A method and system for autonomously tuning a Lightweight Directory Access Protocol (LDAP) server are disclosed. The method comprises activating a tuning thread when defined conditions are met; and using this thread to initiate automatically a tuning procedure to tune an LDAP server cache, to tune a database buffer pool for the server, and to perform runtime tuning of parameters of the database. Tuning may be initiated upon reaching a specified time, or when the cache hit ratio of the server falls below a given threshold or on issuing the extended operation. The tuning procedure may include Basic or Advanced Tuning procedures and an Advanced Tuning procedure. The Basic Tuning procedure is comprised of static tuning of the server based on the number and size of entries in the database, and the Advanced Tuning Procedure is a real time procedure based on real client search patterns.

Manage a request for a computing service through a hub solution available on a network. The underlying network fabric is the communication bus between individual processes that make up a service request. A process orchestrator may publish an Internet Protocol (IP) address for service requests such as printing services, email services, Active Directory (AD) services and similar service requests. The process orchestrator may determine which processes are to be executed to complete the service request and offload the processes to an available computing resources on the network. Examples of computing resources for each process include a virtual machine and a hardware based process engine. The process orchestrator may manage the processes and act as the primary point of interface for an endpoint host requesting the service.

An example method of operation may include one or more of identifying an inbound call intended for a mobile device subscribed to a protected carrier network, determining the inbound call is assigned an origination telephone number that is subscribed to the protected carrier network, determining whether an inbound call origination source location indicates the protected carrier network or an out-of-network carrier network based on one or more call parameters received with the inbound call, and determining whether to transmit an indication to the mobile device that the inbound call has an elevated likelihood of being a scam call based on the inbound call origination source location.

Examples of authentication and firewall enforcement for Internet of Things (IoT) devices are described. In an example, a request to authenticate an IoT device coupled to a network device is sent to an authentication server. The request includes a Media Access Control (MAC) address of the IoT device. A response indicative of successful authentication of the IoT device based on the MAC address is received from the authentication server. The response includes a first attribute indicative of a network address of a remote server to connect with the IoT device. A firewall role for the IoT device is generated based on a combination of an Internet Protocol (IP) address of the IoT device and the first attribute. The IoT device is associated with the firewall role.

A method and apparatus are disclosed for providing virtual Lightweight Directory Access Protocol (LDAP) attribute subtypes based on metadata associated with a relevant data type. In one embodiment, a computer system receives a request that specifies an LDAP attribute. The computer system identifies metadata corresponding to a data type of the LDAP attribute and identifies, based on the metadata, an attribute subtype of the LDAP attribute.

A user directory for a hub-based system federating disparate unified communications systems is disclosed. According to one embodiment, the computer-implemented method includes connecting a first unified communications system and a second unified communications system through a federation server, synchronizing a directory entry from a directory of the first unified communications system to a user directory, where the directory entry contains user information of the first unified communications system, and providing the second unified communications system with an access to the directory entry.

A non-transitory computer readable medium storing a program causing a computer to execute a process: the process comprising: performing a first utilization permission process for an authorized user; and performing a second utilization permission process for a guest user, the second utilization permission process comprising: acquiring user identification information input by the guest user; inquiring, of a directory service that retains information of a member of an organization, whether the user identification information acquired by the acquiring is registered; and permitting the guest user who inputs the user identification information to use the system within a range of a utilization authority, which is different between a case where a response indicating that the user identification information is registered is received and a case where a response indicating that the user identification information is not registered is received, in response to the inquiry.

Techniques for objectclass versioning in directory server schema are provided. The techniques include migrating from one version of a directory server to another version of the directory server, maintaining one or more versions of an objectclass while migrating from one version of a directory server to another version of the directory server, and selecting one of the one or more versions of an objectclass for normal functioning of an application.

A system and method is disclosed of extracting information from real-time network packet data to analyze connectivity data for client devices in a network. The method includes: detecting when client devices initiate a connectivity event; after detecting a connectivity event, waiting a period of time for the client device to either reach or fail to reach a network connected state; after waiting a period of time, recording connectivity event information; and sending the recorded connectivity event information to an analytics system for network incident and/or network congestion analysis.

Disclosed are various approaches for preauthorizing the joining of a client device to a domain managed by a cloud-based directory service. An authorization token can be generated prior to a client device joining the domain. The authorization token can be subsequently installed on a client device at an OEM facility. When a user first logs into the client device, the client device can send the authorization token to the cloud-based directory service in lieu of administrative credentials to prove that the client device has been previously authorized to join the domain.