Identity migration apparatus and method
First Claim
1. A non-transitory computer readable storage medium comprising a program of machine-readable instructions executable by a digital processing apparatus to perform operations to migrate locally-managed identities to centrally-managed identities, the operations comprising:
- providing at least one interface control that enables a user to create a migration project;
providing at least one interface control that enables a user to identify locally-managed identities associated with locally-managed groups in Unix;
providing at least one interface control that enables a user to specify the migration of the locally-managed account groups to one or more centrally-managed account groups stored in Active Directory,wherein the migration of the locally-managed account groups migrates the locally-managed identities associated with the locally-managed account groups in Unix to the one or more centrally-managed account groups in Active Directory, andwherein the migration of the locally-managed account groups further preserve local group membership information and identity attributes about the locally-managed identities migrated to the one or more centrally-managed account groups;
providing at least one interface control that enables a user to specify a plurality of migration rules for the migration project;
providing at least one interface control that enables a user to specify a migration schedule for the migration project; and
executing the migration rules according to the migration schedule too automatically migrate the locally-managed identities associated with the plurality of locally-managed account groups to the one or more centrally-managed account groups in a manner that preserves the local group membership information of migrated locally-managed identities.
26 Assignments
0 Petitions
Reexaminations
Accused Products
Abstract
An identity migration program provides interfaces for a user to manage operations for migrating locally-managed identities to centrally-managed identities. The provided interfaces include a project management interface, an identity selection interface, a migration rule editor interface, and a project scheduling interface. In certain embodiments, the identity migration program includes a communication module that provides interfaces for managing communication between the identity migration program and locally-managed and centrally-managed servers. Interfaces may also be provided to manage identity group migration and migration error resolution. A migration process management interface enables the user to halt, roll back, or resume a migration project.
-
Citations
15 Claims
-
1. A non-transitory computer readable storage medium comprising a program of machine-readable instructions executable by a digital processing apparatus to perform operations to migrate locally-managed identities to centrally-managed identities, the operations comprising:
-
providing at least one interface control that enables a user to create a migration project; providing at least one interface control that enables a user to identify locally-managed identities associated with locally-managed groups in Unix; providing at least one interface control that enables a user to specify the migration of the locally-managed account groups to one or more centrally-managed account groups stored in Active Directory, wherein the migration of the locally-managed account groups migrates the locally-managed identities associated with the locally-managed account groups in Unix to the one or more centrally-managed account groups in Active Directory, and wherein the migration of the locally-managed account groups further preserve local group membership information and identity attributes about the locally-managed identities migrated to the one or more centrally-managed account groups; providing at least one interface control that enables a user to specify a plurality of migration rules for the migration project; providing at least one interface control that enables a user to specify a migration schedule for the migration project; and executing the migration rules according to the migration schedule too automatically migrate the locally-managed identities associated with the plurality of locally-managed account groups to the one or more centrally-managed account groups in a manner that preserves the local group membership information of migrated locally-managed identities. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus, implemented in one or more processors, to centralize identity management, the apparatus comprising:
-
a project management module configured to provide at least one interface control that enables a user to create a migration project; an identity selection module configured to provide at least one interface control that enables a user to specify locally-managed identities associated with locally-managed groups in Unix to be migrated to one or more centrally-managed account groups stored in Active Director and associate the locally-managed identities with the migration project; a group management module configured to provide at least one interface control that enables a user to specify group migration of the locally-managed identities associated with the locally-managed account groups in Unix to the one or more centrally-managed account groups in Active Directory, wherein the migration of the locally-managed account groups further preserve local group membership information and identity attributes about the locally-managed identities migrated to the one or more centrally-managed account groups; a migration rule editor configured to provide at least one interface control that enables a user to specify a plurality of migration rules for the migration project; a scheduling module configured to provide at least one interface control that enables a user to specify a migration schedule and associate the migration schedule with the migration project; and an execution module configured to execute the migration schedule according to the plurality of migration rules and the migration schedule, to automatically migrate the locally-managed identities associated with the plurality of locally-managed account groups to the one or more centrally-managed account groups in a manner that preserves the local group membership information of migrated locally-managed identities. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method to migrate locally-managed identities to centrally-managed identities, the method comprising:
-
providing at least one interface control that enables a user to create a migration project; providing at least one interface control that enables a user to identify locally-managed identities associated with locally-managed groups in Unix; wherein the migration of the locally-managed account groups migrates the locally-managed identities associated with the locally-managed account groups in Unix to the one or more centrally-managed account groups in Active Directory, and wherein the migration of the locally-managed account groups further preserve local group membership information and identity attributes about the locally-managed identities migrated to the one or more centrally-managed account groups; providing at least one interface control that enables a user to specify a plurality of migration rules for the migration project; providing at least one interface control that enables a user to specify a migration schedule for the migration project; and executing the migration rules according to the migration schedule to automatically migrate the locally-managed identities associated with the plurality of locally-managed account groups to the one or more centrally-managed account groups in a manner that preserves the local group membership information of migrated locally-managed identities.
-
Specification