim 30, wherein the operations further comprise:
    - removing the managed preference data when environment changes.

42. A system comprising:
- a server that hosts a plurality of records, each of which includes preference data and that hosts management information associated with the plurality of records, the management information including policy data; and
  
  a client connected to the server via a network, the client separate from the server, wherein the client comprises;
  
  an environment detector to determine location information, to determine, in the client, a unique identifier for the client in response to activation of a login system of the client computer, the unique identifier being unique to the client such that the unique identifier is determinable before user login on the client, and to retrieve records from a directory service of the server, via the network, based, at least in part, on the location information and the unique identifier;
  
  a cache configured such that access to the records received from the network is through the cache such that the cache operates as a first source of the records received from the network for use in and by the client computer, the cache configured to receive, from internally in the client, computer records and current location records of the client following combining preference data from the retrieved records prior to user login on the client computer, while operably connected to the network, such that the cache is operable to run concurrently a login window of the client and operate on the current location records in the cache;
  
  a compositor to combine preference data from the retrieved records into managed preference data that a user is not allowed to change and unmanaged preference data that a user is allowed to change, based on the policy data; and
  
  a preference system to notify an application at the client of the managed preference data and the unmanaged preference data.
- View Dependent Claims (43, 44, 45, 46, 47, 48, 49, 50, 51, 52)
- - 43. The system of claim 42, wherein the compositor is further operable to give precedence to a first item in the preference data over a second item in the preference data based on the policy data.
  - 44. The system of claim 42, wherein the compositor is to resolve a conflict between items in the preference data based on the policy data.
  - 45. The system of claim 42, wherein the compositor is further to perform a union of the management information.
  - 46. The system of claim 42, wherein the compositor is further to designate default preference data when no applicable preference data is found.
  - 47. The system of claim 42, wherein unmanaged preference data is unmodified when the managed preference data is removed.
  - 48. The system of claim 42, wherein the cache is configured to store the managed preference data and the unmanaged preference data.
  - 49. The system of claim 42, wherein the preference system is further to notify the application when the managed preference data or the unmanaged preference data changes.
  - 50. The system of claim 42, wherein the preference system is further to prohibit the user from changing the managed preference data.
  - 51. The system of claim 42, wherein the preference system is further to allow the user to change the managed preference data.
  - 52. The system of claim 42, wherein the compositor is further to remove the managed preference data when the management information changes.

53. A method of managing a client attached to a network, comprising the acts of:
- determining, under the control of said client, for said client an identifier unique to said client in response to activating a login system of said client and location information for the client, the unique identifier being determined in said client, the unique identifier being unique to said client such that the unique identifier is determinable before user login on the client;
  
  accessing, under the control of said client, another location on said network to access a record that includes preference data associated with said unique identifier and a record that includes preference data associated with the location information;
  
  retrieving said records of preference data into said client from said network such that said records of preference data are received from said network into the client through a cache of the client such that the cache operates as a first source of said records received from said network for use in and by said client;
  
  combining, in said client, said records of preference data for said client into a first group of preferences for said client that may not be changed by a user, and a second group of preferences that may be changed by a user;
  
  establishing, in said client, controls for said client in accordance with said first and second groups of preferences; and
  
  sending, internally in said client, current computer records and location records of said client to said cache following the combining of said records, while connected to the network prior to user login on the client computer, such that said cache, running concurrently a login window of said client, operates on said current computer and location records in said cache.
- View Dependent Claims (54, 55, 56, 63)
- - 54. The method of claim 53, wherein the method includes managing said client configured as a mobile client.
  - 55. The method of claim 54, wherein said established controls for said client are stored in said cache of said client.
  - 56. The method of claim 53, wherein at least a portion of said controls remain in effect on said client when said client is disconnected from said network.
  - 63. The method of claim 53 further comprising:
    - determining user login information and a group selected by the user;
      
      accessing the another location on the network to access records of preference data associated with the user login information and the group, respectively;
      
      accessing the another location on the network to retrieve management information associated with the records; and
      
      combining the records of preference data in accordance with the management information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Parker, Chris, Marcy, Scott, Gaya, Bruce
Primary Examiner(s)
Nguyen; Thu
Assistant Examiner(s)
WIDHALM, ANGELA M

Application Number

US10/194,926
Time in Patent Office

3,364 Days
Field of Search

709/203, 709/220, 709225-229, 707/1, 707/3, 707/10, 707/101, 707/102, 713/182, 726/27
US Class Current

709/229
CPC Class Codes

H04L 67/125   involving control of end-de...

H04L 67/568   Storing data temporarily at...

H04L 67/5681   Pre-fetching or pre-deliver...

Managing distributed computers

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

64 Citations

67 Claims

Specification

Use Cases

Quick Links

Others

Managing distributed computers

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

67 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others