Active directory object management methods and systems
First Claim
1. A method comprising:
- providing, by a web server subsystem that is part of a first domain, a web-based interface for display on a client device;
receiving, by the web server subsystem, a request via the web-based interface from an end-user to perform a management activity that creates or modifies active directory object;
acquiring, by the web server subsystem, authorization from an object security subsystem to ensure that the end-user is authorized to perform the management activity that creates or modifies the active directory object;
transmitting, by the web server subsystem, the request to perform the management activity that creates or modifies the active directory object to a web services subsystem that is part of a second domain independent of the first domain;
performing, by the web services subsystem that is part of the second domain, the management activity that creates or modifies the active directory object; and
updating in real-time, by the web services subsystem that is part of the second domain, an active directory maintained by a domain controller subsystem in accordance with the performed management activity such that the updated active directory is accessible to the client device substantially immediately upon completion of the real-time update.
1 Assignment
0 Petitions
Accused Products
Abstract
An exemplary method includes providing, by a web server subsystem, a web-based interface for display on a client device within a domain associated with the web server subsystem, receiving, by the web server subsystem, a request via the web-based interface from an end-user to perform a management activity associated with an active directory object, acquiring, by the web server subsystem, authorization from an object security subsystem to perform the management activity associated with the active directory object, transmitting, by the web server subsystem, the request to a web services subsystem that is independent of the domain associated with the web server subsystem, performing, by the web services subsystem, the management activity associated with the active directory object, and updating in real-time, by the web services subsystem, an active directory maintained by a domain controller subsystem in accordance with the performed management activity. Corresponding methods and systems are also disclosed.
-
Citations
23 Claims
-
1. A method comprising:
-
providing, by a web server subsystem that is part of a first domain, a web-based interface for display on a client device; receiving, by the web server subsystem, a request via the web-based interface from an end-user to perform a management activity that creates or modifies active directory object; acquiring, by the web server subsystem, authorization from an object security subsystem to ensure that the end-user is authorized to perform the management activity that creates or modifies the active directory object; transmitting, by the web server subsystem, the request to perform the management activity that creates or modifies the active directory object to a web services subsystem that is part of a second domain independent of the first domain; performing, by the web services subsystem that is part of the second domain, the management activity that creates or modifies the active directory object; and updating in real-time, by the web services subsystem that is part of the second domain, an active directory maintained by a domain controller subsystem in accordance with the performed management activity such that the updated active directory is accessible to the client device substantially immediately upon completion of the real-time update. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method comprising:
- providing, by a web server subsystem that is part of a first domain, a web-based interface for display on a client device;
receiving, by the web server subsystem, a request via the web-based interface from an end-user to perform a management activity that creates or modifies an active directory object;acquiring, by the web server subsystem, authentication from an object security subsystem to ensure that the end-user is authorized to perform the management activity that creates or modifies the active directory object; transmitting, by the web server subsystem, the request to perform the management activity that creates or modifies the active directory object to a web services subsystem that is part of a second domain independent of the first domain, the web services subsystem configured to perform the management activity that creates or modifies the active directory object and update in real-time an active directory maintained by a domain controller subsystem in accordance with the performed management activity such that the updated active directory is accessible to the client device substantially immediately upon completion of the real-time update; and recording, by the web server subsystem, a transaction log that indicates successful completion of the performed management activity within a database maintained by the object security subsystem. - View Dependent Claims (16, 17, 18)
- providing, by a web server subsystem that is part of a first domain, a web-based interface for display on a client device;
-
19. A system comprising:
-
a web server subsystem that is part of a first domain and configured to provide a web-based interface for display on a client device; and a web services subsystem that is part of a second domain independent of the first domain and selectively and communicatively coupled to the web server subsystem; wherein the web server subsystem that is part of the first domain is further configured to receive a request via the web-based interface from an end-user to perform a management activity that creates or modifies an active directory object, acquire from an object security subsystem authorization to ensure that the end-user is authorized to perform the management activity that creates or modifies the active directory object, and transmit the request to perform the management activity that creates or modifies the active directory object to the web services subsystem; and wherein the web services subsystem that is part of the second domain is configured to perform the management activity that creates or modifies the active directory object, and update in real-time an active directory maintained within an active directory database in accordance with the performed management activity such that the updated active directory is accessible to the client device substantially immediately upon completion of the real-time update. - View Dependent Claims (20, 21, 22)
-
-
23. A system comprising:
-
a web server that is part of a first domain and configured to provide a web-based interface for display on a client device; a web services server that is part of a second domain independent of the first domain and selectively and communicatively coupled to the web server; an object security server selectively and communicatively coupled to the web server and configured to maintain data representative of one or more authorization relationships between one or more users and an active directory object; and a domain controller selectively and communicatively coupled to the web services server and configured to maintain the active directory object within an active directory; wherein the web server that is part of the first domain is further configured to receive a request via the web-based interface from an end-user to perform a management activity that creates or modifies the active directory object located in a particular domain, acquire authorization from the object security server to ensure that the end-user is authorized to perform the management activity that creates or modifies the active directory object, the authorization based on the data representative of the one or more authorization relationships, and transmit the request to perform the management activity that creates or modifies the active directory object to the web services server; and wherein the web services server that is part of the second domain is configured to perform the management activity that creates or modifies the active directory object, and update in real-time the active directory maintained by the domain controller such that the updated active directory is accessible to the client device substantially immediately upon completion of the real-time update.
-
Specification