Identity migration apparatus and method
First Claim
1. A method for chan in functioning of at least one computer by migrating locally-managed identities to centrally-managed identities, the method comprising:
- providing, on computer hardware including at least one computer processor, at least one interface control configured to receive input from at least one input device and to communicate the input to the computer hardware, thereby enabling a user to create a migration project to be carried out by the computer hardware;
receiving, by the interface control from the input device, an identification of locally-managed identities associated with locally-managed account groups;
receiving, by the interface control from the input device, a specification of a migration of the locally-managed account groups to one or more centrally-managed account groups such that the migration of the locally-managed account groups migrates the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups and preserves local group membership information and identity attributes about the locally-managed identities migrated to the one or more centrally-managed account groups;
receiving, by the interface control from the input device, a specification of migration rules for the migration project;
receiving, by the interface control from the input device, a specification of a migration schedule for the migration project; and
executing the migration rules with the computer hardware including the at least one computer processor according to the migration schedule to automatically migrate the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups in a manner that preserves the local group membership information of migrated locally-managed identities.
17 Assignments
0 Petitions
Accused Products
Abstract
An identity migration program provides interfaces for a user to manage operations for migrating locally-managed identities to centrally-managed identities. The provided interfaces include a project management interface, an identity selection interface, a migration rule editor interface, and a project scheduling interface. In certain embodiments, the identity migration program includes a communication module that provides interfaces for managing communication between the identity migration program and locally-managed and centrally-managed servers. Interfaces may also be provided to manage identity group migration and migration error resolution. A migration process management interface enables the user to halt, roll back, or resume a migration project.
419 Citations
20 Claims
-
1. A method for chan in functioning of at least one computer by migrating locally-managed identities to centrally-managed identities, the method comprising:
-
providing, on computer hardware including at least one computer processor, at least one interface control configured to receive input from at least one input device and to communicate the input to the computer hardware, thereby enabling a user to create a migration project to be carried out by the computer hardware; receiving, by the interface control from the input device, an identification of locally-managed identities associated with locally-managed account groups; receiving, by the interface control from the input device, a specification of a migration of the locally-managed account groups to one or more centrally-managed account groups such that the migration of the locally-managed account groups migrates the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups and preserves local group membership information and identity attributes about the locally-managed identities migrated to the one or more centrally-managed account groups; receiving, by the interface control from the input device, a specification of migration rules for the migration project; receiving, by the interface control from the input device, a specification of a migration schedule for the migration project; and executing the migration rules with the computer hardware including the at least one computer processor according to the migration schedule to automatically migrate the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups in a manner that preserves the local group membership information of migrated locally-managed identities. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system for identity migration comprising:
-
computer hardware including at least one computer processor and at least one input device; and a plurality of modules stored in computer-readable storage comprising computer readable instructions that, when executed by the computer processor, cause the computer hardware to perform operations defined by the computer-executable instructions, the modules configured to; create a migration project in response to user input received from the input device; identify locally-managed identities associated with locally-managed account groups; specify a migration of the locally-managed account groups to one or more centrally-managed account groups such that the migration of the locally-managed account groups migrates the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups and preserves local group membership information and identity attributes about the locally-managed identities migrated to the one or more centrally-managed account groups; specify migration rules for the migration project; specify a migration schedule for the migration project; and execute the migration rules according to the migration schedule to automatically migrate the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups in a manner that preserves the local group membership information of migrated locally-managed identities. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory computer readable storage medium comprising a program of machine-readable instructions executable by a digital processing apparatus to perform operations to migrate locally-managed identities to centrally-managed identities, the operations comprising:
-
receiving a user'"'"'s input from an input device; at least in part in response to the input received from the input device, creating a migration project, encoded in tangible computer storage, that includes at least (a) an identification of locally-managed identities associated with locally-managed account groups, (b) a specification of a migration of the locally-managed account groups to one or more centrally-managed account groups such that the migration of the locally-managed account groups migrates the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups and preserves local group membership information and identity attributes about the locally-managed identities migrated to the one or more centrally-managed account groups, (c) a plurality of migration rules for the migration project, and (d) a migration schedule for the migration project; and executing the migration rules according to the migration schedule to automatically migrate the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups in a manner that preserves the local group membership information of migrated locally-managed identities. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A system for migrating locally-managed identities to centrally-managed identities, the method comprising:
-
computer hardware comprising at least a computer processor and an input device; at least one interface control that receives a user'"'"'s input from the input device and, based at least in part upon the user'"'"'s input, causes the computer hardware to migrate locally-managed identities associated with locally-managed account groups to one or more centrally-managed account groups; and a migration rule execution module that causes migration rules, encoded in tangible computer storage, to be executed on the at least one computer processor, thereby causing the computer hardware to automatically migrate, in accordance with a migration schedule encoded in tangible computer storage, the locally-managed identities associated with the locally-managed account groups to the one or more centrally-managed account groups in a manner that preserves the local group membership information of migrated locally-managed identities. - View Dependent Claims (17, 18, 19, 20)
-
Specification