Domain joined virtual names on domainless servers

Assignee

• MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

• Sai Sudhir Anantha Padmanaban · Redmond, US
• Lokesh Srinivas Koppolu · Redmond, US
• Andrea D'Amato · San Jose, US
• Yi Zeng · Redmond, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L69/40
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Services from domainless machines are made available in a security domain under a virtual name. Each machine is not joined to the domain but can reach a security domain controller. The controller controls at least one security domain using an authentication protocol, such as a modified Kerberos protocol. One obtains a set of security domain credentials, generates a cluster name secret, gives the cluster a virtual name, and authenticates the machines to the domain controller using these items. In some cases, authentication uses a ticket-based protocol which accepts the cluster name secret in place of a proof of valid security domain membership. In some, the domain controller uses a directory service which is compatible with an active directory service; the cluster virtual name is provisioned as an account in the directory service. The cluster virtual name may concurrently serve clients on different security domains of the directory service.