Contact Us

Microsoft Active Directory Authentication

Related Products
Download PDF

Challenge
Microsoft Active DirectoryMicrosoft Active Directory® (AD) is a fundamental part of the identity infrastructure that many organizations use to authenticate users across Windows® domains. While Microsoft Active Directory has numerous advantages, its limitations and complexities can make management and administration of multiple domains very complicated and often quite difficult.

A common problem large enterprises encounter is configuring and managing trust relations between Active Directory forests to allow authentication across domains. Configuring multiple trust relationships to allow user authentication regardless of the domain is complex, time-consuming, and may have undesirable implications - especially when the only real requirement is a single place to access all user information.

Another common problem occurs even with a single domain because Microsoft Active Directory administrators are encouraged to store user data in separate organizational unit containers, so most Active Directory deployments have several branches within the directory. Some applications have no trouble with this, but many require all users to be found in one branch or create performance issues by querying the root of the tree. For these situations, a method is needed to flatten the directory structure and present it to applications as if all users were stored in a single place.

Solution
Microsoft Active Directory Authentication SolutionSymlabs Virtual Directory Server is a swiss-army knife that can resolve all of these problems, and more, for Microsoft Active Directory administrators. It can consolidate data stored across multiple AD servers, establishing a single resource that provides authentication service for all of members of a forest, or across multiple forests, eliminating any need to implement complicated trust relationships for AD servers. Configuration is very simple, and it can easily accommodate additional domains as an infrastructure scales. Plug-ins bundled with Symlabs Virtual Directory Server make routing automatic, regardless of the format applications use to authenticate. They also allow data contained in different organizational units or on different servers to be presented as a single merged container, so applications that expect a flat structure of all users in one domain work, even if users are really stored as discrete groups.

About Microsoft Active Directory
Active Directory is a registered trademark of Microsoft, Inc. An LDAP-based directory services product developed by Microsoft, Active Directory is a central component of the Windows platform that provides a means to manage identities and relationships that make up network environments. Active Directory Service is commonly used to manage the Windows® domain infrastructure.

Benefits
  • Enable global authentication without any complex AD trust relationships
  • Merge organization unit containers to present a flat view of all users
  • Fully integrate LDAP user management applications in AD environment
  • Facilitate simple user management and increase overall performance

Symlabs is now part of Quest Software. A leader in simplifying and reducing the cost of IT management, Quest’s innovative solutions make solving the toughest IT management problems easier, enabling more than 100,000 customers worldwide to save time and money across physical, virtual and cloud environments. The addition of Symlabs virtual directory and federation technology will enhance the overall architecture of the Quest® One Identity Solution and Quest migration products. Learn more at www.quest.com/symlabs.