Update: Extend your Corporate Active Directory Boundary to your Blackberry!

I blogged earlier on this topic here. Now that Research In Motion's WES 2010 conference is over the slides from the session are available here. In a nutshell, the benefit of the Quest/RIM partnership is all about extending single sign-on capabilities to BlackBerry® phone users and BlackBerry administrators. Here are some of the details:

• Use Active Directory for authentication of your Blackberry phone and achieve single sign-on
• Authentication to AD Using Your Blackberry phone to become a trusted network user
• End-to-end authentication between users and backend services without logging in from your Blackberry phone
• Single sign-on is enabled for Blackberry Enterprise Server administrators when they access the BES console

All of this was enabled through the use of Quest Single Sign-on for Java. One of the key benefits in using Quest Single Sign-on for Java is our support of Microsoft’s Kerberos extensions (S4U2Proxy & S4U2Self). These extensions enable the BES server to obtain a Kerberos ticket on behalf of the end-user. This means that all security – like when you are accessing an application via the Blackberry – occurs in the context of the end-user. So what’s the end result?

1. BES administrators will be have single sign-on enabled to the BES console. No need to enter their credentials.
2. Blackberry users will have single sign-on enabled to internal corporate resources via their phone’s browser. No need to enter their credentials.

Cool stuff!

Technorati Tags: RIM,BlackBerry,identity management,single sign-on,Kerberos,SSO,BES,Quest Software,QSFT