Abstract: Mechanisms have been developed for synchronizing information, e.g., password or other access credential information, amongst directory spaces or repositories, that employ dissimilar protective transformations, e.g., hashes, encryption, etc. In some exemplary realizations, directory spaces are embodied as directory servers, services or similar components of computer operating systems. In some exemplary realizations, dissimilar protective transformations include differing hashes (or encryption) techniques or facilities employed by products available from Sun Microsystems, Inc., on the one hand, and Microsoft Corporation on another. However, the inventive techniques are not limited thereto. The mechanism includes detecting changes to information encoded in a first information store and invalidating a corresponding entry of a second information store. The invalidating triggers information synchronization upon a subsequent attempt to authenticate against this entry in the second store.

Abstract: Mechanisms have been developed for synchronizing information amongst directory spaces or repositories that employ dissimilar protective transformations. In some exemplary realizations, directory spaces are embodied as directory servers, services or similar components of computer operating systems. In some exemplary realizations, dissimilar protective transformations include differing hashes (or encryption) techniques or facilities employed by products available from Sun Microsystems, Inc., on the one hand, and Microsoft Corporation on another. However, the inventive techniques are not limited thereto. The mechanism is responsive to a change in the second store, invalidating a corresponding entry in the first store. Upon receipt, by the first store, of an authentication request that includes a credential and which corresponds to the invalidated entry, the method chains the authentication request to the second store.

Abstract: Mechanisms have been developed for synchronizing information, e.g., password or other access credential information, amongst replicated directory spaces or repositories. In some exemplary realizations, directory spaces are embodied as directory servers, services or similar components of computer operating systems, including LDAP, UDDI, Active Directory or other standardized or proprietary directory environments. In one embodiment in accordance with the present invention, a method includes invalidating an entry of at least one replica store. The invalidation of the entry of the replica store triggers information synchronization of a corresponding invalidated entry of a master store to a corresponding entry of an authoritative store on a next attempt to authenticate against the invalidated entry of the replica store. The method may include propagating information of the synchronized master store entry to at least one other replica store.