Abstract: Sharing resources on a network include, for example, a domain controller hierarchy scheme, which is used in some implementations to organize and share both secure and non-secure resources in an efficient manner. Using authentication information can be used to architect a trustworthy system to divulging sensitive client data (such as user/computer passwords) to a host system. The sensitive client data can be released to the host system when a client establishes a relationship having a degree of trust with the host.

Abstract: A domain controller hierarchy in accordance with implementations of the present invention involves one or more local domain controllers, such as one or more read-only local domain controllers in communication with one or more writable hub domain controllers. The local domain controllers include a resource manager, such as a Security Account Manager (“SAM”), that manages resources and/or other accounts information received from the writable hub domain controller. When a local user attempts to change the resource at the local domain controller, however, the resource manager chains the request, along with any appropriate identifiers for the request, to the writable hub domain controller, where the request is processed. If appropriate, the hub domain controller sends a response that the resource has been updated as requested and also sends a copy of the updated resource to be cached at the local domain controller.

Abstract: A domain controller hierarchy includes one or more hub domain controllers in communication with one or more local domain controllers, such as local domain controllers at a branch office. The hub domain controller(s) is writable, while the local domain controller(s) is typically read-only. Non-secure and secure information is partitioned to specific local domain controllers at the one or more hub domain controllers. The non-secure and secure information is then passed from the hub domain controller only to the local domain controller associated with the given partition at the hub domain controller on request. For example, a user requests a logon at a client computer system at a local branch office, and the logon is passed from the local domain controller to the hub domain controller. If authenticated, the user logon account is passed to the local domain controller, where it can be cached to authenticate subsequent requests.

Abstract: A domain controller hierarchy includes one or more hub domain controllers in communication with one or more local domain controllers, such as local domain controllers at a branch office. The hub domain controller(s) is writable, while the local domain controller(s) is typically read-only. Non-secure and secure information is partitioned to specific local domain controllers at the one or more hub domain controllers. The non-secure and secure information is then passed from the hub domain controller only to the local domain controller associated with the given partition at the hub domain controller on request. For example, a user requests a logon at a client computer system at a local branch office, and the logon is passed from the local domain controller to the hub domain controller. If authenticated, the user logon account is passed to the local domain controller, where it can be cached to authenticate subsequent requests.

Abstract: A domain controller hierarchy includes one or more hub domain controllers in communication with one or more local domain controllers, such as local domain controllers at a branch office. The hub domain controller(s) is writable, while the local domain controller(s) is typically read-only. Non-secure and secure information is partitioned to specific local domain controllers at the one or more hub domain controllers. The non-secure and secure information is then passed from the hub domain controller only to the local domain controller associated with the given partition at the hub domain controller on request. For example, a user requests a logon at a client computer system at a local branch office, and the logon is passed from the local domain controller to the hub domain controller. If authenticated, the user logon account is passed to the local domain controller, where it can be cached to authenticate subsequent requests.

Abstract: A domain controller hierarchy includes one or more hub domain controllers in communication with one or more local domain controllers, such as local domain controllers at a branch office. The hub domain controller(s) is writable, while the local domain controller(s) is typically read-only. Non-secure and secure information is partitioned to specific local domain controllers at the one or more hub domain controllers. The non-secure and secure information is then passed from the hub domain controller only to the local domain controller associated with the given partition at the hub domain controller on request. For example, a user requests a logon at a client computer system at a local branch office, and the logon is passed from the local domain controller to the hub domain controller. If authenticated, the user logon account is passed to the local domain controller, where it can be cached to authenticate subsequent requests.

Abstract: An offline trust system establishes a trust relationship between a trust authority computer system and a target computer system without relying on an active network connection between the computer systems. The offline trust system separates the trust establishment operation into a provisioning phase and a configuration phase. The provisioning phase can be performed entirely on the trust authority, while the configuration phase can be performed entirely on the target computer system requesting trust. The two phases can be performed at different times and do not assume any connection between the two computer systems. An administrator may perform the provisioning phase for many target computer systems at the same time. Thus, the offline trust system provides a way to establish trust between computer systems that is more reliable and less prone to failure.

Abstract: A domain controller hierarchy includes one or more hub domain controllers in communication with one or more local domain controllers, such as local domain controllers at a branch office. The hub domain controller(s) is writable, while the local domain controller(s) is typically read-only. Non-secure and secure information is partitioned to specific local domain controllers at the one or more hub domain controllers. The non-secure and secure information is then passed from the hub domain controller only to the local domain controller associated with the given partition at the hub domain controller on request. For example, a user requests a logon at a client computer system at a local branch office, and the logon is passed from the local domain controller to the hub domain controller. If authenticated, the user logon account is passed to the local domain controller, where it can be cached to authenticate subsequent requests.

Abstract: Dynamically associating an attribute and an associated value to an object includes dynamically associating attribute-value sets to an object, but is not so limited. An exemplary system includes a directory component that can be configured to dynamically assign different values, for a set attributes, to an object. An exemplary directory application can be configured to select an attribute-value set for an object based in part on a group membership determination, and a precedence parameter associated with an attribute-value, set, or other grouping. Other embodiments are available.

Abstract: An offline trust system establishes a trust relationship between a trust authority computer system and a target computer system without relying on an active network connection between the computer systems. The offline trust system separates the trust establishment operation into a provisioning phase and a configuration phase. The provisioning phase can be performed entirely on the trust authority, while the configuration phase can be performed entirely on the target computer system requesting trust. The two phases can be performed at different times and do not assume any connection between the two computer systems. An administrator may perform the provisioning phase for many target computer systems at the same time. Thus, the offline trust system provides a way to establish trust between computer systems that is more reliable and less prone to failure.

Abstract: A domain controller hierarchy in accordance with implementations of the present invention involves one or more local domain controllers, such as one or more read-only local domain controllers in communication with one or more writable hub domain controllers. The local domain controllers include a resource manager, such as a Security Account Manager (“SAM”), that manages resources and/or other accounts information received from the writable hub domain controller. When a local user attempts to change the resource at the local domain controller, however, the resource manager chains the request, along with any appropriate identifiers for the request, to the writable hub domain controller, where the request is processed.

Abstract: A domain controller hierarchy in accordance with implementations of the present invention involves one or more local domain controllers, such as one or more read-only local domain controllers in communication with one or more writable hub domain controllers. The local domain controllers include a resource manager, such as a Security Account Manager (“SAM”), that manages resources and/or other accounts information received from the writable hub domain controller. When a local user attempts to change the resource at the local domain controller, however, the resource manager chains the request, along with any appropriate identifiers for the request, to the writable hub domain controller, where the request is processed. If appropriate, the hub domain controller sends a response that the resource has been updated as requested and also sends a copy of the updated resource to be cached at the local domain controller.

Abstract: A domain controller hierarchy includes one or more hub domain controllers in communication with one or more local domain controllers, such as local domain controllers at a branch office. The hub domain controller(s) is writable, while the local domain controller(s) is typically read-only. Non-secure and secure information is partitioned to specific local domain controllers at the one or more hub domain controllers. The non-secure and secure information is then passed from the hub domain controller only to the local domain controller associated with the given partition at the hub domain controller on request. For example, a user requests a logon at a client computer system at a local branch office, and the logon is passed from the local domain controller to the hub domain controller. If authenticated, the user logon account is passed to the local domain controller, where it can be cached to authenticate subsequent requests.

Abstract: A domain controller hierarchy in accordance with implementations of the present invention involves one or more local domain controllers, such as one or more read-only local domain controllers in communication with one or more writable hub domain controllers. The local domain controllers include a resource manager, such as a Security Account Manager (“SAM”), that manages resources and/or other accounts information received from the writable hub domain controller. When a local user attempts to change the resource at the local domain controller, however, the resource manager chains the request, along with any appropriate identifiers for the request, to the writable hub domain controller, where the request is processed. If appropriate, the hub domain controller sends a response that the resource has been updated as requested and also sends a copy of the updated resource to be cached at the local domain controller.

Abstract: A domain controller hierarchy in accordance with implementations of the present invention involves one or more local domain controllers, such as one or more read-only local domain controllers in communication with one or more writable hub domain controllers. The local domain controllers includes a resource manager, such as a Security Account Manager (“SAM”), that manages resources and/or other accounts information received from the writable hub domain controller. When a local user attempts to change the resource at the local domain controller, however, the resource manager chains the request, along with any appropriate identifiers for the request, to the writable hub domain controller, where the request is processed. If appropriate, the hub domain controller sends a response that the resource has been updated as requested and also sends a copy of the updated resource to be cached at the local domain controller.

Abstract: Communicating with a distributed service in the network computing environment. A method for communicating with a distributed service includes referencing a configuration registry to determine resources and permissions in a potential distributed service entry. A potential distributed service entry identifies a distributed service corresponding to the potential distributed service entry that is authorized to exist by virtue of an entry in the configuration registry for the potential distributed service entry specifying that the distributed service may exist, whether or not the distributed service corresponding to the potential distributed service entry exists. The method further includes using the resource information, attempting to contact the distributed service corresponding to the potential distributed service entry. Permissions of the distributed service corresponding to the potential distributed service entry are verified to match permissions of the potential distributed service entry.

Abstract: Embodiments are provided to dynamically associate an attribute and an associated value to an object, including attribute-value sets to an object, but the embodiments are not so limited. In an embodiment, a system includes a directory component that can be configured to dynamically assign different values, for a set attributes, to an object. In one embodiment, a directory application can be configured to select an attribute-value set for an object based in part on a group membership determination, and a precedence parameter associated with an attribute-value, set, or other grouping. Other embodiments are available.

Abstract: Sharing resources on a network include, for example, a domain controller hierarchy scheme, which is used in some implementations to organize and share both secure and non-secure resources in an efficient manner. Using authentication information can be used to architect a trustworthy system to divulging sensitive client data (such as user/computer passwords) to a host system. The sensitive client data can be released to the host system when a client establishes a relationship having a degree of trust with the host.

Abstract: An apparatus for mooring watercraft to a dock makes use of a mooring clamp with at least one rearward-pointing teeth. The tooth and other inner surfaces of the clamp define a serpentine path for engaging a mooring arm from the watercraft to a docking member attached to the edge of the dock. The docking member is mounted substantially vertically and is sized to engage the serpentine path of the clamp lying substantially in the horizontal plane, the mooring apparatus permits the craft to rise and fall vertically without subjecting the mooring clamp to undue stress. At the same time, the features of the serpentine path inhibit accidental unmooring of the craft from natural forces until manually released.

Abstract: An apparatus for mooring watercraft to a dock makes use of a mooring clamp with a pair of rearward-pointing teeth. The teeth and other inner surfaces of the clamp define a serpentine path for engaging a corresponding pole mounted to the watercraft. Because the pole is mounted substantially vertically and the serpentine path lies substantially in the horizontal plane, the mooring apparatus permits the craft to rise and fall vertically without subjecting the mooring clamp to undue stress. At the same time, the features of the serpentine path inhibit accidental unmooring of the craft from natural forces.