Microsoft Active Directory Authentication

Download PDF

Challenge

Microsoft Active Directory® (AD) is a fundamental part of the identity infrastructure that many organizations use to authenticate users across Windows® domains. While it has numerous advantages, its limitations and complexities can make management and administration of multiple domains very complicated and often quite difficult.

A common problem large enterprises encounter is configuring and managing trust relations between Active Directory forests to allow authentication across domains. Configuring multiple trust relationships to allow user authentication regardless of the domain is complex, time-consuming, and may have undesirable implications - especially when the only real requirement is a single place to access all user information.

Another common problem occurs even with a single domain because Microsoft Active Directory administrators are encouraged to store user data in separate organizational unit containers, so most Active Directory deployments have several branches within the directory. Some applications have no trouble with this, but many require all users to be found in one branch or create performance issues by querying the root of the tree. For these situations, a method is needed to flatten the directory structure and present it to applications as if all users were stored in a single place.

Solution
Microsoft Active Directory Authentication Solution

Microsoft Active Directory Authentication Solution

Symlabs Virtual Directory Server is a swiss-army knife that can resolve all of these problems, and more, for Microsoft Active Directory administrators. It can consolidate data stored across multiple AD servers, establishing a single resource that provides authentication service for all of members of a forest, or across multiple forests, eliminating any need to implement complicated trust relationships for AD servers. Configuration is very simple, and it can easily accommodate additional domains as an infrastructure scales. Plug-ins bundled with Symlabs Virtual Directory Server make routing automatic, regardless of the format applications use to authenticate. They also allow data contained in different organizational units or on different servers to be presented as a single merged container, so applications that expect a flat structure of all users in one domain work, even if users are really stored as discrete groups.

About Microsoft Active Directory
Active Directory is a registered trademark of Microsoft, Inc. An LDAP-based directory services product developed by Microsoft, Active Directory is a central component of the Windows platform that provides a means to manage identities and relationships that make up network environments. Active Directory Service is commonly used to manage the Windows® domain infrastructure.

Benefits

Enable global authentication without any complex AD trust relationships
Merge organization unit containers to present a flat view of all users
Fully integrate LDAP user management applications in AD environment
Facilitate simple user management and increase overall performance

About Symlabs

Symlabs is the performance leader for virtual directory and identity management solutions. Benchmarks show Symlabs Virtual Directory Server, LDAP Proxy and Federated Identity Suite are the fastest and most powerful products in the industry for managing and unifying identity data. Global giants like Sony, IBM, Vodafone, Nokia and United Nations already depend on Symlabs to add flexibility, security, and reliability to their infrastructure. Symlabs also offers annual support, training and professional services to our clients to help them develop, integrate, and maintain solutions.