Virtual directory system for LDAP to SCIM proxy service
First Claim
1. A non-transitory computer-readable medium having instructions stored thereon that, when executed by a processor, cause the processor to provide an on-premises virtual directory system for an LDAP (Lightweight Directory Access Protocol) to SCIM (System for Cross-domain Identity Management) proxy service, the providing comprising:
- providing an LDAP Directory Information Tree (DIT) including a plurality of LDAP DIT entries that describe LDAP containers, LDAP users and LDAP groups, each LDAP DIT entry including a Distinguished Name (DN) and a plurality of LDAP attribute-value pairs, the DN providing LDAP DIT hierarchical information that uniquely identifies the LDAP DIT entry and describes a hierarchical position of the LDAP DIT entry in the LDAP DIT, each LDAP attribute-value pair including an attribute name and one or more attribute values;
providing a SCIM directory including a plurality of SCIM resource entries that describe SCIM users and SCIM groups, each SCIM resource entry including a plurality of SCIM attributes including an externalID and a resource type identifying the SCIM resource entry as belonging to a user or a group, each SCIM attribute including a name and one or more values;
migrating the plurality of LDAP DIT entries to the SCIM directory, including storing the LDAP DIT hierarchical information in the SCIM directory by;
mapping LDAP containers to SCIM user or SCIM group attributes,mapping LDAP containers to special marker SCIM groups,mapping LDAP user DNs to SCIM user externalIDs, ormapping LDAP group DNs to SCIM group externalIDs;
creating a virtual LDAP hierarchy based on the LDAP DIT hierarchical information stored in the SCIM directory; and
displaying a graphical user interface (GUI) for a directory services application that includes a data tree pane that depicts the virtual LDAP hierarchy.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for providing an on-premises virtual directory system for an LDAP (Lightweight Directory Access Protocol) to SCIM (System for Cross-domain Identity Management) proxy service is provided. The method includes providing an LDAP Directory Information Tree (DIT) including LDAP DIT entries, providing a SCIM directory including SCIM resource entries, migrating the LDAP DIT entries to the SCIM directory, creating a virtual LDAP hierarchy based on LDAP DIT hierarchical information stored in the SCIM directory, and displaying a graphical user interface (GUI) for a directory services application that includes a data tree pane that depicts the virtual LDAP hierarchy. Creating the virtual LDAP hierarchy includes storing the LDAP DIT hierarchical information in the SCIM directory by mapping LDAP containers to SCIM user or SCIM group attributes, mapping LDAP containers to special marker SCIM groups, mapping LDAP user DNs to SCIM user externalIDs, or mapping LDAP group DNs to SCIM group externalIDs.
353 Citations
20 Claims
-
1. A non-transitory computer-readable medium having instructions stored thereon that, when executed by a processor, cause the processor to provide an on-premises virtual directory system for an LDAP (Lightweight Directory Access Protocol) to SCIM (System for Cross-domain Identity Management) proxy service, the providing comprising:
-
providing an LDAP Directory Information Tree (DIT) including a plurality of LDAP DIT entries that describe LDAP containers, LDAP users and LDAP groups, each LDAP DIT entry including a Distinguished Name (DN) and a plurality of LDAP attribute-value pairs, the DN providing LDAP DIT hierarchical information that uniquely identifies the LDAP DIT entry and describes a hierarchical position of the LDAP DIT entry in the LDAP DIT, each LDAP attribute-value pair including an attribute name and one or more attribute values; providing a SCIM directory including a plurality of SCIM resource entries that describe SCIM users and SCIM groups, each SCIM resource entry including a plurality of SCIM attributes including an externalID and a resource type identifying the SCIM resource entry as belonging to a user or a group, each SCIM attribute including a name and one or more values; migrating the plurality of LDAP DIT entries to the SCIM directory, including storing the LDAP DIT hierarchical information in the SCIM directory by; mapping LDAP containers to SCIM user or SCIM group attributes, mapping LDAP containers to special marker SCIM groups, mapping LDAP user DNs to SCIM user externalIDs, or mapping LDAP group DNs to SCIM group externalIDs; creating a virtual LDAP hierarchy based on the LDAP DIT hierarchical information stored in the SCIM directory; and displaying a graphical user interface (GUI) for a directory services application that includes a data tree pane that depicts the virtual LDAP hierarchy. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for providing an on-premises virtual directory system for an LDAP (Lightweight Directory Access Protocol) to SCIM (System for Cross-domain Identity Management) proxy service, the method comprising:
-
providing an LDAP Directory Information Tree (DIT) including a plurality of LDAP DIT entries that describe LDAP containers, LDAP users and LDAP groups, each LDAP DIT entry including a Distinguished Name (DN) and a plurality of LDAP attribute-value pairs, the DN providing LDAP DIT hierarchical information that uniquely identifies the LDAP DIT entry and describes a hierarchical position of the LDAP DIT entry in the LDAP DIT, each LDAP attribute-value pair including an attribute name and one or more attribute values; providing a SCIM directory including a plurality of SCIM resource entries that describe SCIM users and SCIM groups, each SCIM resource entry including a plurality of SCIM attributes including an externalID and a resource type identifying the SCIM resource entry as belonging to a User or a Group, each SCIM attribute including a name and one or more values; migrating the plurality of LDAP DIT entries to the SCIM directory, including storing the LDAP DIT hierarchical information in the SCIM directory by; mapping LDAP containers to SCIM user or SCIM group attributes, mapping LDAP containers to special marker SCIM groups, mapping LDAP user DNs to SCIM user externalIDs, or mapping LDAP group DNs to SCIM group externalIDs; creating a virtual LDAP hierarchy based on the LDAP DIT hierarchical information stored in the SCIM directory; and displaying a graphical user interface (GUI) for a directory services application that includes a data tree pane that depicts the virtual LDAP hierarchy. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system, comprising:
-
a memory; and a processor, coupled to the memory and a network, to provide an on-premises virtual directory system for an LDAP (Lightweight Directory Access Protocol) to SCIM (System for Cross-domain Identity Management) proxy service, the processor configured to; provide an LDAP Directory Information Tree (DIT) including a plurality of LDAP DIT entries that describe LDAP containers, LDAP users and LDAP groups, each LDAP DIT entry including a Distinguished Name (DN) and a plurality of LDAP attribute-value pairs, the DN providing LDAP DIT hierarchical information that uniquely identifies the LDAP DIT entry and describes a hierarchical position of the LDAP DIT entry in the LDAP DIT, each LDAP attribute-value pair including an attribute name and one or more attribute values; provide a SCIM directory including a plurality of SCIM resource entries that describe SCIM users and SCIM groups, each SCIM resource entry including a plurality of SCIM attributes including an externalID and a resource type identifying the SCIM resource entry as belonging to a User or a Group, each SCIM attribute including a name and one or more values; migrate the plurality of LDAP DIT entries to the SCIM directory, including storing the LDAP DIT hierarchical information in the SCIM directory by; mapping LDAP containers to SCIM user or SCIM group attributes, mapping LDAP containers to special marker SCIM groups, mapping LDAP user DNs to SCIM user externalIDs, or mapping LDAP group DNs to SCIM group externalIDs; create a virtual LDAP hierarchy based on the LDAP DIT hierarchical information stored in the SCIM directory; and display a graphical user interface (GUI) for a directory services application that includes a data tree pane that depicts the virtual LDAP hierarchy. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification