Presentation is loading. Please wait.

Presentation is loading. Please wait.

Virtual Directory Services and Directory Synchronization May 13 th, 2008 Bill Claycomb Computer Systems Analyst Infrastructure Computing Systems Department.

Published byPauline Cain Modified over 8 years ago

Similar presentations

Presentation on theme: "Virtual Directory Services and Directory Synchronization May 13 th, 2008 Bill Claycomb Computer Systems Analyst Infrastructure Computing Systems Department."— Presentation transcript:

1 Virtual Directory Services and Directory Synchronization May 13 th, 2008 Bill Claycomb Computer Systems Analyst Infrastructure Computing Systems Department Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear Security Administration under contract DE-AC04-94AL85000.

2 Introduction Challenges and Solutions Future work Questions Agenda

3 Introduction What are directory information services? –What data do they contain? –Who wants that data? –Why must it be protected? –How do we protect it? What are virtual directories? What is directory synchronization?

4 Directory Information Services Provide user data to applications –Web portals –Instant Messaging –Single-sign-on –Email May contain personally identifiable information Come in several different flavors –LDAP Active Directory SunOne –Databases SQL

5 Virtual Directories “Virtual” – the directory doesn’t actually exist Tailor data to specific needs Collect data from different data sources

6 Virtual Directory Server

7 Virtual Directories

8 Directory Synchronization Reflect data from one source to another Used for various purposes –Account provisioning –Application specific needs –Performance Improvement

9 Synchronization

10 Challenges Limiting the amount of data provided Limiting who has access to the data Providing data from one data source as another type of data source Provisioning accounts Combining data from disparate data sources Collecting data from remote data sources Keeping data up-to-date

11 Challenge: Limit the data provided Example: –An application which only requires name and email address Solution: –Configure a virtual directory to supply a subset of the total attributes available

12 Challenge: Limit who has access to the data Examples: –An external facing employee directory server –Data access restricted to U.S. Citizens i.e. Export Controlled Software Solution: –Use a virtual directory to reflect data from one environment to another –Use virtual directory authorization to specify access control

13 Challenge: Provide data from one source to another Example: –Technical Library needed information from an LDAP server –Information is only contained in a SQL database Solution: –Use a virtual directory to provide SQL information as LDAP information

14 Challenge: Account Provisioning Example: –Authorized account information is contained in multiple SQL databases –Accounts are stored in an LDAP directory Solution: –Use a virtual directory to create a complete view of account information –Use directory synchronization to provision new accounts according to that data

15 Challenge: Collect data from disparate data sources Example: –User information comes from both directories and databases Solution: –Use virtual directories to correlate and present data from multiple data sources

16 Challenge: Collect data from remote data sources Example: –Directory information from remote sites is needed for a local address book Solution: –Use directory synchronization to pull data from remote LDAP servers and populate it in a local LDAP store

17 Challenge: Keeping Data up-to-date Example: –External contact information, stored in a database, is needed in an LDAP directory Solution –Use directory synchronization to reflect database changes in the destination directory

18 Solution: Details Virtual Directory Services and Synchronization available on internal networks Can be ported to externally available sources Implemented by RadiantOne, from Radiant Logic, Inc.

19 Future Work Exploring additional security features Bringing additional data sources together

20 Questions

Download ppt "Virtual Directory Services and Directory Synchronization May 13 th, 2008 Bill Claycomb Computer Systems Analyst Infrastructure Computing Systems Department."

Similar presentations

Conclusion Kenneth Moreland Sandia National Laboratories Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company,

Conclusion Kenneth Moreland Sandia National Laboratories Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company,
Digital Certificate Operation in a Complex Environment Matthew J. Dovey Oxford University Computing Services.

Digital Certificate Operation in a Complex Environment Matthew J. Dovey Oxford University Computing Services.
Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.

DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.
Meganet Corporation VME Office 2004. Meganet Corporation Meganet Corporation is a leading worldwide provider of data security to Governments, Military,

Meganet Corporation VME Office Meganet Corporation Meganet Corporation is a leading worldwide provider of data security to Governments, Military,
Extern name server - translates addresses of e-mails messages - enables users to use e-mail aliases - … ID cards system - controls entrance to buildings,

Extern name server - translates addresses of s messages - enables users to use aliases - … ID cards system - controls entrance to buildings,
Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.

Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.
Extending ForeFront beyond the limit www.AGATSolutions.com TMGUAG ISAIAG AG Security Suite.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
World Class Financial Reporting with FRx Report Writer Elisa R. Vick

World Class Financial Reporting with FRx Report Writer Elisa R. Vick
Sandia National Laboratories is a multi-program laboratory managed and operated by Sandia Corporation, a wholly owned subsidiary of Lockheed Martin Corporation,

Sandia National Laboratories is a multi-program laboratory managed and operated by Sandia Corporation, a wholly owned subsidiary of Lockheed Martin Corporation,
Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.

Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.
Tom Sheridan IT Director Gas Technology Institute (GTI)

Tom Sheridan IT Director Gas Technology Institute (GTI)
Page 1 of 29 Net-Scale Technologies, Inc. Network Based Personal Information and Messaging Services Urs Muller Beat Flepp

Page 1 of 29 Net-Scale Technologies, Inc. Network Based Personal Information and Messaging Services Urs Muller Beat Flepp
Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.

Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear.
Desktop Computing Strategic Project Sandia National Labs May 2, 2009 Jeremy Allison Andy Ambabo James Mcdonald Sandia is a multiprogram laboratory operated.

Desktop Computing Strategic Project Sandia National Labs May 2, 2009 Jeremy Allison Andy Ambabo James Mcdonald Sandia is a multiprogram laboratory operated.
Directory services in Nextra - experiences and future plans Kari Marvik, Nextra AS 11.05.00.

Directory services in Nextra - experiences and future plans Kari Marvik, Nextra AS
Software Asset Management at Sandia National Laboratories NLIT Summit 2009 June 2, 2009 Ramona K. Gallegos Programmer/Analyst Andrew H. Steele Programmer/Analyst.

Software Asset Management at Sandia National Laboratories NLIT Summit 2009 June 2, 2009 Ramona K. Gallegos Programmer/Analyst Andrew H. Steele Programmer/Analyst.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 1: Introduction to Active Directory.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 1: Introduction to Active Directory.
Virtual Directories: Attack Models and Prevention June 2 nd, 2009 Bill Claycomb Systems Analyst Sandia National Laboratories Sandia is a multiprogram laboratory.

Virtual Directories: Attack Models and Prevention June 2 nd, 2009 Bill Claycomb Systems Analyst Sandia National Laboratories Sandia is a multiprogram laboratory.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

Similar presentations

Ads by Google