| CPC H04L 63/10 (2013.01) [H04L 63/101 (2013.01); H04L 63/104 (2013.01); H04L 63/20 (2013.01)] | 20 Claims |
|
1. An access control computing system for controlling access to multiple target servers in a networked environment, the access control computing system comprising:
an access control user interface accessible to the multiple target servers;
a computer memory storing an access control database providing information to the access control user interface; and
a management server including an access control processor, the access control processor implementing:
a discovery engine for discovering user rights stored at the multiple target servers and delivering the user rights stored at the multiple target servers over the network to the access control database; and
an event trigger engine
invoked by detection of a request to add or delete a user or group to a list of privileged groups from a first target server,
updating the user rights at a local cache on the first target server, and
delivering the updated user rights to the access control database,
wherein the event trigger engine is configured to modify the discovery engine based on the detection of the request to add or delete a user or group to a list of privileged groups, and
wherein a local security account manager database is changed
to insert a domain account to a local group, providing access to the local group in response to the request to add a user or group to a list of privileged groups, and
to remove a domain account from the local group revoking access to the local group, in response to the request to delete a user or group from a list of privileged groups.
|