Business continuity through temporary authentication during corporate LDAP failure; provided no Stand By LDAP server available
Publication Date: 2014-Nov-27
The IP.com Prior Art Database
A mechanism which allows users to work continously when LDAP server is down, provided- 1. The application uses LDAP authentication. 2. No Stand By LDAP server in place.
Page 01 of 4
Business continuity through temporary authentication during corporate LDAP failure ; provided no Stand By LDAP server available
Disclosed is a solution for a situation wherein users, authenticated via an LDAP server, are unable to do so as the LDAP server goes down with no Stand By in place.
Ideal working condition:
In an ideal set up, any application, configured to authenticated via LDAP server, can have its users access the application with a pre-set/pre-defined username-password combination. The combination entered by the user will be validated by the LDAP server, and access will be granted based on the outcome of the validation process. Figure 1, below, describes this process in a pictorial way.
Deviation from such a behavior can cause authentication process to suspend itself. One such scenario is when the LDAP server goes down and a back up mechanism is not in place. In such cases, users are unable to log in and work on their respective applications thereby affecting productivity.
Disclosed solution offers a methodology to ensure continuous user authentication even when the LDAP server fails to work as desired. Figure 2 justifies the proposed methodology.
Page 02 of 4
The proposed solution is designed to work in the following manner:
1. LDAP server goes down
(i) Disable LDAP integration for users whose login credentials are LDAP integrated or marked as 'LDAP authenticated'.
(ii) Reset the users' authentication at the application level to enable to login at the application level itself. (refer Figure 3)
Page 03 of 4
(iii) This in turn, will trigger an email to all selected users informing them of their temporary/new password (unique).
(iv) Users can now login using the newly issued/mailed credentials.
2. LDAP servers is up again and running:
(i) Disable application level user authentication and switch back to LDAP integration for the application users.
(ii) Email sent to users informing them of the change of status and have them switch to LDAP credentials.
Problem solved by this methodology?
In an LDAP setup, with no backup servers, user authentication can take this alternate approach and enable business con...