`Franklin et al.
`
`US006105069A
`[11] Patent Number:
`[45] Date 0f Patent:
`
`6,105,069
`Aug. 15, 2000
`
`[54] LICENSING CONTROLLER USING
`NETWORK DIRECTORY SERVICES
`
`[56]
`
`References Cited
`Us PATENT DOCUMENTS
`
`[75] Inventors: Nicholas Huston Franklin, Lehi; Bill
`Guy Bodine, Orem; Randall R. Cook,
`springv?le; Calvin R_ Gaisford, Provo;
`Matthew G_ Brooks, Orem; Carla M_
`HeeSCh, Spring Lake; Kelly E-
`Sonderegger, Santaquin, all of Utah
`
`[73] Assignee: Novell, Inc., Provo, Utah
`
`[63]
`
`[21] Appl- NO-I 08/970,069
`.
`_
`Flled'
`
`[22]
`
`NOV' 13’ 1997
`Related U S Application Data
`'
`'
`Continuation-in-part of application No. 08/786,918, Jan. 22,
`1997, Pat, No, 5,893,118,
`_
`7
`Int. Cl. ......................... .. G06F 15/173, G06F 17/00
`[51]
`[52] US. Cl. ........................ .. 709/229; 709/217; 709/223;
`709/224; 709/225; 709/226; 395/712
`[58] Field of Search ........................ .. 395/20059, 200.11,
`395/610, 200.03, 200.56, 187.01, 712; 707/203,
`200, 204, 10
`
`5/1998 Olsen ............................... .. 395/18701
`5,758,069
`6/1998 Sonderegger . . . . . . . . . .
`. . . . . . . .. 395/610
`5,761,499
`1/1999 Sonderegger et a1. .
`395/20056
`5,859,978
`4/1999 Sonderegger ......................... .. 707/203
`5,893,118
`Primary Examiner—Dung C. Dinh
`Assistant Examiner—Abdullahi Elmi Salad
`Attorney, Agent, or Firm—Madson & Metcalf
`[57]
`ABSTRACT
`
`Adirectory services system includes a resource object, such
`as an application object for accessing a resource associated
`With the resource object. Attributes of the resource object
`contain licensing control information. The licensing
`attributes may be used by executables to control access by
`a user_ to properly hcensed Instances of a res_o_urce Corre
`sponding to the resource ob]ect. Also, a utility may be
`provided to manage the licensing attributes in the resource
`Object‘ Alicensing function may thus Control a resource, Via
`its resource Object in the directory Services database~ Licens_
`ing maybe easily implemented by setting a neW disabling
`attribute in the Object'
`
`20 Claims, 13 Drawing Sheets
`
`31
`
`__
`
`1 90
`
`J
`
`l
`
`LAUNCHER
`
`/196 g?iCé'QCfg/ZY sERvlcEs
`
`280
`
`(I
`
`840
`
`NETWORK
`
`/_22O
`
`DYNAMIC LINK LIBRARY
`’ 850'\,_ LICENSING
`"202
`OBJECT
`LAUNCHAPI
`\ -[ 856“
`F -252 ~-
`
`LICENSING
`OBJECT
`
`/'_248
`100 LICENSING
`MODULE/SNAP-IN
`
`_848
`
`I—| -
`LICENSING
`854
`ATTRIBUTE
`[METHODS]
`‘K
`854
`l
`6 \
`
`[lVTERMEDIATEAPI
`L
`. 0 _
`
`844“
`‘LICENSING DLL
`I
`‘[LICENsING API
`
`892‘
`
`I
`
`I
`
`8SZ/C1ICENSING
`ATTRIBUTES
`
`II
`
`NETWORK REsOuRCEs
`
`LICENSING
`860_ sERvER
`~
`
`NETWORK
`DIRECTORY
`sERvICEs
`CLIENT
`
`NETWORK
`DIRECTORY
`sERvIcEs
`sERvER
`
`FILE
`sERvER
`
`842“
`FILE
`IICENSING NETWORK
`CLIENT
`DIRECTORY SYSTEM
`SERVICE
`CLIENT
`Q) E
`
`\
`
`[
`|
`
`‘
`:
`~264a
`+
`g
`| [NCP] sERvER
`/[
`\ [NCP] CLIENT
`NETWxRK PROTOCOL [IPX] {#26634 NETWORK PROTOCOL [IPX]
`
`276
`"l‘ —
`
`-
`
`272
`_
`
`_264b |
`266b |
`
`274
`—
`L
`'
`
`270
`
`IPR2017-01290
`Ubisoft EX1004 Page 1
`
`
`
`U.S. Patent
`
`Aug. 15,2000
`
`Sheet 1 0f 13
`
`6,105,069
`
`h .mE
`
`
`
`:\,\ mo<mo5
`
`Sam: 0
`
`sow? _
`
`_
`
`Q30 i0
`
`IPR2017-01290
`Ubisoft EX1004 Page 2
`
`
`
`U.S. Patent
`
`Aug.15, 2000
`
`Sheet 2 of 13
`
`6,105,069
`
`v9
`
`oS (ALIGM/avV34)
`
`FOVYOLS
`
`FOIA
`
`IPR2017-01290
`Ubisoft EX1004 Page 3
`
`IPR2017-01290
`Ubisoft EX1004 Page 3
`
`
`
`
`U.S. Patent
`
`Aug. 15,2000
`
`Sheet 3 0f 13
`
`6,105,069
`
`12, 30, 70
`
`8)1
`
`‘
`
`DIRECTORY SERVICES SERVER
`
`84
`
`(
`
`8O PROCESSOR x82
`\
`l
`MEMORYDEVICE /1 12
`94
`CONTAINER OBJECT
`/'——114
`RIGHTS
`’ /
`OBJECT TREE
`/
`/
`
`9O, \\96
`
`/
`110<<
`
`\~ \
`
`
`
`ASSOCIATION LIST GROUP OBJECT
`
`92
`
`_
`
`RIGHTS
`MEMBERsI-IIPLIsT
`DISTINGUISHED NAMES
`ASSOCIATION LIST‘
`
`\
`116 OBJECT TREE
`QO/r
`
`9O
`
`92
`
`l
`
`usER OBJECT
`RIGHTS
`AssOCIAnON LIST
`
`|
`
`APPLICATION OBJECT
`
`\\98 0B ECT TR E
`-]\
`J
`E
`\120
`\1 22
`~|\
`1 0O
`
`92
`
`FUNCTIONAL OBJECT
`
`*
`
`1 02
`DIRECTORY sERvICEs ~\
`SUPPORTING EXECUTABLES
`104
`
`DIRECTORY sERvICEs \
`SEARCH ENGINES
`\106
`
`Fig. 3
`
`IPR2017-01290
`Ubisoft EX1004 Page 4
`
`
`
`U.S. Patent
`
`Aug. 15,2000
`
`Sheet 4 0f 13
`
`6,105,069
`
`[94
`
`CONTAINER OBJECT
`ATTRIBUTES
`OWN DISTINGuISHED
`
`_/—124
`
`-126
`CONTAINED CONTAINER OBJECTS
`DISTINGUISHED NAMES
`—/
`
`LEAF OBJECTS ' DISTINGUISHED NAMES _ _/-- 1 28
`
`l
`
`ASS0cIATIoN LIST
`APPLICATION OBJECT
`DISTINGUISHED NA MES
`TYPE-A OBJECT
`DISTINGUISHED NAMES
`
`TYPE-B OBJECT
`DISTINGUISHED NA ME
`
`Q 0 0
`
`_/—114
`/_13o
`——
`*/—132
`-
`
`_/—134
`
`METHODS
`
`-/108
`
`METHOD x
`
`IvIETHoD Y
`
`METHOD 2
`
`Fig. 4
`
`IPR2017-01290
`Ubisoft EX1004 Page 5
`
`
`
`U.S. Patent
`
`Aug. 15,2000
`
`Sheet 5 0f 13
`
`6,105,069
`
`[96
`
`GROUP OBJECT
`
`ATrRIBuTES
`
`DISTINGUISHED NAME
`
`_ /——1 24
`
`COMMON NAME 0 CONTEXT
`
`_/11o
`
`/—140
`MEMBERSHIP LIST
`USER 1 DISTINGUISHED NAME \__
`USER 2 DISTINGUISHED NAME #7
`
`_/
`0
`USER rI DISTINGUISHED NAME
`
`ASSOCIATION LIST
`ACCESS CONTROL LIST (A CL)
`
`APPLICATION OBJECT
`DISTINGUISHED NA MES
`OTHER OBJECT
`DISTINGUISHED NAMES
`O D O
`
`#118
`—/
`'_138a
`
`——1 38b
`
`/—138C
`
`OBJECT DISTINGUISHED NAME
`
`—1 38d
`
`METHODS
`
`_/1O8
`
`METHOD 1
`
`METHOD 2
`
`Fig. 5
`
`IPR2017-01290
`Ubisoft EX1004 Page 6
`
`
`
`U.S. Patent
`
`Aug.15, 2000
`
`Sheet 6 of 13
`
`6,105,069
`
`Lo3rdo
`
`
`
`LSITNOILVIDOSSV
`
`
`
`S3NWNG3HSINDNILSIC
`
`
`
`S3IWVNGSHSINONILSIG
`
`
`
`S3WVNG3HSINDNILSIA
`
`G3AHSINONILSIGt5SALNGIEGLLYvel
`
`
`
`NOWNOD_TT3AONWYO'SdD'‘LVONVNS6bMINITLNFEVdC¢OLLLX4LNOD@®ANVN
`
`vvlAINVN
`a6r|.SAWVNdNOYD
`
`Of|193%AONOLVIITddV
`80LISNIDO
`Ze1LO3PdO|AdAL
`Ze}LO3PdO|3dAL
`Y¥4sn
`
`SGOHLIW
`
`
`
`LdlHOSNIDOT
`
`FLVIOILNAHLNV
`
`GYOMSSVd
`
`eee
`
`
`
`L94LAGYAGNYLNI
`
`
`
`AYOLIAYIGCFNOH
`
`9‘biz
`
`IPR2017-01290
`Ubisoft EX1004 Page 7
`
`IPR2017-01290
`Ubisoft EX1004 Page 7
`
`
`
`U.S. Patent
`
`Aug. 15,2000
`
`Sheet 7 0f 13
`
`6,105,069
`
`100
`
`I
`|
`
`RESOURCE [APPLICATION] OBJECT
`METHODS
`
`108
`-/
`I
`|
`J’ 11162
`——/f_
`+//—166
`#1
`—/ 62
`BASIC FUNCTIONAL ATTRIBUTES
`160
`(e.g. Environment, configuration, ect. data, including others)
`
`ATTRIBUTES
`AssOcIATION BACKLINK LIST
`
`__/ ’
`LICENSING ATTRIBUTES (Names, data, Or pointer to object)
`
`RIGHTS ATTRIBUTES
`
`FOLDERING ATTRIBUTES
`
`DISABLING FLAG
`
`PROXIMITY (Values for Criteria)
`CONTEXT
`GEOGRAPHY/D
`TIME POSITION
`LOGICAL POSITION
`SPATIAL POSITION ORGANIZATION ID
`
`sITE LIST
`DISTINGUISHED NAMES (A OI)
`
`FAULT TOLERANCE LIST
`DISTINGUISHED NAMES (A OI)
`
`LOAD-BALANCING TOLERANCE LIST
`DISTINGUISHED NAMES (A OI)
`
`»-—1 58
`—/
`
`—/ F1 56
`»-1 4
`—/ 5
`
`_/-—152
`
`K150
`/
`
`_/”"17O
`172
`
`—/ F1 74
`
`//-—176
`
`-17
`-/
`8
`r179
`
`ALTERNATE BA CKLINK LIST (A OI)
`
`if 1 80
`+ /’ 1 81
`
`Fig. 7
`
`IPR2017-01290
`Ubisoft EX1004 Page 8
`
`
`
`U.S. Patent
`
`Aug.15, 2000
`
`Sheet 8 of 13
`
`6,105,069
`
`NOILVULSININGV
`
`
`
`ALITILNNOILVIDOSSV
`
`
`
`ALITILNNOILONNA
`
`
`
`ALITILNONIONVTVE-LINVA
`
`
`
`ALITILNONIONVIVE-AVOT
`
`ALITILNLSI]ALIS
`
`
`
`
`
`ALITILNMNITHOVEFAILVNYFLIV
`
`MHOMLAN Ode
`
`
`
`
`
`
`
`98stONINMVEDOdSNOILVOIIddVMYUOMLAN
`
`
`
`ALIHILNONIBAGTOF
`
`
`
`ALITILNONITEVSIC
`
`
`
`ALITLLAONISNAOIT
`
`
`
`ALTTLNSLHDIG
`
`
`
`
`
`(S,\dV)FOVAYFLNIeBgL
`
`SAIIAYAS
`
`
`
`AYOLIAUIGWALSAS
`
`MAOMLANJd
`
`
`
`MYOMLANLNIITD
`
`
`
`NOILVLSMYOM
`
`ONILVHAdO
`
`WALSAS
`
`8‘bi
`
`vstc8i
`
`IPR2017-01290
`Ubisoft EX1004 Page 9
`
`
`
`
`
`(TVN‘8'9)AYVYGITIVN
`
`YAHINNV)
`
`SIATEViNnIgAXxa
`
`
`
`SNOLLVOITddVMYHOMLAIN
`
`
`
`(WN‘6°8)SAHONNVT
`
`O61
`
`IPR2017-01290
`Ubisoft EX1004 Page 9
`
`
`
`U.S. Patent
`
`Aug.15, 2000
`
`
`YaAgdasAXOLIAYIG
`
`AHOLIAYIAY3aAYuRaS
`
`JsMHOMLAN
`
`MYOMLINTVWNOILONNA
`
`|PsineieLiv
`TYNOILONNA
`
`SADIAYAS
`
`
`
`SAIIAYASAGOLIAUIG
`
`4SvVaviva
`
`00l
`
`NOLLVOITddV
`
`TVNOILONNA
`
`LI35PrgdoO
`
`L93rqgo
`
`08¢06|.
`
`SADIAWAS
`
`Y3aAudaS
`
`
`
`
`
`
`
`INITIO‘Bulsuaary*6'a)1VN
`
`
`
`‘sjyBIyNOILINNA
`
` MHOMLIN ¥3AugS[dONI ——(71d
`
`572A(‘23a092IVNo1Se
`
`
`‘Aouepunpasapisul‘ba
`
`
`aTevle
`
`BuysapjojJIIAGASANFITO
`
`Sheet 9 of 13
`
`6,105,069
`
`0226‘big
`
`
`
`[Xdit]TODOLOUd
`
`
`
`IPR2017-01290
`Ubisoft EX1004 Page 10
`
`IPR2017-01290
`Ubisoft EX1004 Page 10
`
`
`
`
`
`
`
`
`
`U.S. Patent
`
`Aug. 15,2000
`
`Sheet 10 0f 13
`
`6,105,069
`
`100
`
`L
`
`DIRECTORYSERVICES
`[RESOURCE/FUNCTIUN] OBJECT
`ATTRIBuTEs
`
`ASSOCIATION LIST
`
`BACKLINK LIST
`714*» DISTINGUISHED NAME A
`T
`. . .
`
`coNsuIvIER D.N. A-REsouRcE B-LICENSE c
`Q Q .
`
`'8
`\
`718
`
`'8
`\
`720
`
`'3
`\
`722
`
`700
`
`_/ 701
`
`__712
`M’
`
`__/’—71 6
`
`P704
`-/ 724
`/,__
`
`LICENSE CERTIFICATE
`
`728__\__ TIMES 734\REPORTING BACKLINKS j“ ,/—740
`73O__\__ TYPES
`METERING
`cRossLINKs -——--T" ,__742
`\__ NUMBERS
`KEYS \736 ENABLED FUNCTIONS -—/
`
`LICENSE CERTIFICATE
`
`_/ P71 0
`
`7§4
`RuN LIMITATTRIBUTES 766 / 770
`\
`RM 'I_II|IIIT FLAG
`To usE I_IsT ’
`IISED I_IsT
`768
`
`,/—71 0
`
`/_\772
`
`//—758
`METHODS
`752\
`746-‘
`748_ ¥ TIMEs 754\REPORTING BACKLINKS ————-“" [760
`750_ ¥ TYPES
`METERING
`cRossLINKs -—-——~’
`T¥ NUMBERS
`KEYS\756 ENABLED FUNCTIONS -/
`
`I
`
`Fig. 10
`
`IPR2017-01290
`Ubisoft EX1004 Page 11
`
`
`
`U.S. Patent
`
`Aug. 15,2000
`
`Sheet 11 0f 13
`
`6,105,069
`
`DIRECTORY SERVICES
`CONSUMER OBJECT
`
`T\*-'7BO
`
`ATTRIBUTES
`
`ASSOCIATION LIST
`
`A‘-782
`
`Z8_4
`
`RESOURCE OBJECT
`O O O
`LICENSE OBJECT
`
`CONSUMER LICENSE ATTRIBUTE
`RESOURCE OBJECT-LICENSE OBJECT 4'\_ 796 m
`
`792
`
`794
`
`METHODS
`
`798
`
`Fig. 11
`
`IPR2017-01290
`Ubisoft EX1004 Page 12
`
`
`
`U.S. Patent
`
`Aug. 15,2000
`
`Sheet 12 0f 13
`
`6,105,069
`
`800
`
`L
`
`MODIFY SCHEMA IN DIRECTORY sER vICEs SYSTEM
`
`830 L,»
`
`CREATE CONsuMER LICENSE ATTRIBUTES
`
`P
`832 v
`
`CREATE [LICENSING] OBJECT HAVING
`RESOURCE LICENsING ATTRIBUTE
`
`?
`806 q
`
`808 ‘,6
`
`+
`804 q” [PRO vIDE LICENSING ADMINISTRATION ExECuTA BLES]
`{I
`CREATE INs TA NCEs OF DIRECTORY sER was
`OBJECTS HAVING LICENsING ATTRIBuTE
`+
`[PROVIDE LICENsING CONsuMING ExECuTA BLE]
`J
`REOuEsT REsOuRCE
`{I
`FIND AssOCIATION IN REsOuRCE BA CKLINK
`+
`READ RESOURCE LICENsING ATrRIBuTEs
`
`810 V»
`
`81 2 q»
`
`81 4 L,»
`
`836
`
`834 g» FIND CONsuMER RIGI-ITs
`
`SEARCH AUTHORIZATION ”“
`
`81 6
`
`828
`82\6\
`FAIL‘ AND FOLL‘O W-UP
`REPORT > ACTION
`ATTEMPT
`
`81 8 q»
`
`sET UP LICENsE [usING CERTIFICATE]
`
`820 q»
`
`LAUNCH AND USE REsOuRCE I/A/w LICENsE
`
`822 _/—
`
`CLOSE REsOuRCE AND LICENSE
`
`824 _,~
`
`REPORT INSIDE OR OUTSIDE OF 05 SYSTEM
`
`Fig. 12
`
`IPR2017-01290
`Ubisoft EX1004 Page 13
`
`
`
`U.S. Patent
`
`Aug.15, 2000
`
`Sheet 13 of 13
`
`6,105,069
`
`Ors
`
`08¢
`
`Largo
`
`Loargo
`
`4ASVavLlvd
`
`ONISNAIIT
`
`SGOHLAN
`
`
`
`
`
`
`Y3ANRS||AYOLOFZHYICAHOLOZYIAYIAYAS098
`
`
`DNISNFII7|_szounosauId~|MYOMLINyomé!IdVONISNIONTner268
`‘YOWYFNNSNODvS8
`‘YOWADENOSAY
`Ni-d¥NS/J7INGOW
`H3aAYFSANIITOZaye
`
`
`2NISNZII7||OOF
`
`SIDIAHASS39IAHAS
`vl29/2
`=SaiNgINLLy
`1.SLNSIMLIVONISNAOIITi
`
`
`[Xdi]TODOLOYdMHOMLAIN
`ONISNAOIIT
`ONISNIOIT
`
`SAIDIAYASAXOLIAGIG
`
`¥3AuRS[dONILN3ITO[dN]
`
`
`ONISNFIIT
`O61
`
`
`—[Xdi]TODOLOUdMHOMLIN
`
`TId{|__|7
`
`OL¢e
`
`EL‘big
`
`Brod
`
`B99¢
`
`IPR2017-01290
`Ubisoft EX1004 Page 14
`
`IPR2017-01290
`Ubisoft EX1004 Page 14
`
`
`
`
`
`
`
`
`
`
`1
`LICENSING CONTROLLER USING
`NETWORK DIRECTORY SERVICES
`
`RELATED APPLICATIONS
`
`This application is a continuation-in-part of and claims
`priority to US. patent application Ser. No. 08/786,918 ?led
`Jan. 22, 1997, now US. Pat. No. 5,893,118, Which is
`incorporated herein by reference.
`
`BACKGROUND
`
`1. The Field of the Invention
`This invention relates to netWorked computer systems
`and, more particularly, to novel systems and methods for
`providing run control of applications, using directory ser
`vices systems, as Well as simpli?ed, embedded control of
`application licensing With minimum effort.
`2. The Background Art
`The present invention relies on, and improves upon, the
`management of application programs in a computer netWork
`by an application launcher or netWork application launcher
`programmed for managing applications in a multi-server
`netWork through the use of application objects in a directory
`services database. This technology is described in US.
`patent application Ser. No. 08/940,789, directed to a direc
`tory services-based launcher for load balanced, fan it
`tolerant, access to closest resources: Ser. Nos. 08/499,711
`and 08/863,860 each directed to a netWork application
`launcher for managing applications incorporated herein by
`reference.
`Modern computer netWorks may contain several servers
`and numerous clients hosting softWare administered by a
`“network administrator”. A Wide variety of application pro
`grams such as Word processors, spreadsheets, database
`managers, program development tools, and the like
`(collectively, “applications”) are typically found on one or
`more servers in the netWork. Necessary ?le access rights and
`execution environments must be provided by the
`administrator, and users need noti?cation. Sometimes
`executable codes and other resources are scattered, and may
`be replicated, making administration dif?cult.
`A netWork application launcher (e.g. Novell’s NAL)
`provides computer-implemented methods and apparatus for
`consistently determining the nature and location of applica
`tion program executable codes in a netWork, using directory
`services objects.
`When users travel from one Work site to another, they
`often prefer to maintain the performance and familiarity of
`the netWork they ordinarily use. Users Who must Work aWay
`from the normal place of business Will typically have certain
`softWare applications and other resources on Which they
`depend. An application is typically launched from a server
`Where a user has established rights. Upon traveling to a
`remote location, a user may desire to access the closest
`possible server hosting a particular application. LikeWise, a
`user typically desires the least time and interaction possible
`to launch an application. Moreover, system administrators as
`Well as vendors of softWare need improved methods for
`tracking, metering, and licensing softWare use to reduce
`costs of over-supporting users as Well as for verifying
`compliance With license terms.
`What is needed is a convenience for users and adminis
`trators for providing quickly, simply, reliably, and easily the
`desired licensing services and maintenance abilities over a
`distributed netWork, even on remote servers, and other
`nodes. For example, an administrator may need to license a
`
`6,105,069
`
`2
`resource broadly or narroWly to a class, type, organiZation,
`or individual. A server that could do so automatically, even
`dynamically Without laboriously removing and replacing
`rights, access, setup data, etc. in a distributed directory
`services system Would provide numerous economies and
`improved security.
`
`BRIEF SUMMARY AND OBJECTS OF THE
`INVENTION
`
`10
`
`15
`
`20
`
`25
`
`30
`
`40
`
`45
`
`55
`
`60
`
`65
`
`In general, any resource may be located and used
`(consumed) over a netWork by the appropriate service
`corresponding to the resource. Thus, herein, applications are
`used by Way of example of a resource and application
`objects are examples of any suitable resource object. Direc
`tory services objects are knoWn in the art.
`The present invention’s methods and apparatus for cen
`trally managing application programs in a computer
`netWork, improve a NetWork Application Launcher (NAL)
`by modifying a database schema and executables (utilities)
`for managing its information. The database schema de?nes
`resources that can be represented, so netWork administrators
`have an ef?cient and effective Way to make resources
`available on the netWork. Controlling organiZation, linking,
`rights assignments, and licensing or other access to a
`resource may be done simply, and transparently to netWork
`users, or groups of users, needing particular netWork
`resources.
`The resources may be represented in a modi?ed directory
`services database that includes resource (e.g. application)
`objects representing resources (eg application programs),
`such as printers, peripherals, Word processors and
`spreadsheets, that reside on the netWork. The modi?cations
`to the schema provided by the present invention support the
`creation, deletion, alteration, management, and consumption
`of attributes in application objects in the netWork directory
`services (DS or NDS) database. In one embodiment, admin
`istrative routines for managing application objects are pro
`vided through “snap-in” modules that extend familiar
`administration tools presently used, for example, in Novell
`NetWare netWorks’ NW Admin.
`Each application object may represent one instance of a
`resource (eg an application) and its execution environment,
`including, for example, the location of at least one execut
`able code, a brief name that identi?es the application, an
`icon, the location of the application’s Working directory,
`drive mappings and printer port captures needed, and the
`command line parameters (if any) that should be passed to
`the application to begin execution. Alternative embodiments
`of the invention may include utilities for managing attributes
`and executables for consuming them. Application objects
`may contain one or more of ?le rights attributes, licensing
`attributes, foldering links, a site list, fault-tolerance list, and
`load-balancing list for identifying a closest available,
`equivalent instance of a resource (e.g. application), and a
`disabling ?ag for easily removing such availability.
`Other functions may also be added. The neW, functional
`attributes may store key information in the central DS
`database, Which is managed through speci?ed administrator
`tools and user interfaces. Snap-ins are added to these tools
`to manage the neW attributes. Database updates are thus
`readily performed With the administrator tools. The appli
`cation launcher is provided With application programming
`interfaces (APIs) in dynamically linked libraries (DLLS) as
`executables for consuming the attributes in order to execute
`properly and transparently (to a user) an available, closest
`instance of a desired application.
`
`IPR2017-01290
`Ubisoft EX1004 Page 15
`
`
`
`3
`To provide convenience for traveling users, a system
`administrator may edit certain attributes in an application
`object. These attributes may be created for distributing and
`specifying access and logical links betWeen instances of
`application objects and corresponding applications. Thus,
`even though different instances or copies of an application
`may be hosted on different servers, they are logically the
`same, and may be so identi?ed by proper values of attributes
`in an application object.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`The foregoing and other objects and features of the
`present invention Will become more fully apparent from the
`folloWing description and appended claims, taken in con
`junction With the accompanying draWings. Understanding
`that these draWings depict only typical embodiments of the
`invention and are, therefore, not to be considered limiting of
`its scope, the invention Will be described With additional
`speci?city and detail through use of the accompanying
`draWings in Which:
`FIG. 1 is a schematic block diagram of a system of
`netWorked computers in accordance With the invention;
`FIG. 2 is a schematic block diagram of an individual node
`in a netWork system such as that of FIG. 1;
`FIG. 3 is schematic block diagram of a directory services
`system on a server, such as a server of FIG. 1 and FIG. 2;
`FIG. 4 is a schematic block diagram of a container object
`in a directory services system of FIG. 3;
`FIG. 5 is a schematic block diagram of a group object in
`a directory services system of FIG. 3;
`FIG. 6 is a schematic block diagram of a user object in the
`directory services system of FIG. 3;
`FIG. 7 is a schematic block diagram of an application
`object in accordance With the invention for inclusion in the
`directory services system of FIG. 3;
`FIG. 8 is a schematic block diagram of a netWork appli
`cation launcher system illustrating data structures for admin
`istrating and executing functions and data structures in
`accordance With the invention;
`FIG. 9 is a schematic block diagram of data structures and
`operational access for one embodiment of an architecture for
`a netWork application launcher, such as that of FIG. 8;
`FIG. 10 is a schematic block diagram of data structures
`suitable for implementing a distributed licensing manage
`ment system in accordance With the invention, Which may
`use the directory services system of FIG. 3, in conjunction
`With the data structures and architecture of FIGS. 2—9;
`FIG. 11 is a schematic block diagram of methods for
`implementing one embodiment of the functions and data
`structures of FIG. 11 in accordance With the invention;
`FIG. 12 is a schematic block diagram of a licensing
`method in accordance With the invention; and
`FIG. 13 is a schematic block diagram of the data struc
`tures for implementing the method of FIG. 12.
`
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS
`It Will be readily understood that the components of the
`present invention, as generally described and illustrated in
`the Figures herein, could be arranged and designed in a Wide
`variety of different con?gurations. Thus, the folloWing more
`detailed description of the embodiments of the system and
`method of the present invention, as represented in FIGS. 1
`through 11, is not intended to limit the scope of the
`
`10
`
`15
`
`25
`
`35
`
`45
`
`55
`
`65
`
`6,105,069
`
`4
`invention, as claimed, but is merely representative of the
`presently preferred embodiments of the invention.
`The presently preferred embodiments of the invention
`Will be best understood by reference to the draWings,
`Wherein like parts are designated by like numerals through
`out. Referring noW to FIG. 1, a system 10 or netWork 10 of
`computers may include a storage medium accessible to one
`or more netWorks 12 (eg netWorks 12a, 12b, 12c). A
`netWork 12 may be provided service of ?les, applications, or
`other functions and data structures by a server 14 (eg
`servers 14a, 14b, 14c). Each netWork 12 may interconnect
`an appropriate number of nodes 16 or computers 16 of Which
`a server 14 or router 14 may be Warrant. In addition, various
`printers 18, storage devices 20, remote nodes 16 and the like
`may serve as resources 22 available to nodes 16 in the
`netWork 12.
`Referring noW to FIG. 2, in general, any netWork 30 or
`apparatus 10, such as the netWork system 10 or apparatus 10
`of FIG. 1, may include nodes 31 (eg nodes 14, 16, 70, 72,
`74). Each node 31 may include a processor 32 and memory
`devices 34, such as storage devices 36, read only memory
`(ROM) 38, and random access memory (RAM) 40, some
`times referred to as operational memory. The node 31 may
`include a variety of input devices 42, and output devices 44
`Whether dedicated as illustrated in FIG. 2, or available over
`a netWork 12 of FIG. 1, as resources 22.
`Typically, a node 31 may include a netWork card 46 for
`connecting to a netWork 50 (e. g. netWork 12) outWardly, and
`a bus 52 for interconnecting elements internally. Input
`devices 42 may include a keyboard 54, a mouse 56 or other
`pointing device such as a stylus or graphics tablet, a touch
`screen 58, a scanner 60, or even a storage device 61 for
`providing data to the node 31. Similarly, output devices 44
`may include monitor 62, printer 64, storage devices 66, and
`the like for providing data from the node 31.
`A router 68 may interconnect netWorks 50, 70 Where each
`netWork 50, 70 may include some simple nodes 72, such as
`clients 72a—72d, and servers 74. NetWorks 12, 50, 70 are
`Well understood in the art. Accordingly, the hardWare illus
`trated in by Way of an example, and not limitation as to the
`hardWare suite on Which the invention may be implemented.
`More or less equipment may be used in many particular
`embodiments.
`Referring noW to FIG. 3, directory services system 80
`may be hosted on a directory services server 81. Adirectory
`services system 80 is typically highly distributed among
`nodes 31 over interconnected netWorks 12, 30, 50, 70, and
`thus may be referred to simply as directory services, regard
`less of Which particular data structures and hardWare may be
`implicated or required for a particular task.
`Nevertheless, a directory services system 80, 81 may
`include a processor 82 for executing executables, Where an
`executable may be any executable data structures from a
`single machine instruction to a sophisticated system of
`applications. The process 82 may rely on memory device 84
`to create, manage, or store object trees 90 of individual
`objects 92 linked in a hierarchical relationship.
`For example, container objects 94 can contain other
`objects, Whereas a group object 96 merely contains infor
`mation identifying relationships betWeen objects 92, Which
`need not be hierarchical. Auser object 98 is one example of
`an object that may be identi?ed by a group object 96, and
`contained in a container object 94 (a parent 94 to the leaf
`98).
`One very useful object 92 is an application object 100,
`identifying certain important information associated With an
`
`IPR2017-01290
`Ubisoft EX1004 Page 16
`
`
`
`6,105,069
`
`15
`
`25
`
`5
`actual executable ?le corresponding to an application. Vari
`ous application objects 100, 102 may be stored and related
`in object trees 90 in a directory services system 80. A
`directory services system 80 includes numerous executables
`104 knoWn in the art and Well described elseWhere.
`Likewise, directory services search engines 106, or simply
`search engines 106, may include sophisticated methodolo
`gies for creating and executing queries to locate speci?c
`objects 92 in an object tree 90 Within a directory services
`system 80. One should keep in mind that, in general, a
`directory services system 80 may actually be distributed
`throughout the memory devices 11, 34, 84 of any appropri
`ate number of netWorks 12, 30, 50, 70. Typically, an object
`92 may be created to include methods 108, attributes, or
`both, as knoWn in the art. For example, containers 94, groups
`96, users 98, and applications 100 (abbreviating the names
`of these objects to a single Word each) may each contain,
`respectively, certain rights 112, 116, 120 or rights attributes
`112, 116, 120, and one or more association lists 114, 118,
`122, for identifying other objects 90 to having some rela
`tionship thereto.
`Referring noW to FIGS. 4—6, in vieW of FIG. 3, an object
`92, such as a container object 94, may include an attribute
`110 of its oWn distinguished name 124. Likewise, for
`container objects 94, a list 156 of distinguished names
`contained therein or thereby is included, as Well as a list 128
`of leaf objects’ distinguished names contained therein. The
`association list 114 may identify certain distinguished names
`130, 132, 134 of application objects or other resource
`objects associated With the object 94, 96, 98 in question.
`A group object 96 may include a binding data structure,
`typically an association list 118, identifying associations,
`such as, for example, access control lists 138a, application
`object distinguished names 138b, and distinguished names
`35
`138C, 138d of other associated resource and other objects. A
`group object 96 may also have certain unique attributes 110,
`such as a membership list 140 identifying the distinguished
`names 142 of all users or user objects 98 having membership
`in the group 96.
`Auser object 98 is associated With an individual user. The
`distinguished name 144 of FIG. 6 is exemplary of all
`distinguished names 124. Each distinguished name 124
`typically includes a common name 146 in association With
`a context 148. Context 148 may include acronyms,
`abbreviations, or other identi?cations of organiZations,
`geography, logical relationships, and enterprises, as illus
`trated. Context 148 is sometimes thought of as a logical path
`or may be so con?gured in a particular directory services
`system 80.
`Referring noW to FIG. 7, an application object 100, in
`accordance With the invention, may include methods 108
`and attributes 110. In one presently preferred embodiment,
`reliability attributes 150 (alternatively referred to as redun
`dancy attributes, hierarchy of redundancy, or instance rela
`tion attributes) may be added to an application object 100.
`Aproximity attribute 152 may provide values associated
`With the application object 100 for determining the proxim
`ity of the application object 100 and its associated resources
`to a particular hardWare location or physical user. The
`proximity attribute 152 may re?ect a measurement, context,
`a time position or time for access, spatial position, organi
`Zational identi?cation, logical position, or geographical
`identi?er for identifying a proximity of an application object
`100 With respect to a coordinate system locating another
`object, such as a user object 98, group object 96, or container
`object 94.
`
`6
`A proximity attribute 152 may re?ect any measurement
`criterion effective for determining relative ease of access by
`one object 92 to a particular application object 100. A
`disabling ?ag 154 may provide an ability to determine
`Whether or not an application object 100 has been removed
`from access. Con?guration of environments, rights, masks,
`associations, and the like may be relatively time consuming
`and burdensome to the system.
`To manage such allocation of con?guration information
`When an application object 100 is to be removed from
`service for a short period of time, such as during
`maintenance, may be a colossal Waste of time. Thus, a
`disabling ?ag 154 may be set as an attribute to be read by
`any executable attempting to access the application object
`100. A disabling ?ag 154 alloWs the application object 100
`to exist, fully con?gured, and yet be inaccessible. Thus, any
`executable seeking to access an application object 100 may
`be referred to the redundancy attributes 150 in order to ?nd
`an equivalent instance to be used in place of the application
`object 100.
`A foldering attribute 156 may be provided to store infor
`mation indexing the associations corresponding to an appli
`cation object 100 and other objects 92 in a directory services
`database 90. Rights attributes 158 may contain any infor
`mation associated With authoriZations appropriate to access
`of or by an application object 100.
`Similarly, licensing attributes 160 may identify
`authoriZations, charges, and other administrative informa
`tion required for licensing an application associated With an
`application object 100. As understood in directory services
`systems, an object 92 (eg application object 100) represents
`logically certain ?les of data or executables (eg an
`application), and each is often spoken of as the other, though
`they are not actually the same thing. In general, the attributes
`150—160 are neW specialiZed attributes associated With
`certain features corresponding to the inventions disclosed
`herein, and may be incorporated into the basic functional
`attributes 162 associated With application objects 100 in
`general.
`Thus, in certain embodiments, basic functional attributes
`162 may include environment information, con?guration
`information, and other data. In other embodiments, the
`attributes 150—160 may be included in the basic functional
`attributes 162. MeanWhile, other functional attributes may
`be added for special functionality.
`A key attribute 110 of a resource object 100, such as an
`application object 100, may be an association backlink list
`164 containing distinguished names 166 of objects associ
`ated in some appropriate Way With the resource object 100.
`The association backlink list 110 may be used for binding
`security, and management of access to the resource repre
`sented by the resource object 100. The hierarchy 150 or
`redundancy attributes 150 may include a site list 170 of
`distinguished names 172, a fault-tolerance list 174 of dis
`tinguished names 176, a load-balancing list 178 of distin
`guished names 179, or all lists 170, 174, 178, Where the
`distinguished names 172, 176, 179 represent alternative
`instances of application objects or application object
`instances (AOI). The distinguished names 172, 176, 179
`may be relied upon When the application object 100 is
`unavailable for access.
`All those certain preferred embodiments of an apparatus
`and method in accordance With the invention may use
`load-balancing, fault-tolerance, and remoteness of a user
`from a home netWork, to justify hierarchical reliance on the
`load-balancing list 178, fault-tolerance list 174, and site list
`
`45
`
`55
`
`65
`
`IPR2017-01290
`Ubisoft EX1004 Page 17
`
`
`
`6,105,069
`
`7
`170, in that order, and the proximity value 152 may also be
`used for determining, in order and instance of an application
`object 100 to be accessed, based solely on the proximity
`attribute 152.
`For example, if the disabling ?ag 154 is set to make the
`application object 100 inaccessible, for any reason, the
`hierarchy 150 may be relied upon in conjunction With the
`proximity attribute 152 in order to ?nd the “closest” avail
`able instance of the application object 100 for access.
`An alternate bac