|
Radiant Logic Virtualizes Directory Access
Published: July 25, 2006
by Alex Woodie
Radiant Logic recently launched a new release of RadiantOne Virtual Directory Server (VDS), its software that bridges Microsoft Active Directory environments with non-AD authentication systems running on other platforms, such as the iSeries. With RadiantOne VDS version 4.5, the company has extended the software to function as a Web service to deliver secure access to portal applications.
It's not uncommon for users today to access many different applications to do their jobs. However, a problem arises when applications do not reside on the same server, or even use the same operating system. While an all-Windows world would make application access easy--just map it to Active Directory and you're good to go--the reality is that there's still a lot of "other stuff" out there that users need to access to keep their businesses running.
In cases where Windows isn't the only system in town, a user must be set up with a password and a user ID that includes the permissions necessary for the user to do his job, and, ideally, no further permissions beyond that. As the number of users accessing disparate applications increases, it becomes complicated for administrators to keep a handle on the increasingly fragmented user profile data. And for users, there's the problem of remembering all those passwords.
These are the problems that products like RadiantOne VDS are designed to solve. As a lightweight directory access protocol (LDAP) proxy server, RadiantOne VDS provides a virtualized view into all of the different permissions that a user might have across different systems, including databases, applications, and other directories, and serves as a central point of authentication, via Kerberos. The software, which was written in Java, runs on top of a relational database, such as SQL Server or DB2, running on a Windows or Unix server.
"Our key value proposition is that we bridge the Microsoft and non-Microsoft worlds," Radiant Logic CEO Michael Prompt writes in an e-mail. "The reality is that most organizations have only a subset of their identity profiles in Active Directory, and the rest in many other systems," such as PeopleSoft HR software, Siebel CRM software, SAP enterprise software, and Exchange and Lotus Notes e-mail systems running across OS/400, Linux, Unix, mainframe, and Windows servers.
In mid-June, the Novato, California-based company unveiled RadiantOne version 4.5, with new portal and Web services capabilities. "For portals and Web services we consolidate the list of users from multiple sources into one LDAP directory (portals need this); present the appropriate credential to each application that is aggregated by the portal; and present all of the authorization, entitlement, and personalization attributes to the portal," Prompt writes.
RadiantOne 4.5 also brings features such as the choice of using memory or full LDAP persistent cache, new "interception scripts" for accessing any specific authentication method, and delivery of "Kerberized" services for integrating with AD environments.
The company also announced the delivery of its Identity Correlation and Synchronization Server (ICS), which augments the RadiantOne runtime with capabilities such as enabling security policies, assisting in compliance, and simplifying policy design and deployment, according to the company.
Radiant Logic has about 70 customers, including Alltel, which is using RadiantOne 4.5 to integrate its employee, contractor, and vendor directories. None of Radiant Logic's customers are using the software to integrate with OS/400 servers, Prompt says, although the company and the product fully support the IBM server.
RadiantOne VDS 4.5 is available now. Pricing is processor-based and starts at $25,000. For more information, see www.radiantlogic.com.
|
