U.S. patent application number 15/199930 was filed with the patent office on 2017-01-05 for use and configuration of templates for management of cloud providers.
This patent application is currently assigned to SkyKick, Inc.. The applicant listed for this patent is SkyKick, Inc.. Invention is credited to Corey Brent Caldwell, John Dennis, Doug Handler, Matthew Steven Hintzke, Evan Richman, Todd Schwartz, Bradley Younge.
Application Number | 20170006118 15/199930 |
Document ID | / |
Family ID | 57683063 |
Filed Date | 2017-01-05 |
United States Patent
Application |
20170006118 |
Kind Code |
A1 |
Dennis; John ; et
al. |
January 5, 2017 |
USE AND CONFIGURATION OF TEMPLATES FOR MANAGEMENT OF CLOUD
PROVIDERS
Abstract
System and methods for the creation of templates for a user role
from an existing user for use in one or more cloud services are
provided. The template may comprise various user settings for
different cloud services subscribed to by an entity. The templates
once created can be applied to a group of users within the entity
such that the various user settings in the template can be applied
to the users in the group. The various user settings in the
template can also be modified, and once modified, the template can
be applied to users in the user group that has been applied with
the template. User interfaces can be provided for specifying the
creation of templates, modification of templates. The aggregation
of common software providers, services, users and user types into
templates and associated settings privileges, and other attributes
are also provided.
Inventors: |
Dennis; John; (Seattle,
WA) ; Handler; Doug; (Woodinville, WA) ;
Richman; Evan; (Seattle, WA) ; Schwartz; Todd;
(Seattle, WA) ; Younge; Bradley; (Denver, CO)
; Hintzke; Matthew Steven; (Redmond, WA) ;
Caldwell; Corey Brent; (Covington, KY) |
|
Applicant: |
Name |
City |
State |
Country |
Type |
SkyKick, Inc. |
Seattle |
WA |
US |
|
|
Assignee: |
SkyKick, Inc.
Seattle
WA
|
Family ID: |
57683063 |
Appl. No.: |
15/199930 |
Filed: |
June 30, 2016 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
62187118 |
Jun 30, 2015 |
|
|
|
Current U.S.
Class: |
1/1 |
Current CPC
Class: |
H04L 41/22 20130101;
H04L 67/1097 20130101; H04L 41/0803 20130101; H04L 67/306 20130101;
G06F 16/2365 20190101; H04L 67/16 20130101; H04L 67/02
20130101 |
International
Class: |
H04L 29/08 20060101
H04L029/08; H04L 12/24 20060101 H04L012/24 |
Claims
1. A method for applying a set of user settings for different cloud
services to a group of users, the method comprising performing, by
a computer system: generating a first model profile based on a
first user profile, the first model profile including a first set
of user settings for different cloud services, wherein the first
set of user settings includes a first user setting for a first
cloud service and a second user setting for the second cloud
service; assigning the first model profile to a first group of
users; applying the first set of user settings to user records
associated with the first group of users such that each of the user
records is configured with the first set of user settings in the
first model profile; receiving a first change of the first user
setting and a second change of the second user setting in the first
model profile; updating the model profile with the changed first
and second user settings; and applying the changed first and second
user settings to the first group of users such that each of the
user records for the users in the first group is configured with
the changed first and second user settings.
2. The method of claim 1, further comprising: receiving a request
for updating the model profile; providing one or more unassigned
cloud service providers that are not currently assigned to the
model profile; receiving a selection of one or more of the
unassigned cloud service providers to identify one or more new
cloud service providers; and associating the one or more new cloud
service providers with the model profile.
3. The method of claim 2; further comprising locating the user
records for the users in the first group in response to the
updating of the model profile; and assigning the one or more new
cloud service providers to the user data records for the users in
the first group.
4. The method of claim 1; further comprising: assigning the first
model profile to a second group of users such that user records for
the users in the second group are configured with the first set of
user settings in the first model profile.
5. The method of claim 1, further comprising storing one or more
rules for assigning the first model user profile to users, wherein
the rules include a first rule indicates that the first model
profile is to be assigned to only one group of users; and, wherein
the assignment of the first model profile is consistent with the
first rule.
6. The method of claim 1, further comprising: generating a second
model profile based on a second user profile, the second model
profile including a second set of user settings for the different
cloud services, the second set of user settings including a third
user setting for the first cloud service and a fourth user setting
for the second cloud service; and assigning the second model
profile to the first group of users such that each of user records
for the users in the first user group is configured with the second
set of user settings in the second model profile.
7. The method of claim 1; further comprising: receiving a request
for updating the model profile; providing one or more assigned
cloud service providers that are currently assigned to the model
profile; receiving a selection of one or more of the assigned cloud
service providers; and removing the one or more selected cloud
service providers from the model profile.
8. The method of claim 1, wherein the first user setting for the
first cloud service includes a setting for a type of license
provided by the first cloud service, or a setting for a specific
group on the first cloud service.
9. A system for applying a set of user settings for different cloud
services to a group of users, the system comprising a process
configured by machine-readable instructions configured to cause the
system to perform: generating a first model profile based on a
first user profile, the first model profile including a first set
of user settings for different cloud services, wherein the first
set of user settings includes a first user setting for a first
cloud service and a second user setting for the second cloud
service; assigning the first model profile to a first group of
users; applying the first set of user settings to user records
associated with the first group of users such that each of the user
records is configured with the first set of user settings in the
first model profile; receiving a first change of the first user
setting and a second change of the second user setting in the first
model profile; updating the model profile with the changed first
and second user settings; and applying the changed first and second
user settings to the first group of users such that each of the
user records for the users in the first group is configured with
the changed first and second user settings.
10. The system of claim 9, wherein the process is further
configured to cause the system to perform: receiving a request for
updating the model profile; providing one or more unassigned cloud
service providers that are not currently assigned to the model
profile; receiving a selection of one or more of the unassigned
cloud service providers to identify one or more new cloud service
providers; and associating the one or more new cloud service
providers with the model profile.
11. The system of claim 10, wherein the process is further
configured to cause the system to perform: locating the user
records for the users in the first group in response to the
updating of the model profile; and assigning the one or more new
cloud service providers to the user data records for the users in
the first group.
12. The system of claim 9, wherein the process is further
configured to cause the system to perform: assigning the first
model profile to a second group of users such that user records for
the users in the second group are configured with the first set of
user settings in the first model profile.
13. The system of claim 9, wherein the process is further
configured to cause the system to perform: storing one or more
rules for assigning the first model user profile to users, wherein
the rules include a first rule indicates that the first model
profile is to be assigned to only one group of users; and, wherein
the assignment of the first model profile is consistent with the
first rule.
14. The system of claim 9, wherein the process is further
configured to cause the system to perform: generating a second
model profile based on a second user profile, the second model
profile including a second set of user settings for the different
cloud services, the second set of user settings including a third
user setting for the first cloud service and a fourth user setting
for the second cloud service; and assigning the second model
profile to the first group of users such that user records for the
users in the first group are configured with the second set of user
settings in the second model profile.
15. The system of claim 9, wherein the process is further
configured to cause the system perform: receiving a request for
updating the model profile; providing one or more assigned cloud
service providers that are currently assigned to the model profile;
receiving a selection of one or more of the assigned cloud service
providers; and removing the one or more selected cloud service
providers from the model profile.
16. The system of claim 9, wherein the first user setting for the
first cloud service includes a setting for a type of license
provided by the first cloud service, or a setting for a specific
group on the first cloud service.
17. A computer program product comprising a non-transitory tangible
medium including computer system executable code for a computer
system for applying a set of user settings for different cloud
services to a group of users, the computer system including a
processor, a memory and a display, wherein the computer program
product comprises code that directs the processor to perform:
generating a first model profile based on a first user profile, the
first model profile including a first set of user settings for
different cloud services, wherein the first set of user settings
includes a first user setting for a first cloud service and a
second user setting for the second cloud service; assigning the
first model profile to a first group of users; applying the first
set of user settings to user records associated with the first
group of users such that each of the user records is configured
with the first set of user settings in the first model profile;
receiving a first change of the first user setting and a second
change of the second user setting in the first model profile;
updating the model profile with the changed first and second user
settings; and applying the changed first and second user settings
to the first group of users such that each of the user records for
the users in the first group is configured with the changed first
and second user settings.
18. The computer program product of claim 17, wherein the code
directs the processor to further perform: receiving a request for
updating the model profile; providing one or more unassigned cloud
service providers that are not currently assigned to the model
profile; receiving a selection of one or more of the unassigned
cloud service providers to identify one or more new cloud service
providers; and associating the one or more new cloud service
providers with the model profile.
19. The computer program product of claim 17, wherein the code
directs the processor to further perform: locating the user records
for the users in the first group in response to the updating of the
model profile; and assigning the one or more new cloud service
providers to the user data records for the users in the first
group.
20. The computer program product of claim 17, wherein the code
directs the processor to further perform: assigning the first model
profile to a second group of users such that user records for the
users in the second group are configured with the first set of user
settings in the first model profile.
Description
CROSS-REFERENCES TO RELATED APPLICATIONS
[0001] This application claims benefit to U.S. Provisional
Application No. 62/187,118 filed Jun. 30, 2015 entitled USE AND
CONFIGURATION OF TEMPLATES FOR MANAGEMENT OF CLOUD PROVIDERS" of
which is incorporated by reference herein in its entirety for all
purposes.
[0002] This application is related to U.S. Provisional Application
No. 62/187,109 filed Jun. 30, 2015, entitled "MANAGING USERS OF
CLOUD SERVICES WITH MANAGEMENT TOOL" and U.S. Provisional
Application No. 62/187,124 filed Jun. 30, 2015, entitled
"SYNCHRONIZING DATA BETWEEN CLOUD MANAGER AND PROVIDERS" each of
which is incorporated by reference herein in their entirety for all
purposes.
[0003] This application is related to U.S. Non-Provisional
application Ser. No. ______, filed Jun. 30, 2016 entitled "MANAGING
USERS OF CLOUD SERVICES WITH MANAGEMENT TOOL" (Attorney Docket No.
096662-1003026(000610US)) and U.S. Non-Provisional application Ser.
No. ______, filed Jun. 30, 2016, entitled "SYNCHRONIZING DATA
BETWEEN CLOUD MANAGER AND PROVIDERS" (Attorney Docket No.
096662-1003028(000810US)) each of which is incorporated by
reference herein in their entirety for all purposes.
FIELD
[0004] The disclosure generally relates to management of data
within software as service products. Specifically, the disclosure
relates to enhanced management of various software as a service
providers and attributes via templates.
BACKGROUND
[0005] Modern companies and associated IT consulting firms need to
manage the software services that the companies provide to
employees. This process can involve the provision of a variety of
computer services from a variety of vendors to employees of the
company. IT consulting firms can be hired by companies to manage
the IT environment for a company. The services can often have
various differing user interfaces and data formats, which can
require a high level of overhead to manage. Different employees can
need various access rights to different software services, and
those access rights can vary based on for example an employee's
role. For example certain employees should be provided different
access to software services. However, the recognition of and
management of groups of users as opposed to individual users can be
challenging.
[0006] Embodiments of the invention address these and other
problems, individually and collectively.
BRIEF SUMMARY
[0007] Embodiments can provide a management tool that can apply
user settings for various cloud services to a group of users
through a model profile or a template. As used herein, the terms
"model profile" and "template" are used interchangeably. The
template can be generated from scratch or generated based on an
existing user profile. The template can contain user settings for
various cloud services. After the template is generated and saved,
the template can be assigned to the group of users, for example,
users having a similar function within an entity. Once assigned to
the group of users, the user settings in the template may be
applied to the user records associated with the users in the user
group. In some implementations, rules may be established such that
a given template may only be applied to one group of users and a
given group of users may only be applied with one template.
[0008] The management tool can be configured to receive changes of
user settings in the template. After the changes are received, the
updated template can be saved to the database and the changes can
be automatically applied to the user records associated with the
users in the user group that was assigned to the template.
[0009] Embodiments can provide user interfaces for the
aforementioned creation and modification of templates.
[0010] Embodiments can provide aggregation of common software
providers, services, users and user types into templates and
associated settings privileges, and other attributes.
[0011] Other embodiments are directed to systems, portable consumer
devices, and computer readable media associated with methods
described herein.
[0012] A better understanding of the nature and advantages of
embodiments of the present invention may be gained with reference
to the following detailed description and the accompanying
drawings.
BRIEF DESCRIPTION OF THE DRAWINGS
[0013] FIG. 1 illustrates an exemplary system architecture for
managing individual users within an entity to use multiple cloud
services in accordance with the disclosure.
[0014] FIG. 2 illustrates processing user information from two
cloud services in accordance with one embodiment of the
disclosure.
[0015] FIG. 3 illustrates an exemplary common graphical user
interface for managing a user for different cloud services through
a user profile in accordance with one embodiment.
[0016] FIG. 4 illustrates an exemplary interface that can be
implemented to enable an operator to generate a new template.
[0017] FIG. 5 illustrates an exemplary interface that can be
implemented to enable an operator to manage a template.
[0018] FIG. 6 illustrates a template can be applied to user records
associated with a group of users after the template is saved to the
database.
[0019] FIG. 7 illustrates an exemplary method for generating and
applying a template to a group of users in accordance with the
disclosure.
[0020] FIG. 8 shows examples of subsystems in a computer apparatus
implementing various embodiments.
DETAILED DESCRIPTION
[0021] A template in accordance with the disclosure can be
considered a combination of many different user settings for
different cloud services that can be applied to multiple users. A
template can be generated from scratch. It could be generated based
on user profile for an existing user. It could also be derived from
an existing template. In whole, a template can be used to
streamline administration of services that could generally take a
person to jump back and forth between services to get it all set
each up. Templates allow for time reduction by taking something
that could take hours of doing the work and frustration on the end
user to be lumped into a single template. Administrators may not
need to go through everything for one or more partner.
[0022] In accordance with the disclosure, embodiments provide a
management tool that can be configured to apply user settings for
various cloud services to a group of users through assigning a
template to the group. The user settings for the various cloud
services may indicate features activated on the cloud services,
groups available on the cloud services, licenses provided by the
cloud services, and other information regarding the cloud services.
The management tool can facilitate an operator to aggregate such
user settings into the template, which can correspond to a profile
for a function within an entity, such as a company. In this sense,
the template may be considered as a model profile, and as used
herein, a template may be referred to as a model profile. For
example, a template for a sales professionals or a template for
engineers, management, or other roles within a company can be
generated to capture user settings for the different cloud services
appropriate for users in those groups. After a template is created,
users in the corresponding user group can be applied with the
template such that the user settings for the various cloud services
in the template can be propagated to the user profile for each user
in that group.
[0023] Thus, the management tool can use templates to propagate
user setting changes for the cloud services to groups of users. A
group of users can be assigned a particular template, and if
changes are made to that template, all users that are assigned that
template can have corresponding changes made to them. Templates can
provide many technical advantages including time saving,
consistency, reduction of user mistakes and simplicity in user
management, and allowing for enforcing security or access policies.
By having changes or policies applied to templates, the management
tool can save time making changes or applying template specific
rules or policies. By applying changes or policies once to a large
group, there is a decreased chance for errors being made. Security
policies can be implemented across templates to allow for
well-defined access control where appropriate.
I. System Architecture
[0024] FIG. 1 illustrates an exemplary system architecture 100 for
managing individual users within an entity to use multiple cloud
services in accordance with the disclosure. As shown, the system
architecture 100 may include a server 106 provided by the entity.
In certain implementations, the server 106 may include one or more
processors configured to perform web services, processing jobs
and/or to perform any other functions. The server 106 may be
configured to facilitate user management for different cloud
services subscribed to by the entity, to enable the users to use
the cloud services via the individual client computers 104, and/or
to perform any other functions. As shown, the server 106 may be
operatively coupled to a database 102, which can contain user
profiles associated with the individual users of the entity. A user
profile associated with a particular user of the entity may
comprise information indicating specific cloud services provided by
the user. For each of the specific cloud services, one or more
features or settings that are available for the individual users,
values (defauLt or configured) for those features or settings for
the particular user, and/or any other information can be indicated
through the user profile. As will be described below, the user
profile associated with the particular user can be used to
facilitate the particular user to use the cloud services available
to the particular user as subscribed to by the entity.
[0025] In some embodiments, server 106 can be configured to provide
virtualization of groups or teams of employees within the entity,
and the ability to apply various actions across cloud services to
groups or teams of users. For example, different groups or teams
within the entity include sales, marketing, engineering, or the
like.
[0026] The server 106 can be configured to communicate with cloud
servers, such as cloud servers 110, 120, 130 shown in this example.
As shown, each of the cloud servers 110, 120, 130 may be provided
by a cloud service provider for facilitating respective cloud-based
services. For example, the cloud server 110 may be a server that
facilitates a cloud-based email service. The cloud server 120 may
be a server that facilitates a network storage service. The cloud
server 130 may be a server that facilitates a cloud-based backup
service. As also shown, the server 106 may be configured to
communicate with each of the cloud servers 110, 120, 130.
[0027] The communication between the server 106 and the cloud
servers may include communication of user information. For enabling
the respective cloud service for the users within the entity, a
given cloud server may store user information for those users. For
example, as mentioned above, the email cloud service provider may
keep a set of user information for providing the email service to
the users in the entity, and the network storage service provider
may keep another set of user information for providing network
storage service to the users in the entity.
II. Generating a Template
[0028] A template can be an aggregation of specific user settings
for different cloud services. For example with Microsoft Office and
specifically Office 365, there is Exchange, which is an email
system and services like SharePoint or Skype for Business or
Yammer, and of the all other offered Office 365 services that
Microsoft offers within that umbrella. A template can specify which
of these services provided by Office 365 are enabled for a
particular user group or individual user. A template can also
expose licenses and groups provided by the cloud service. An
example of groups can be found in Office 365, where there are group
types such as Security, Distribution, Dynamic Distribution, and
Tenant groups. A template can also be an aggregation of licenses of
cloud services, and groups of cloud services. A template can also
contain another template.
[0029] The management tool can start a discovery process to
discover what licenses and features, and all the users that are
licensed and non-licensed under a particular tenant. A tenant can
be a domain or the customer that is being managed under a
particular service. For example, a company using a particular
provider could comprise a tenant. A template can be used to
maintain all licenses and all users under a single umbrella. A
tenant can also relate to the information a customer has for a
particular SaaS provider.
[0030] A. Discovery Process
[0031] For obtaining user configurations, settings, features
activated, license information and/or any other user information
from different cloud services subscribed to by the entity, the
server 106 may be configured to engage in a user information
discovery process. During the user information discovery process,
each cloud server, such as cloud server 110, 120, or 130, can be
contacted to obtain user information pertinent to the users within
the entity. For example, a command may be fired off during the user
information discovery process to obtain user information from cloud
server 110. The command may include identification information that
identifies the entity for the first cloud service (e.g., an email
service), such as a domain name, or a company name associated with
the entity. The cloud server 110 may then retrieve the requested
user information and return it to the server 106. The requested
user information may represent all of the user information
pertinent to the users within the entity that have been registered
with the first cloud service.
[0032] In some embodiments, the user information discovery process
may be scheduled on the server 106 to run periodically, such as
nightly or weekly. In those embodiments, the user information
discovery process may start at the same time on those basses. For
example, the user information discovery process can be scheduled to
start 11 pm every night. During that process, desired cloud servers
that provide cloud services to the entity can be contacted and user
information can be obtained from the cloud servers. However, this
is not intended to be limiting. In some implementations, the user
information discovery process can be started manually by an
operator of the entity.
[0033] In some embodiments, the server 106 may be configured to
generate error messages or alerts when the user information
discovery process is not successful in obtaining user information
from one or more of the cloud servers. For example, in response to
server 120 not responding to the user information discovery
process, the server 106 can be configured to generate an alert to
notify an operator of the entity that server 120 is not responding
to the user information request during the discovery process.
[0034] Issues could also arise when connections to one or more
cloud services cannot be established, or where connections to
providers are throttled or otherwise limited. If a connection were
to fail and the tool did not have a connection to the cloud service
at a particular time, the server 106 can be configured to place the
connection requests in a queue, this queue could be used to hold
those actions until server 106 can communicate with the cloud
server.
[0035] In some embodiments, the server 106 may be configured to
enable an operator of the entity to specify which one or ones of
cloud services to be included in the user information discovery
process. In those embodiments, a separate configuration file may be
stored on server 106 for each cloud service. The configuration file
may include information such as which server(s) of the cloud
service to contact in a sequence, addresses of those servers,
and/or any other server information. In those embodiments, a user
interface may be provided to the operator to enable the operator to
select the cloud services to be included in the user information
discovery process.
[0036] B. Identifying a Model Profile
[0037] Since many cloud service providers operate independently,
the user information maintained by them for enabling their
respective services are typically not coordinated. That is, for a
particular user within the entity, a set of user information may be
maintained by a first cloud service for enabling the particular
user to use the first cloud service, and another set of user
information may be maintained by a second cloud service for
enabling the particular user to use the second cloud service. For
example, the first set of user information may include a user ID
identifying the particular user for the first cloud service, while
the second set of user information may include another user ID
identifying the particular user for the second service, and the two
different user IDs could be very different, even though they
identify the same user. Accordingly, processing of the user
information obtained from different cloud servers is desired to
consolidate or match it to specific users within the entity.
[0038] FIG. 2 illustrates processing user information from two
cloud services, cloud services 210 and 220, to match specific users
within an entity in accordance with one embodiment of the
disclosure. As shown, user information 230 may be obtained from
cloud service 210, and user information 240 may be obtained from
cloud service 220 through the user information discovery process
described above. The user information 230 may indicate a set of
users within the entity are licensed to use cloud service 210, and
may include configuration information indicating settings
configured for and/or features activated for those users for using
the cloud service 210. The user information 240 may indicate a set
of users within the entity are licensed to use cloud service 220,
and may include configuration information indicating setting
configured for and features activate for those users to use cloud
service 220. As shown, the user information 230 and 240 may have
some overlapping information 250, such as the names of the users
that are licensed to use both cloud services 210 and 220.
[0039] As a part of user information discovery, the management tool
can process the user information from different cloud services to
obtain a user profile for an individual user. The user profile can
provide a view of various user settings for the different cloud
services for the individual user. In some embodiments, the
management tool may provide a common graphical user interface for
managing the user profile. The user profile may comprise settings
or attributes for different cloud services that can be used by the
individual user associated with the user profile. Changes to the
attributes can be received from the common graphical user interface
and propagated to corresponding cloud server or servers to
effectuate the requested changes on the cloud servers.
[0040] FIG. 3 illustrates an exemplary common graphical user
interface 300 for managing a user for different cloud services
through a user profile in accordance with one embodiment. The
interface 300 may be provided by a server 106 described and
illustrated herein, and may be presented on a client computer 104
for access by an operator of an entity. In this example, the entity
for which the users are managed by the management tool is "midland
transportation". As shown, the interface 300 can be configured to
present a user profile 302 for a user within midland
transportation, named "Arnold Rostein". The user profile 302 can be
constructed by the management tool from a corresponding user record
stored in the database 102. As shown, the user profile 302 may
include some common information 308 such as first name 304 and last
name 306 of the user, an address of the user, a telephone of the
user, an email address of the user, and/or any other common
information regarding the user. Some of the common information 308
can be used as criteria for matching user information from
different cloud services. For example, the first name 304 and last
name 306 of the user can be used as criteria to match user
information from one or more cloud services to specific users
within the entity. The common information 308 may be obtained from
corresponding common fields, such as fields 502 and 504, from a
user record for the user for whom the user profile 302 is
constructed, e.g., user Arnold Rostein.
[0041] The user profile 302 may comprise email information 310 for
the user. As shown, the user may have a different email address for
a different cloud service. These email addresses can be shown in
the interface 300 for administering the user. In this example, the
user Arnold Rostein has an email address 310a for an office 365
service, and another email address 310b for a network storage
service.
[0042] As shown, the interface 300 may comprise a section 312 for
displaying and configuring various settings for different cloud
services for the user. In this example, the user Arnold Rostein has
two cloud services available for him to use i.e., office 365
service 314, and a backup service 324. In this example, license
information 320 regarding one or more licenses granted to Arnold
Rostein for the office 365 service 314 is displayed in interface
300, As shown, an E3 license is currently assigned to user Arnold
Rostein. As shown, other supported licenses for the office 365
service 314 can be granted to Arnold Rostein through a control 330
such that the operator of the entity does not have to use a tool or
interface provided by office 365 service to do that.
[0043] As shown, various specific settings 328 for the office 365
service configured for Arnold Rostein can be displayed in the
interface 300. These settings may be grouped under specific
features they correspond to. As described above, the values of the
settings 328 can be obtained from corresponding cloud service and
stored as part of user record for Arnold Rostein. As also shown,
the interface 300 can provide user controls to enable an operator
of midland transportation to change the settings 328 for Arnold
Rostein.
[0044] As also shown, the interface 300 can include group
information 316 indicating one or more groups the user belongs to
on a corresponding cloud service. The group information 316 may be
obtained or synchronized from a corresponding cloud service. In
this example, the user Arnold Rostein belongs to several groups on
the office 365 service. As shown, control 332 can be provided in
the interface 300 to enable the operator to add Arnold Rostein to a
group on the office 365 service without having to use a tool or
interface provided by the office 365 service. As still shown,
various other features such as shared mail box 318, public folders
322 on the office 365 office service, can also be displayed and
configured for user Arnold Rostein. The various settings for Arnold
Rostein for the office 365 service 314 described above can be
obtained from corresponding fields in the user record for user
Arnold Rostein for the office 365 service.
[0045] Settings for another cloud service, such as a backup service
324, can also be displayed and configured in interface 300 for user
Arnold Rostein. In this example, as shown, setting 326 may be
displayed to show the office 365 service for user Rostein is
configured to be on. The interface 300 similarly enables the
operator of the midland transportation to change the setting 326
for Arnold Rostein without having to use to a tool or interface
provided by the backup service 324.
[0046] In certain embodiments, as in the embodiment shown in FIG.
3, the management tool can enable an operator to create a template
based on the user profile 302. In those embodiments, the operator
may identify a particular user profile, for example such as user
profile 302, as a model profile. The operator then may be enabled
to create a template using the model profile such that the template
contains user settings for the different cloud services in the
model profile. FIG. 3 illustrates one example mechanism for
enabling the operator to create the template based on user profile
302. As shown, a dropdown menu 334 can be displayed in interface
300 when button 336 is clicked. In the dropdown menu 334, an option
for saving user profile 302 as a template can be presented such
that once that option is selected, the user profile 302 can be
saved as a template.
[0047] C. Generating a Template
[0048] FIG. 4 illustrates an exemplary interface 400 that can be
implemented to enable an operator to generate a new template 402.
As described above, a new template can be generated using an
existing user profile identified as a model profile by the
operator. As shown, the management tool may be configured to
provide the interface 400 to enable the template to generate the
new template 402 based on an existing user profile. For example,
the interface 400 may be presented after the operator requests to
save user profile 302 as a template as shown in FIG. 3. However,
this is not necessarily the only case. A new template can also be
generated from scratch by specifying various user settings for
different cloud services.
[0049] As shown, an input box 414 can be provided in interface 400
so that the operator can give a name to the template 402. The
operator may name the template 402 whatever is desired, for
example, engineering, marketing, and the like. An input box 404 can
be provided in interface 400 so that the operator can provide a
description for the template 402. As still shown, the template 402
may comprise one or more sections that group related user settings
for different cloud services, such as the "license and group"
section 406 shown in FIG. 4. The "license and group" section 406
can contain user settings related to licenses and groups provided
by different cloud services. In this example, three exemplary cloud
services are shown--i.e. Office 365 408, skykick backup service
410, and Dropbox service 412. As shown, template 402 can have user
settings for license and group for each of the cloud services
shown.
III. Assigning Tile Template to a Group of Users
[0050] As described above, a template can be assigned to a group of
users. For example, within a company there might be groups for
sales, marketing, engineering, management, and many others. These
groups can require different levels of access to the cloud services
subscribed to by the company. For instance, users in the sales
group may have permissions and licensing provisions for the cloud
services different from the users in the engineering group. There
can thus be separate templates for engineers, marketing,
management, sales, and all other groups within a company. However,
this is not necessarily the only case. In some examples, a template
can be applied to multiple groups of users. For example, a template
of user settings for a specific cloud service, for example Office
365, can be generated and applied to certain groups of users; and
another template of user settings for another specific cloud
service, for example Dropbox, can be generated and applied to those
groups of users.
[0051] In certain embodiments, rules may be established with
respect to how a particular template can be assigned to user
groups. For example, a rule can be established such that each
template can only be assigned to one group of users, and another
rule can be established such that each user group can only be
assigned to one template. In that example, these rules may be
enforced by the management tool when an operator assigns a
particular template to a group of users. As illustration, when the
operator assigns a template to users in a sales group, the
management tool can be configured to detennine if that template has
been assigned to another group of users and if the sales group has
been assigned to another template. Only when the management tool
determines neither condition is true, that template may be assigned
to the users in the sales group.
[0052] The management tool can provide an interface enabling an
operator to manage a particular template for a group of users. The
interface can be used to turn various services and features on and
off in the template. For example, through such an interface, the
operator can specify a user that gets a template applied will have
access to a cloud service and have a license. The tool can have a
framework that can be used to apply a template against a group of
users.
[0053] A. Managing the Template
[0054] FIG. 5 illustrates an exemplary interface 500 that can be
implemented to enable an operator to manage a template. In this
example, a template 502 is shown being managed through interface
500. The template 502 is generated from an existing user profile
302, i.e., the user profile for Arnold Rostein, as shown in FIG. 3.
As shown, like the interface 300, the interface 500 can enable an
operator to configure various user settings for different cloud
services. In this example, the template 502 is for users in a sales
group within the "Midland Transportation". As can be seen, a button
504 can be provided in the interface 500 to enable an operator to
save the template 502.
[0055] In some implementations, one or more new cloud services can
be associated with an existing template, such as template 502. For
example, after the entity add two cloud services for use by its
users, an operator of the entity may request to add the cloud
services to the template 502 so that template 502 can have user
settings for the new cloud services. For example, an interface may
be provided for the operator to specify those two cloud services
may be added to template 502. The management tool can receive such
a request, and associate the new cloud services with the template
502. In some embodiments, in response to such a change in the
template 502, the management tool can be configured to locate user
records for the users in the user group that has been assigned to
the template 502, assign the new cloud service providers to those
user records so that use settings for the new cloud services can be
manipulated through those user records.
[0056] In some implementations, one or more existing cloud services
can be removed from template 502. For example, after the entity
stopped subscription for some existing cloud services, an operator
of the entity may request to remove those cloud services from
template 502. For example, an interface may be provided for the
operator to specify those cloud services may be removed from
template 502. In some embodiments, in response to such a change in
the template 502, the management tool can be configured to locate
user records for the users in the user group that has been assigned
to the template 502, and remove those cloud service providers from
those user records so that use settings for those cloud services
may not be manipulated, through those user records.
[0057] B. Storing the Template
[0058] In implementations, a database, such as the database 102
shown in FIG. 1, can be used to store user data and as well as
template data. As described above, a template and a user profile
can have syntactically the same structure when it comes to
configuration of different licenses, features, and so forth. In the
database, user data (e.g., a user record) and templates may be
stored separately. For example, a user record table can be stored
in the database 102, and the user record table can comprise
individual user records. Each of the user records may comprise
cloud service configurations for different cloud services for an in
individual user associated with the user record. A separate
template table can be stored in the database 102. The template
table can comprise template records. Each template record can
represent a specific template, for example, sales, engineering, HR,
or any other template. The template record can comprise template
data that can be mapped to configurations or settings, for example,
as shown in FIG. 5.
[0059] The database can be based on and built using a framework
such as the Entity framework and associated EDMX model, which can
contain full table descriptions with all the properties on it. In
certain implementations, the database can contain a data object
CTemplate, which may represent a highest level of data, and can
contain a name of the template, for example marketing, FIR, or
similar, and a description of the template. A given CTemplate data
object can contain multiple fields "CT Provider". A CT Provider can
link a corresponding data object contain individual user
configurations for a specific cloud service. Thus, data for
different cloud services can be specified in a CT Template
table.
[0060] C. Assigning and Applying the Template
[0061] A template can be a framework for a group of users. As
described above, a template can be assigned to a group of users,
such that the user settings for different cloud services as
specified by the template can be applied to user records for the
individual users in the group. In some implementations, the
template can be assigned to the group of users manually by an
operator for example through an interface provided by the
management tool. For instance, when creating the template through
interface 400, the operator may specify this template is to be
assigned to one or more user groups, and once the template is saved
by the operator at the end of the creation process, the template
can be assigned to the specified group of users automatically.
After the newly created template is saved to the database, the user
setting in the newly created template can then be automatically
applied to the those groups of users.
[0062] As described above, in certain embodiments, one or more
rules may be stored for assigning the template. For example, a rule
may be established that a given template can only be assigned to
one group of users, and another rule can be established such that a
given group can only be assigned to one template. Such rules can be
enforced when the template is being assigned to a group of users.
However, this not intended to be limiting. In some embodiments, a
given template can be assigned to multiple groups of users. In some
embodiments, a given group can be assigned to multiple
templates.
[0063] It should be understood that user settings for the different
cloud services can be individually configured for the users in the
group beyond what the template specifies through the management
tool described herein. This provides a flexibility to customize a
user beyond what the template assigned to user has. For example, as
illustration, a user might not have access to a particular provider
based on a template assigned for marketing, because access to the
provider's services and tools are not needed in the marketing
department. Thus, the user does not have access to that particular
provider based on the template assigned to the user by virtue of
the user being in the marketing group. However, the management tool
can be configured to provide the user, access to the provider. Even
though the user is part of a marketing group that has limited or no
access to a service, the user can have additional functionality and
access to services added in. This user includes more elements and
access to services from one or more providers than the template
that it was created from.
[0064] In certain implementations, after user setting changes are
made to template 502 through interface 500 and the template 502 is
requested to be saved to the database through button 504, the user
setting changes in the template 502 may be automatically applied to
the group of users associated with the template 502, for example
users in the sales group shown in FIG. 5. In certain
implementations, a number of commands can be generated
automatically for applying the template to individual users in the
group after the template is saved as part of a template assigning
process. Each command can contain one or more instructions to apply
one or more user settings in the template to the user records
associated with the users in the group.
[0065] FIG. 6 illustrates a template is applied to user records
associated with a group of users after the template is saved to the
database. As shown, after an individual template 602 is requested
to be saved, for example, through interface 500, data in the
template 602 can be saved to a corresponding template record 606 in
the database 102. Also shown is that a number of commands 604 can
also be generated after the template 602 is saved to the database
102. Each command 604 may contain one or more instructions that
apply related user settings for a particular cloud service to the
user records associated with the users in the group. For example, a
command containing instructions that apply license settings for
cloud service #1 may be generated; another command containing
instructions that apply group settings for cloud service #1 may be
generated; yet another command containing instructions that apply
license settings for cloud service #2 may be generated; still
another command containing instructions that apply group settings
for cloud service #3 may be generated; and so on.
[0066] As also shown in FIG. 6, after the commands 604 are
generated, they can be executed individually against user records
608 stored in the database 102. By executing the individual
commands 604, the settings in the template 602 can be propagated to
the individual user records 608, As described above, a given user
record 608 may already have fields corresponding to the fields in
the template 602. For example, the given user record 608 may have
one or more fields corresponding to license settings for Office
365, one or more fields corresponding to group settings for
Dropbox, and etc. Those fields in the user records 608 can be
readily updated through commands 604. In situations where one or
more fields in the template do not exist in a user record 608,
those fields can be generated and populated in the user record 608
according to the template.
[0067] Errors may arise when the template 602 is applied to the
user records 604. For example, as illustration, the template 602
may contain a user setting indicating a user that is applied with
the template 602 may have a E3 license for Office 365. In that
example, the template 602 may be applied to users in a sales group,
and there may be 50 such users. However, the entity may only have
40 E3 licenses available for Office 365. In that situation, when
applying the template 602 to the group of users, not all of the
users in the group can have an E3 license, and thus an error can
occur. In some implementations, when encountering such an error,
the management tool can be configured to generate an error message
and present the error message to the operator, for example, via an
email notification.
IV. A Process for Generating and Applying a Template
[0068] Having described various structures and components, and a
system architecture for generating and applying a template to a
group of users in accordance with the disclosure, attention is now
directed to a process for the same. FIG. 7 illustrates an exemplary
method 700 for generating and applying a template to a group of
users in accordance with the disclosure. The method presented in
FIG. 7 and described below is intended to be illustrative and
non-limiting. The particular series of processing steps depicted in
FIG. 7 is not intended to be limiting. It is appreciated that the
processing steps may be performed in an order different from that
depicted in FIG. 7 and that not all the steps depicted in FIG. 7
need be performed.
[0069] In some embodiments, the method depicted in flowchart 700
may be implemented in one or more processing devices (e.g., a
digital processor, an analog processor, a digital circuit designed
to process information, an analog circuit designed to process
information, a state machine, and/or other mechanisms for
electronically processing information). The one or more processing
devices may include one or more devices executing some or all of
the operations of flowchart 700 in response to instructions stored
electronically on an electronic storage medium. The one or more
processing devices may include one or more devices configured
through hardware, firmware, and/or software to be specifically
designed for execution of one or more of the operations of
flowchart 700.
[0070] At 702, a model profile (template) can be generated based on
an existing user profile. As described in FIG. 3, in some
embodiments, an interface may be provided to enable an operator to
identify an existing user profile for a specific user as a model
profile, and save it as a template that can be applied to other
users in a specific user group. The template may comprise various
user settings for different cloud services, for example license,
group, storage and/or any other types of user settings for the
different cloud services. An entity, such as a company, may
separately maintain different groups of users based on their
functions within the entity. For example, the entity may maintain a
sales group for sales professionals within the entity. For
instance, the template may comprise a first user setting for a
first cloud service, e.g., a type of license for the first cloud
service; and a second user setting for a second cloud service,
e.g., a group for the second cloud service. In some
implementations, the template can be generated using interfaces the
same as or substantially similar to interfaces 300 and 400
described and illustrated herein.
[0071] At 704, the model profile (template generated at 702 can be
assigned to a group of users. As described above, template data and
user data can be stored in a database separately. For example, a
template table can be stored in the database to contain template
records, and each template record may be mapped to a template
generated at 702. User record table can be stored in the database
to contain user records, and each user record may comprise various
user settings for different cloud services for a corresponding
user. As described above, a given user record in the database and a
given template record may share similar fields, such as license and
group configurations for different cloud services.
[0072] In some implementations, after a template is saved to the
database, the user settings in the template can be applied to user
records associated with users in the specific user group assigned
to the template. In that example, a template can be generated for
the sales group and applied to the users in the sales group such
that each user in the sales group may have the user settings for
the different cloud services in the sales template. In some
implementations, operations involved in step 704 may be the same as
or substantially similar to those described in section III
above.
[0073] At 706, a change of the first user setting and a change of
the second user setting in the model profile generated at 702 can
be received. In some implementations, an interface the same as or
substantially similar to the interface 500 described and
illustrated herein can be implemented for receiving the
aforementioned changes.
[0074] At 708, the updated model profile (template) can be saved to
the database. In certain implementations, an interface the same as
or substantially similar to the interface 500 described and
illustrated herein can provide a control to enable an operator to
manually save the aforementioned changes to the database. However,
this is not necessarily the only case. In some other
implementations, after receiving the aforementioned changes in the
template, the template can be automatically saved to the
database.
[0075] At 710, the changed first and second user settings can be
applied to the user records for the group users through the model
profile (template) updated at 708. In implementations, after the
updated template is saved to the database, the changes received in
the updated template can be automatically applied to the group of
users that is assigned to the template. In those implementations,
commands can be generated to apply the changes received in the
template. For example, a command containing an instruction that
applies the change of the first user setting to the user records
associated with the users in the group can be generated; and
another command containing an instruction that applies the change
of the second user setting to the user records associated with the
user in the group can be generated. Those commands can be executed
against the user records in the database to propagate the changed
user settings to those user records.
V. Computer Systems
[0076] Any of the computer systems mentioned herein may utilize any
suitable number of subsystems. Examples of such subsystems are
shown in FIG. 8 in computer apparatus 10. In some embodiments, a
computer system includes a single computer apparatus, where the
subsystems can be the components of the computer apparatus. In
other embodiments, a computer system can include multiple computer
apparatuses, each being a subsystem, with internal components.
[0077] The subsystems shown in FIG. 8 are interconnected via a
system bus 75. Additional subsystems such as a printer 74, keyboard
78, storage device(s) 79, monitor 76, which is coupled to display
adapter 82, and others are shown. Peripherals and input/output
(I/O) devices, which couple to I/O controller 71, can be connected
to the computer system by any number of means known in the art such
as input/output (I/O) port 77 (e.g., USB, FireWire.RTM.). For
example, I/O port 77 or external interface 81 (e.g. Ethernet, etc.)
can be used to connect computer system 10 to a wide area network
such as the Internet, a mouse input device, or a scanner. The
interconnection via system bus 75 allows the central processor 73
to communicate with each subsystem and to control the execution of
instructions from system memory 72 or the storage device s) 79
(e.g., a fixed disk, such as a hard drive or optical disk), as well
as the exchange of information between subsystems. The system
memory 72 and/or the storage device(s) 79 may embody a computer
readable medium. Any of the data mentioned herein can be output
from one component to another component and can be output to the
user.
[0078] A computer system can include a plurality of the same
components or subsystems, e.g., connected together by external
interface 81 or by an internal interface. In some embodiments,
computer systems, subsystem, or apparatuses can communicate over a
network. In such instances, one computer can be considered a client
and another computer a server, where each can be part of a same
computer system. A client and a server can each include multiple
systems, subsystems, or components.
[0079] It should be understood that any of the embodiments of the
present invention can be implemented in the form of control logic
using hardware e.g. an application specific integrated circuit or
field programmable gate array) and/or using computer software with
a generally programmable processor in a modular or integrated
manner. As used herein, a processor includes a single-core
processor, multi-core processor on a same integrated chip, or
multiple processing units on a single circuit board or networked.
Based on the disclosure and teachings provided herein, a person of
ordinary skill in the art will know and appreciate other ways
and/or methods to implement embodiments of the present invention
using hardware and a combination of hardware and software.
[0080] Any of the software components or functions described in
this application may be implemented as software code to be executed
by a processor using any suitable computer language such as, for
example, Java, C, C++, Objective-C, Swift, or scripting language
such as Perl or Python using, for example, conventional or
object-oriented techniques. The software code may be stored as a
series of instructions or commands on a computer readable medium
for storage and/or transmission, suitable media include random
access memory (RAM), a read only memory (ROM), a magnetic medium
such as a hard-drive or a floppy disk, or an optical medium such as
a compact disk (CD) or DVD (digital versatile disk), flash memory,
and the like. The computer readable medium may be any combination
of such storage or transmission devices.
[0081] Such programs may also be encoded and transmitted using
carrier signals adapted for transmission via wired, optical, and/or
wireless networks conforming to a variety of protocols, including
the Internet. As such, a computer readable medium according to an
embodiment of the present invention may be created using a data
signal encoded with such programs. Computer readable media encoded
with the program code may be packaged with a compatible device or
provided separately from other devices (e.g., via Internet
download). Any such computer readable medium may reside on or
within a single computer product (e.g., a hard drive, a CD, or an
entire computer system), and may be present on or within different
computer products within a system or network. A computer system may
include a monitor, printer, or other suitable display for providing
any of the results mentioned herein to a user.
[0082] Any of the methods described herein may be totally or
partially performed with a computer system including one or more
processors, which can be configured to perform the steps. Thus,
embodiments can be directed to computer systems configured to
perform the steps of any of the methods described herein,
potentially with different components performing a respective steps
or a respective group of steps, Although presented as numbered
steps, steps of methods herein can be performed at a same time or
in a different order. Additionally, portions of these steps may be
used with portions of other steps from other methods. Also, all or
portions of a step may be optional. Additionally, any of the steps
of any of the methods can be performed with modules, circuits, or
other means for performing these steps.
[0083] The specific details of particular embodiments may be
combined in any suitable manner without departing from the spirit
and scope of embodiments of the invention. However, other
embodiments of the invention may be directed to specific
embodiments relating to each individual aspect, or specific
combinations of these individual aspects.
[0084] The above description of exemplary embodiments of the
invention has been presented for the purposes of illustration and
description. It is not intended to be exhaustive or to limit the
invention to the precise form described, and many modifications and
variations are possible in light of the teaching above. The
embodiments were chosen and described in order to best explain the
principles of the invention and its practical applications to
thereby enable others skilled in the art to best utilize the
invention in various embodiments and with various modifications as
are suited to the particular use contemplated.
[0085] A recitation of "a", "an" or "the" is intended to mean "one
or more" unless specifically indicated to the contrary. The use of
"or" is intended to mean an "inclusive or," and not an "exclusive
or" unless specifically indicated to the contrary.
[0086] All patents, patent applications, publications, and
descriptions mentioned herein are incorporated by reference in
their entirety for all purposes. None is admitted to be prior
art
* * * * *