Not just a Directory but a complete Directory Service Sun Directory Services

Yesterday, Ludo did a presentation for the Glassfish Aquarium project at Sun who use USTREAM to broadcast their content to anyone interested in engaging with the team via this medium.  The content is interesting and this is a better way to make presentations more engaging as not only do they provide the video feed but also a twitter mashup for interactive feedback from the audience.  If you agree and want to see additional innovators using the internet to engage with their community members in a more engaging way then you should check out Leo Laporte on Twit.tv.  I have been following the work that Leo Laporte has been doing with FLOSS, MacBreakWeekly and SecurityNow where he is innovating how to provide video content via the web.  He has in effect created his own broadcasting company.  SecurityNow has done some recent podcasts on the conflicker worm and the recent cyberespionage that has been in the news which is interesting and informative.  

For those of you that missed Ludo's presentation on OpenDS.  Here is the video.

What is it like working on an open source project?  A lot of people wonder how does it differ.  The nightly builds, the open nature of communication and involvement, the external contributors and the community managers like Ludo Poitou make it a very dynamic environment.  The best way to understand it is to watch this great video that Ludo put together that represents the last three years of activity.  

Thanks Ludo:

The identity team was in London for the Gartner Identity Access Management conference last week which was a successful event.  We had the opportunity to meet and talk with some great customers and hear about the Thompson-Reuters implementation of OpenSSO and Directory Server Enterprise Edition serving 300,000 concurrent users with persistent cookies.  This implementation allows traders to get their Reuter's feed on their smartphone and their desktop without having to login twice.  This reduces transaction fees and keeps their business model in tact.  The OpenSSO team did some great engineering work to meet the performance and functional requirements for Thomson-Reuters.  We video-taped the presentation and should have that for your soon.  

Gartner IAM

Also, Ludo Poitou was recently featured in an article on OpenDS in the Architect Zone or DZone.  He describes some of the exciting things happening in the community with MySQL and discusses how to embed OpenDS in applications.  This is a great jump-off point for customers getting started with deploying OpenDS as an identity repository for their application or infrastructure serving email, calendar or network infrastructure.  You can read the whole article here.

Are you a Directory Hero?  We want to know. 

In the last three months we have heard from several of you via the IRC chat on OpenDS.org at identity conferences or at user groups around the world about the great projects that leverage the innovations from the OpenDS community.  We have been able to share a few of the great stories via the blogs story site.  Everyone learns from hearing about the ways in which you are using LDAP in your organization.  It is this sharing in the open that makes being a part of an Open Source Software project exciting and a great learning experience. I am reminded of a truism "Share comes before success".

Therefore, we are annoncing a new opportunity for you to share your stories with us at Sun.  If you have deployed OpenDS and are using it please send us a story at the following email address.  Here are some suggested questions that you can answer.  Alternatively, blog or create a video about your implementation and send us the link.  We want to show our appreciation for sharing so for the top 30 stories we receive we will send you a free t-shirt.  Please include an address in your submission. 

Here is what to do:

1. Step 1:  Download the questionaire.
2. Step 2:  Answer the questions that apply to your deployment
3. Step 3:  Create blog or videocast and post somewhere
4. Step 4:  Share:  Send us the link at the email address above and include questionaire, link to your blog or video and an address for us to send the t-shirt.
   

Here is the suggested questionaire to guide you through what information the community would like to hear about your implementation.

Questions (Download here) and you don't have to answer them all:

1. Can you tell us more about your company ?
2. Can you tell us about the application, site, or service in which you have adopted OpenDS?   [ Note: this is where you can hopefully get some publicity for your  own business or project.  So consider including any hyperlinks,  screenshots, etc. that you would like for us to use in that context.  Also, are you embedding OpenDS in your application?]
3. How and when did you first find out about OpenDS?
4. Did you go through an evaluation process before selecting OpenDS? If so, can you tell us a little bit about the process and results?
5. What specific version of OpenDS are you using?
6. On what operating system do you run OpenDS? Do you use the same OS for both development and production deployment?
7. On what hardware platform do you run OpenDS? Do you use the same platform for both development and production deployment?
8. Have you purchased a OpenDS license? If not, have you thought about doing so and do you know it includes access to patches and sustaining releases (more details from http://wikis.sun.com/display/sunopends)?
9. What specific features of OpenDS are you using?
10. What do you like most about OpenDS?
11. What would you most like to see improved in OpenDS?
12. Does your application also use a database? If so, which one?
13. Are there any figures about the scale of your adoption which you would like to share (such as how much traffic is being handled, how many entries are stored in OpenDS, how many servers are used)?
14. How has OpenDS performed since your application/service went live? Have you run into any production issues which you would attribute to OpenDS?
15. Would you recommend OpenDS to others? Why?
16. How does OpenDS figure in your future plans?
17. How would your describe your participation in the OpenDS project (e.g. user only, submitter of bug reports and RFEs, developer who has contributed code)?
18. Is there anything else you think would be of interest in a story about your OpenDS adoption?
    

March is going to be an exciting month with a number of events to help make it fun by joining us at one of the events listed below.  The month get's started with an Unconference in New York sponsored by the OpenSSO team.  The OpenDS team will be there as well leading a discussion on using LDAP and OpenDS as an identity repository.  The event is free and only requires you to sign-up at meet-up.com.  Here is the link and you can see how many people are attending.  As of tonight there were 54 attendees.  Sign-up here.

At the wiki page for the event you can add topics that you would like to discuss.  There is already a suggested list that includes a presentation by Ludo on OpenDS as a datastore.  You can access the wiki here.

Sun  Directory Server Enterprise Edition 6.3.1 released.

The 6.3.1 release is a patch to existing 6.x deployment that provides customers with a way to apply the latest fixes and updates found in Directory Server, Directory Proxy Server and Directory Server Control Center components in one installation event. 

Specifically,  the Directory Server 6.3.1 provides fixes to replication issues in mixed DS 5.2 and 6.x topologies, on Directory Proxy Server it improves support for Virtualization (Join and JDBC) and includes additional performance related improvements.  Furthermore this patch release improves overall quality and robustness of deployments.  You can read a consolidated view of all the fixes and updates contained in the release in the Release Notes located here.

It is available in the following forms:

• Native patch - patches to upgrade Directory Server Enterprise Edition 6.0, 6.1, 6.2 and 6.3 native packages installed using the Java ES installer
• Zip compressed archive distribution - patches to Directory Server Enterprise Edition 6.0, 6.1, 6.2 and 6.3 zip installations
  

Directory Server Enterprise Edition 6.3.1 patches are available through SunSolve Patchzip :

• 126748-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : SunOS 5.9/5.10 Sparc patchzip
• 126749-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : SunOS 5.9_x86 patchzip
• 126750-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : SunOS 5.10_x86, x64 patchzip
• 126751-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : Linux RHEL3 RHEL4 patchzip
• 126752-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : HP-UX 11iv2 PA Risc patchzip
• 126753-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : Windows 2000/2003 Server patchzip
  

Native Package :

• 125276-08: Directory Server Enterprise Edition 6.3.1 : SunOS 5.9/5.10 Sparc Native Patch
• 125277-08: Directory Server Enterprise Edition 6.3.1 : SunOS 5.9_x86 Native Patch
• 125278-08: Directory Server Enterprise Edition 6.3.1 : SunOS 5.10_x86, x64 Native Patch
• 125309-08: Directory Server Enterprise Edition 6.3.1 : Linux RHEL3 RHEL4 Native Patch
• 125311-08: Directory Server Enterprise Edition 6.3.1 Windows MSI Native Patch
  

For the detailed information on what you need to install based on your current installation, refer to the Sun Java System Directory Server Enterprise Edition 6.3.1 Release Notes.

Directory Server Enterprise Edition
Marketing Team

Daniel Raskin, Senior Product Line Manager for OpenSSO,  wrote a great blog today posting the slides and video recording of a recent presentation where Damodaram Bashyam, Directory of IT, at Verizon Wireless at Gartner IAM in Orlando last Fall.  The video below from Daniel's blog allows us all to hear about his deployment of OpenSSO and Directory Server.   It is an example of the great content that is presented at Gartner and we hope you will join us for the next Gartner conference in London on March 23-26.  

It is a powerful example of the talented engineers we have at Sun and the results of good partnerships with customers like Verizon.  Scalability and high availability are a part of our DNA at Sun and as you can see from the video and Damodaram's presentation we believe live case studies prove the value of our product better than any controlled benchmark.  Watch and listen:

Here is a quick overview of the performance statistics from the presentation.  Download it here

There is a great webinar being offered on Wednesday, Jan. 21 which you may have missed the announcement because of all the excitement about the Inauguration and Martin Luther King Holiday in the US.  Daniel Raskin, Product Line Manager OpenSSO, and Jamie Nelson, Director of Engineering for OpenSSO, will be talking about the current release as well as the plans for the next release of OpenSSO Express.  There are already 200 registrants and there is a cap at 250 so register now so you don't get left out!

The Directory crowd should be interested as well, because OpenDS is bundled with OpenSSO and is used as OpenSSO's policy store and can be leveraged as a user store as well.  Here are the details:

Sun Software Webinar:
See how Sun's OpenSSO Enterprise provides a single solution for Web access management, federation, and Web services security.

Join Sun for a live webinar on one of today's most exciting aspects of identity management! During this session, we will discuss OpenSSO innovation and how it pushes access management, federation, and secure Web services capabilities to a new level. Learn how to solve challenges around these capabilities with a single solution.

Event:  Access Management, Federation, and Secure Web Services with OpenSSO Enterprise
Date:  Wednesday, January 21, 2009
Time:  10:00 am PST / 1:00 pm EST

» Register Now

This webinar will be presented by Sun's OpenSSO experts: Daniel Raskin, the senior product line manager, and Jamie Nelson, the director of engineering.
We hope that you can join us!

If you have any questions or feedback, please send a message to SWI_Webinar_Inquiries@sun.com.

Thank you,
Sun Microsystems, Inc.

Gary Williams, a staff engineer and the QA lead of OpenDS, published a great article with Marina Sum on the topic of how working on an open source software project has improved quality in product development.  The process is without challenges which he outlines in the article as well.  However, he also gives great detail about the test harness that is used, the amount of automation and community involvement to address the challenges and get high quality product in community hands more frequently.  The full article is available on the Sun Developer Network here. 

These are the types of processes that quality open source projects do as a part of the project development process.  Indira Thangasamy, produced a similar article on how they approach QA within the OpenSSO project.  As companies evaluate other open source projects, especially in these challenging economic times where cost reduction provide stronger rational's to consider starting projects using open source software.  The quality approach of communities becomes an important differntiator as companies use open source in production and customer facing systems.

Here is a quick overview of the test harness used on OpenDS:

We use open-source, Java platform-based test tools, such as the following, not only to demonstrate our support for open source but also to ensure that they are accessible to everyone:

• TestNG — For running unit tests, same as in OpenSSO
  
  
• Checkstyle — For checking code style and rules before commitment
  
  
• EMMA — For measuring code coverage
  
  
• Software Testing Automation Framework (STAF) and STAF eXecution engine (STAX) — For running functional and system tests

Here are a couple of other highlights:

• Unit Testing and Automation:  "Testing starts in the programming phase with unit tests, which verify that the code works as intended and which must exist for all features. Today, we run 30,000 automated unit tests daily on different Java virtual machines. No code can be integrated without satisfying the precommit requirements."
• Code coverage — With open-source EMMA, we find out the number of code lines, blocks, methods, and classes that are exposed by the unit and functional tests. Part of that information pinpoints the amount of the code tested as a percentage of the total, defining if we've met the quality criteria. We also define which areas of the code are not tested, called coverage holes, and create new tests to fill them.
  
• Feature coverage — OpenDS delivers features that customers want, that is, customer requirements. Each feature is recorded as an issue in the Issue Tracker, a tool that monitors defects. This data tells us the state the features are in and their status: Ready for Test or Tested.
  
• Documentation coverage — To ensure that the documentation is reviewed according to the test plan, we adopt a two-phase documentation review process: a technical review of the content followed by a formal QA review. Like the product features, the documentation is divided into categories—books, chapters, and sections—that are recorded in the Issue tracker. Through this coverage, we measure the percentage of the documentation reviewed over time and identify the reviewers and review status.
  
• Defect rates — This is a traditional measure. The goal is to have no high-priority bugs open at release time. Our Bug Council constantly studies the defects and assesses the risks to customers. We also plot simple graph trends to gauge how well the project is converging.

Thanks to Gary and Marina for publishing this article and allowing the community to learn from your experience. 

The OpenDS Team released the latest build of OpenDS which is 1.1.0 Build003.  You can read his blog summarizing the release here.  If you haven't tried the new console that provides tools to create, edit and manage users and schema in an OpenDS instance. 

Here is a list of the major updates, which I borrowed from Ludo's blog.

• Revision 4591 (Issue #3571) - Adjust the Control Panel to reflect changes to the windows service configuration.
• Revision 4592 (Issue #3566) - Increase the timeout of the windows service and make it configurable.
• Revision 4593 (Issue #3564) - Fix a problem that caused make-ldif to fail with a "Permission denied" message.
• Revision 4594 (Issue #3569) - Amend the dsconfig command to handle multi-valued properties correctly.
• Revision 4595 (Issue #3567) - Various fixes to the persistent search mechanism.
• Revision 4598 (Issue #3580) - Fix a Java exception in the control panel when accessing cn=backup.
• Revision 4601 (Issue #3572) - Fix an issue where adding a local backend with dsconfig resulted in a number of erroneous messages printed to the error log.
• Revision 4602 (Issue #3582) - Fix a failure in the --revert option of the upgrade.
• Revision 4605 (Issue #3585) - Change the network group time/size limits to have no default value.
• Revision 4616 (Issue #3567) - Additional fixes to the persistent search mechanism.
• Revision 4621 (Issue #3587) - Refresh the index tab of the control panel after rebuilding indexes.
• Revision 4622 (Issue #3588) - Control Panel : make all Base DNs available for VLV index creation.
• Revision 4623 (Issue #3589) - Control Panel : fix an error raised at new vlv index creation.
• Revision 4632 (Issue #3596) - Control Panel : reset data fields when opening the New Base DN window.
• Revision 4633 (Issue #3599) - Control Panel : new schema object panels were not refreshed.
• Revision 4634 (Issue #3603) - Control Panel : the manage schema function included other files.
• Revision 4637 (Issue #3611) - Control Panel : fix an exception raised when refreshing the backups directory.
• Revision 4638 (Issue #3612) - Control Panel : fix the value of the "Java Home" variable in the "Java Settings" panel.
• Revision 4639 (Issue #3613) - Control Panel : fix incorrect output messages when deleting a subtree.
• Revision 4641 (Issue #3614) - Control Panel : fix restore failure when the available backup was a directory.
• Revision 4643 (Issue #3616) - Control Panel : add the missing --useSSL option.
• Revision 4645 (Issue #3620) - Control Panel : add the missing --noPropertiesFile option to the command-line equivalents.
• Revision 4647 - Add the standard schema files necessary for OpenSolaris LDAP naming services.
• Revision 4648 (Issue #3622) - Control Panel : change the object class sort to be case insensitive
• Revision 4649 (Issue #3622) - Control Panel : sort all the elements in the schema panels without taking case into account.
• Revision 4650 (Issue #3623) - Control Panel : refresh the Matching Rules used by the attributes panel.
• Revision 4652 (Issue #3618) - Control panel : View All Base DS's generated SEVERE ERRORS.
• Revision 4659 (Issue #3547) - Fix an issue that prevented persistent searches from being abandoned.
• Revision 4682 (Issue #3481) - Change the permissions on the password file generated by setup/quicksetup.
• Revision 4697 - Implement a new ACI bind rule keyword "ssf" that allows users to control the level of access based on the security level of the connection.
• Revision 4703 - Provide suppport for SMF for SVR4 packages.

As President-elect Obama announced his Energy Team yesterday, I was excited for two reasons.  One, Steven Chu is a Californian from Lawrence Berkeley National Laboratory and it is nice to see local citizens playing National and Global roles improving our environment.  Two, I am proud to work at Sun because a large number of the energy innovators like Argonne Laboratory, which is also a part of the Department of Energy, are using Sun's Software to provide the backbone of innovation within these organizations.  

Argonne Laboratory uses Directory Server Enterprise Edition to power their collaboration infrastructure.  They also use MySQL, JavaES, OpenSSO Enterprise and Virtualization (e.g. xVM Server) to power their innovation.  You can see a great video with David Salbego, Director of IT Infrastructure at Argonne National Labs regarding his experience and business benefits resulting from Sun solutions. 

BC Hydro also used OpenSSO Enterprise and Directory Server to reduce cost of providing a web portal for their customers to get interact with their organization.  They reduced the use of paper and conserved resources for our environment.  You can read about the solution here.

Gartner Identity and Access Management conference is happening next week, Nov. 10-12 in Orlando, Florida.  This is a great event that brings together analysts, customers and vendors to share knowledge and experience on important topics that shape the Identity and Security industry.  The Directory Product Line Manager, Nick Wooler, will be attending with a few of other notable Identity Product Managers at Sun including: Daniel Raskin, OpenSSO; Nick Crown, Identity and Role Manager; Craig MacDonald, Identity Manager; and our fearless leader John Barco.

Come by and spend some time with your favorite Identity team.  On Monday, November 10 we will be watching Monday Night Football and talking identity in the Presidential Suite at the Gaylord Hotel at 9:00pm ET.  There will be great food, drinks and music as well as a few discussions about Identity.  We hope to see you there.

And, we will be having a few games of Identity Hero.  If you want to practice, check it out here.

The monthly OpenDS Community call happened today.  It was a great call with insight into the upcoming inclusion of OpenDS in OpenSolaris.  OpenDS can be installed on OpenSolaris today but what is new is that it will be available in the new OpenSolaris application repository. I have blogged before on the importance of user experience in software. This is especially important for infrastructure sotware as it increases adoption, reduces training and maintenance costs and most importantly is "the right thing to do" when building product.  The inclusion of OpenDS in the OpenSolaris repository will improve the overall user experience of acquiring and using the software on this important platform for developers and enterprises.  Additionally, the team talked about the latest release and inclusion of the new console. 

In addition to all of the above, I came across the  following review by CS Connell who was comparing OpenDS to several other LDAP directory solutions.  Although his analysis is not comprehensive, the blog post does a nice job of illustrating his analysis of several different solutions against his business and technical requirements. Here are some of the highlights:

 "From an install standpoint, OpenDS seemed quite a bit easier to me, even though I had never seen it before."

"However, one feature that I very much liked (and we need) from OpenDS was virtual attributes, specifically isMemberOf. "

"In the end though, I just felt OpenDS was easier, and would certainly be more straightforward for someone without much backround in the technology .. and it had the nifty isMemberOf attribute we wanted"

He also posts some initial performance testing results.  Although, I can't confirm or properly comment on his results I will leave conclusions up to you.  We will be posting some testing results of our own on OpenDS shortly to give you some additional information.  

There are great things happening in the OpenDS project.  Last week the team released a major update to the code.  The release also contained a great new console to manage schema, edit entries, etc.  I will blog more about this later in the week.  

Additionally, Ludo is having his monthly call this morning to go over the new release and discuss some upcoming feature's.  Hopefully, you can join the call.  Here are the details.

Dear OpenDS users and developers,

Please join us on the phone for the next OpenDS monthly public  
meeting, Tuesday November 4th, 2008, 9am PST, 6pm CET, 5pm GMT.

On the agenda for this month meeting, we will review the current  
status of OpenDS 1.1, do an update on the roadmap and will present in  
details the changes that being integrated in OpenDS to be able to  
integrate it as part of OpenSolaris. These changes include SVR4  
packages, additional features with SASL authentication, SMF support,  
separation of binaries and data...

The call in details can be found here.

The product management team will be attending Burton Catalyst Europe in Prague next week.  This is a great conference that brings together a number of thought leaders and practitioners in the Identity, Security and Dyanmic Data Center spaces to talk about real problems.  One of the tag-lines of the conference is to remove "Vendor-Hype" which is a refreshing approach.  As a vendor we attend the conference to have additional conversations with customers and analysts about the problems teams are experiencing, creative solutions that are being employed to solve those problems, and contribute our voice to where we believe the industry is headed.  

Additionally, while we are in Europe, on Tuesday, October 28 we will be attending the Sun Identity User Group in Munich.  This User Group session is open to all Identity Manager, Access Manager, Directory Server Enterprise Edition, and Federation Manager customers.  For anyone new to this User Group, it is a customer driven forum providing a valuable opportunity for customers to exchange practical and technical knowledge and experiences.  Here is information on the time and location:

Sun Identity Management User Group - EMEA 2008
Tuesday, October 28, 2008
9:00 am - 4:30 pm
Registration & Continental Breakfast will begin at 8:30 am
Sun Microsystems GmbH
Sonnenallee 1
85551 Kirchheim-Heimstetten

The agenda of the User Group can be found here.  You can register for the User Group by going here.