header
spacer

Home | Blog

 spacer spacer
OVERVIEW
SOLUTION FOR IDENTITY MANAGEMENT
SOLUTION FOR PORTALS
USE CASES BY INDUSTRIES


home > solutions > common use caes > leveraging ad infrastructure

COMMON USE CASES - LEVERAGING AD

Using Virtualization to Leverage your Investment in Active Directory

Solve your authentication and security challenges while keeping your existing AD infrastructure
Like most enterprises with Windows desktops, there is a good probability that your organization has made a significant investment in Active Directory.  Now your users are asking why they can't use their AD ids and credentials to log in to all of their applications within the enterprise.  Your security team wants to take advantage of the group definitions that already exist in AD, and your portal project needs a single LDAP directory while your existing AD infrastructure is comprised of multiple AD domains and forests. 

On the one hand, it would make sense to try and consolidate everything into a single Active Directory instance but there are valid historical and logistical reasons for having multiple forests and domains.  The need to store additional attributes for application specific entitlements and profiles should also not be ignored. On some levels it makes sense to put all attributes into AD. 

However, AD administrators will always remind you that Active Directory is first and foremost a NOS-based system, and extending the schema can have serious consequences on the core functionality that AD is designed to address. In addition, there is the issue of who owns the data and that certain requirements are better served through the functionality of an RDBMS, not AD.

A common virtualization layer for all your AD projects
Virtualization allows you to leverage what you already have in AD without having to stretch AD into areas it wasn't designed for.  Some examples of where RadiantOne Identity and Context Virtualization Platform can help:

  1. Consolidating multiple AD Forests and Domains

    A Virtual Directory can allow you to keep your existing AD forests and domains while still enabling you to logically consolidate them into a single directory.

    Console_AD_Forests_diagram

  2. Schema extensions to Active Directory

    A Virtual Directory can allow application specific objects and attributes to reside in other sources while still providing a unified profile of the user.

    Schema_Extensions_diagram

  3. Delegated Authentication to Active Directory

    A Virtual Directory can allow other applications to leverage your existing ids and credentials by delegating the Authentication to Active Directory.

    Deligation_Authentication_diagram

Back to Top ^

HOME  |  SOLUTIONS  |  PRODUCTS  |  RESOURCES  |  CUSTOMERS  |  PARTNERS  |  SUPPORT  |  NEWS  |  COMPANY  |  CONTACT
415.209.6800  |  info@radiantlogic.com  |  sales@radiantlogic.com  |  Copyright © 2008 Radiant Logic, Inc. All rights reserved.