Monday Aug 27, 2007

Sun's Funniest Videos

Okay, I'm not sure that these are Sun's funniest videos, but I'm pointing out some pretty funny videos that I've come across here at Sun. Here, I'm just referring to videos that are on You Tube. If you know of some other funny Sun videos, please leave a comment referencing them. At this time, I am just going for the all-out funny ones (it's Monday and you might enjoy/need the laugh).

I've seen a few Solaris Cluster videos in recent months. I think they're very clever. I tried embedding them, but somehow it wasn't working out. Anyway,  I've simply provided the links: 

These following Sun videos about the "IT Guy" have been out for some time now. These are a little more Hollywood big budget, so to speak. Anyway, they're quite funny.

Friday May 18, 2007

Sun is way ahead of the open source curve (maybe)

I like the following quote:

"So far, it has taken Sun about three years to get to the point it’s at in the big transition. If other companies follow and it takes as long, could that lead to an advantage for Sun as a company that’s ready to get on with it?"

The quote comes from David Berlind of ZDNET in his blog. The blog entry basically explains the accompanying podcast. David interviewed (in MP3 format) analyst James Governor of RedMonk. Both of these guys blogged about the interview. You can access the interview and listen to it from both of their blogs:

  1. David Berlind's Blog
  2. James Governor's Blog

They talk about a few things, but Sun gets a decent amount of attention in the second half of the interview. I would say their attitude toward Sun is controlled enthusiasm. To me it seems they're both giddy about Sun's open source approach of late.

They throw in the appropriate disclaimers, but in their conversation Sun was sounding real intelligent.

Of course, I'm always listening for anything about identity management. That's where James said he wanted to see Sun do more. It was just one quick sentence. I'd like to know "More in what areas of identity management and why?" I mean, how is Sun lacking? I hear things like this from time to time, but I'm not sure if the analysts who say such things have ideas where Sun is missing out. In James' case, I'm sure he has very clear ideas of what Sun should be doing, but I don't know exactly what those ideas are.

Anyway, I took the interview to be very, very positive. Unfortunately, it means we have to work extremely hard now. I say that because whenever there's positive news about Sun, immediatley somebody says, "Yeah, but we still have a lot more work to do." This time I wanted to say it before somebody else did.

Wednesday May 09, 2007

JavaOne, Customers, Documentation, Software

I haven't even gotten to JavaOne yet, but I've already made contact with a Sun customer who has Sun JavaTM Enterprise System deployed at his organization. Some key software components of interest for him are Sun Java System Access Manager, Sun Java System Portal, Sun Java System Application Server and the Communications Suite.

So, let me provide a little background:

In yesterday's blog entry, I talked about JavaOne. I also included a bling-thing. That badge-looking thing is called "My QuickConnect Card." If you click it, it will bring you to my JavaOne profile. JavaOne attendees should have a username and password they could log in with from that page.

About the first thing I did after logging in was that I looked at the "View All Groups" page. I eventually came across the group "Sun Java Enterprise System Users." The description of this group was right up my alley. Here it is:

The biggest issue we've had is finding others using the same platform. I was hoping to find others using Sun Portal Server 7 as our deplyment platform for portlets and Sun Access Manager 7 as our Single Sign On and Sun Application Server 8 as the J2EE stack. I'd enjoy meeting others to talk about experiences.

Well that's great! I'd like to be a fly on the wall of any such discussions. Since I'm a technical writer of Sun Java System Access Manager Policy Agent documentation, the issues with Sun Access Manager 7 as the Single Sign On and Sun Application Server (since there's an agent from the Policy Agent 2.2 software set for it) are of interest to me. So, I'd like to hear where the documentation is right and wrong in that regard. The problem is that there are so many groups that it's hard to find any group at all and nobody signed up for it (well, besides me).

I'd like to think that the reason nobody has signed up for it is because they didn't know about it. Here it is a five day event and there's all this social software set up for interactions and such. Just like everything these days. It's so much info, it's too much info. Anyway, I sent an email to the group owner. He sent me an email back expressing a lot of his thoughts and experiences on Sun Java Enterprise System software.

I found it to be fantastic information: issues with patches, documentation issues, the cheatsheets he's come up with and more. Wow! All the things I should be hearing about.

In his email he also mentioned the Communications Suite and load balancers and other specifics about his organization's deployment. Okay, now we're talking: real world depolyments.

I want to hear more. I'll see if I can hook up with him today. If any other JavaOne attendees are interested, find and sign up for the "Sun Java Enterprise System Users" group.

Okay, so it's off to JavaOne!

Tuesday May 08, 2007

JavaOne and Identity Management

I'll be attending JavaOne tommorow, so I thought I'd get any info I could that has already gone on there or will go on there related to identity management.

First, while searching around, I saw I could create a profile and act like I'm a key player. That's what I've done, thusly:

Join Me at the 2007 JavaOne Conference Event Connect Tool!

Okay, I'm no cooler than I was before, probably a little less cool, but I have another bling-like thing on my blog.

Back to my Point:

There have already been some Sun blog entries that have the JavaOne/Identity Management connection going on, as such:


A few JavaOne sessions as shown in the link below are related to identity management (OpenSSO):

Identity Management Related Sessions


The JavaOne Pavilion has lots of exhibitors. The following URL lists all exhibitors, but at the bottom of the page is a list of exhibits (booths) that Sun has there.

All Exhibitors with Sun highlighted

The following link brings the description of the identity management exhibit to the top of the page:

Identity Management: 1 Identity 1 World

The following link brings the description of the OpenSSO/OpenDS exhibit to the top of the page:

OpenIdentity: OpenSSO and OpenDS

JavaOne Blogs:

Okay, the blogs listed at the following page don't necessarily have anything to do with identity management, but I liked the fact that there's a JavaOne Web page dedicated to blogs:

JavaOne Blog Page

Documentation-Related Exhibit:

There's another exhibit going on that I'll be interested in, though it has nothing to do with identity management. It has to do with creating a structured XML based documentation system. Get Java Technology Technical Publication Tools

What Have I Missed?:

Lots probably!

Tuesday Jan 30, 2007

Identity Management: Only the Paranoid Survive

I just read a white paper from IDC that supports what I often say when bidding someone farewell, “ Don't trust anybody!” It usually comes out like this, “Okay, see you later; don't trust anybody!” I'm not positive why I say that. I guess I don't trust anybody, and according to IDC, when it comes to your company's resources, you shouldn't trust anybody either. Not even your own people.

The white paper I read is titled Privileged Password Management: Combating the Insider Threat and Meeting Compliance Regulations for the Enterprise. It's good reading.The fact that I find this kind of paper “good reading” frightens me. It seems that I've crossed a line from which I can never return. Still, there is something very spy-thriller, espionage-like about it. So, I guess it makes some sense that I find it interesting. Who knows, you might just find it interesting, too. I mean, if your into this sort of thing. This article was sponsored by Cyber-Ark software. As of today, you can get your hands on it in a couple of ways. Will it be available in the same manner tomorrow? I don't know. The two methods are:

  1. Indirect: and click Download Now. You'll then have to register.

  2. Direct: That's the PDF. The company providing the PDF is Noxs. They provide solutions that often include Cyber-Ark products.

I get the feeling that Cyber-Ark gets frustrated that few people understand how well their products solve huge security issues. I've only recently started hearing about the internal security concerns that are discussed in this article. I mean, I've heard for a long time that internal security risks are usually more dangerous than external ones, but I've only recently started hearing the specifics of those internal risks.

Cool Take-Aways from the Article

  • More than 70% of Identity & Access Management implementations are driven by government and industry compliance regulations.

  • Compliance regulations present some huge technological challenges.

  • The tendency is for larger companies to be more concerned with internal security threats than with external security threats.

  • Generic accounts, such as administrator on Wintel platforms, root on UNIX systems, DBA passwords and hard-coded passwords in application scripts can be a huge risk for a company.

Random Thoughts in Closing

  • So what Andy Grove's been saying for years, “Only the paranoid Survive,” might indeed be true.

  • It seems I've heard that Sun Microsystems works well with Cyber-Ark, but I don't know if that means that Sun's products work well with Cyber-Ark's products or if the two companies cooperate nicely with each other.

  • Okay, see you later; don't trust anybody!

Wednesday Jan 24, 2007

Access Manager 7.1: Learn All About It

Two weeks back, I took a week-long Access Manager 7.1 beta course (AM3480). I've been wanting to blog about it ever since. The problem is that the week-long class set me back about a week.

Classroom Learning
As I've said in this blog before, I love classroom learning. That hasn't changed. I could easily take this class three weeks in a row, learn something new each time, and love the experience. It's a sickness really. Perhaps “sickness” is a strong word, but I do have an unusually high amount of enthusiasm toward learning in a classroom setting.

Beta as a Good Thing
The course was a “beta” course, which I think turned out to be a bonus. The class was taught to Sun employees in order to work out the kinks and perfect the content. There were nine of us. Instead of being taught by a course instructor, the class was taught by a course developer, specifically David Goldsmith. You can view a video of David explaining Federated Identity. Federated Identity was something covered in the class, so you can get a little sense of the type of material covered in the course. The video is part of a series of training hot topics.

About the students in this beta class, I was, without a doubt, the least technical person in the room. The other students were identity management developers, service folks, support folks, etc. Luckily, the class is designed to catch the less technical people, like me, too. The labs were very helpful in that respect. We also got a lot of explanations of why material was in the class, which ended up providing a pretty good perspective of what customers need and expect to learn about Access Manager. Students' comments were highly encouraged. It was all part of the process of determining what should and shouldn't be covered in the course when it's available to the public.

What I Learned
I took the Access Manager 6.3 training course and I noticed a lot of maturity in both Access Manager and in the Access Manager training course this time around. I was able to follow the course much better this time, mostly because I've become more familiar with Access Manager over time. However, more than a modicum of my increased understanding is because of the emphasis on real world situations. Kudos for that. The product can be pretty abstract. Performing the labs isn't enough to unveil all the cloudiness. But the explanations of what was being accomplished in the labs and what it means to customers were very helpful.

It's the Little Things
As I explained in a previous blog entry about training classes, it's the little things that really make it fun. Here are a few little, but cool, things I picked up or at least was exposed to in the class:

  • A UNIX trick: In the bash shell, the “CONTROL + r” combination gets the shell to try to complete your next command by matching what you start to type with commands you've typed in the past.

  • Browser Cache Issues: The browser cache can get in the way. I didn't know, but you can stop the browser from caching. I knew you could clear the cache, but even then I followed that by closing the browser. It seems that closing is not proper. Quitting is proper. I assumed they were the same. Who knew? Apparently, everybody else in the class.

  • CLI Options for Most Everything: Not to say that I actually learned the command-line options for everything, but we usually tried both a GUI option and a CLI option. There are various reasons for knowing the CLI commands, such as related to scripting and security. I appreciated and understood those reasons better than I have in the past.

The Customer
As it should be, the customer is all important. You leave this course knowing it. We heard a lot about why new features had been added or why certain facts or commands were being taught in the course. Basically, such lessons turned out to be history lessons about customer requests and expectations over the years.

The Real World
The federation chapters and the deployment chapter were very good for me because they focused on real world examples. We got a taste of deployments involving distributed authentication UI server and other scenarios that include a variety servers in the DMZ (with firewalls on both sides).

And we saw deployment examples where Access Manager was installed as a WAR file instead of through the Java Enterprise Server installer. This lightweight installation option is often demanded by customers and is the form in which OpenSSO is downloaded. In fact, the Access Manager WAR file option is often compared to sliced bread, the wheel, and chocolate ice cream. Customers love, love, love this thing. You can actually get your hands on the Access Manager 7.1 Beta WAR file. It's all part of the Java EE 5 SDK downloads. The following is the download specifically for Access Manager 7.1 Beta WAR. For that last link and other Sun links to an actual download, you need a Sun Online Account. It's a free but required step. Anyway, it was good to see something in the class about the WAR file option.

Time or Lack Thereof
It always comes down to time or money. In this case, it was time. As a class, we couldn't complete all the labs. I, personally, fell behind a few times. I came in early every morning and stayed past 10PM one night (probably not an option for students in the regular course) to catch back up. UNIX shortcuts and such are pretty unfamiliar to me. Therefore, I found it helpful just to watch other students bring up prior commands, use vi, and stuff like that.

With my extra effort, I managed to stay up with the class all the way through. Actually, the students were all a serious bunch. A lot of students stayed late. There was no email going on during lectures, pretty intense learning. All the same, the class as a whole couldn't get through everything, so it seems that some things will have to be taken out. Somehow, I don't think a seven-day class will fly. I'd sign up in a second, but a class of one just doesn't make much cents.

Thursday Jan 04, 2007

Open Source: Access Manager and Beyond

All the open source projects going on around Sun Microsystems is enough to make your head spin.

Again, I'm a technical writer for Identity Management Software. More specifically, I write about Access Manager and Policy Agent, usually Policy Agent.

Therefore, I'd like to have a better understanding of OpenSSO. It's all good, but it's all too much. I can't possibly keep up with all the open source projects happening at this company. I wish I could, because I sense potential synergies. One who knows such things, must see possibilities of how some of these various open source projects can come together in the future to make this a better world planet (for some reason, people at Sun always refer to Earth as “planet.” For example, “We have the best identity management software on the planet.” I never got the memo on this, so I don't know why this particular term has been chosen. That's okay, I'll use it all the same.).

The link to OpenSSO is

So, I looked around and I think there's some good info at that site. The following paragraphs are FAQs

from that I thought provided the key info.

Q: What is OpenSSO?

The Open Web Single Sign-On Project, also referred to as OpenSSO, is an open development effort based on the source code for Sun Java TM System Access Manager, a core identity infrastructure product offered by Sun Microsystems, Inc. The goal of OpenSSO is to provide an extensible foundation for an identity services infrastructure that will facilitate single sign-on (SSO) for web applications hosted on web and application servers in the public domain.

Q: How are OpenSSO, Sun Java System Access Manager and Sun Java System Federation Manager related?

A: OpenSSO is based on the Access Manager 7.0 code base (including components under development for 7.1). There are some changes (for example, Access Manager contains some third-party source code which we cannot redistribute) but we have worked to minimize these. The next versions of both Federation Manager and Access Manager will be built from the OpenSSO source (just as Sun Java System Application Server is built from the Glassfish source). When Sun decides that OpenSSO contains the features we want to use in the next Access Manager/Federation Manager product release, we will branch the code and stabilize the release branch - all in public. New feature development can and will continue on the trunk and fixes in the Sun release branch will be copied back to the OpenSSO trunk.

For an example of using Sun open sourced projects together, check out Indira's blog:, which combines components from OpenSSO and GlassFish. GlassFish is the open sourced project for Java EE 5 Application Server.

This is cool to me because it gets heavy duty involved with Policy Agent 2.2. specifically for Sun Java System Application Server 8.1, which is pretty much (but not exactly) what the GlassFish server is.

Anyway, my prediction is that combining open sourced projects will be all the rage soon enough. Those will be all the cool people, the one's who get invited to the Hollywood parties and rub elbows with celebrities all over the planet.

Wednesday Dec 13, 2006

Some things translate, somethings don't!

In my entry yesterday, I referenced tkudo's weblog. He provides a link that translates his entries, which can be great fun.

Tkudo writes mostly about identity management. When he's writing procedures and stuff, such as the links I referenced yesterday, the translation is pretty clear. For example, see the following entry:
OpenSSO with a Web Agent.

At the top of the entry, click Translate to English. It takes a moment for the translation to take place. Once it's complete, I think you'll find that the translation is sort of clear.

Now, try that with another entry that's mostly text. For example, try that translation button with the following entry:
Shed Light On.

I find that entry to be a lot more fun. I'm not positive what it's saying. Can anyone shed light on this for me?

Tuesday Dec 12, 2006

Getting Some More Identity

I've done more to give this blog some Identity. 

In the process, I've learned more about who blogs about identity Management at Sun and I've learned more about how to customize Roller blog software.

Right now, I'm using the editor that comes with Roller . In my search for more blog identity, I learned that this blog editor (it's called Xinha) is new and improved over prior the prior editor. We'll see, I tried it before it was improved and I can confidently say it needed improving. I couldn't get the fonts to do what they said they were going to do. If you follow me. We'll see how this all looks.

I also started playing with tags and with the search. That's how I came across other Sun bloggers who mentioned Identity Management in some way. That's a big topic actually. I also found some entries about Policy Agent.

For example, though I don't  understand Japanese, I know these entries discuss things like policy and Policy Agent:

Call me a visual learner. 

 About my blog, I've a section in the column on the right: My Recent Blog Entries. I've looked at the documentation: Roller 3.0 User's Guide and Roller 3.0 Template Guide quite a bit, but still. For this I did a search and found a Sun blogger who explained how to do it.

 I went to and searched for the following:

blog customization recent entries

That search led to this entry:

I knew enough to know that I was going to have to do things a little differently for my blog in terms of customizing the templates. But it gave me the info I needed. I added the 15 most recent entries. Actually, I only had 15 entries, so that made sense.

 Keep in mind my Nov 17 entry, which explains tha t what I'm describing about my blog might not apply by the time you read this since it my be 2046 when you're reading this. A lot could change from 2006 to 2046.

 I've learned so much more recently, but that's all I have time for. Blogging, it's not bad.


Darn it! Just before submitting this entry, I did a full preview and the fonts are all messed up. Do you see how the first line is all small? That's not the way it looks in the editor. As Pat Patterson told me today, editors tend to be WYSIMOLWYG (what you see is more or less what you get). Well it's back to other methods, either doing HTML by hand or typing it in a program like Star Office (with HTML) and cutting and pasting it into my blog. By the way, Star Office has a blog editor extension. I haven't been able to use it yet. That's another story.


Wednesday Dec 06, 2006

Writing Out Loud...And in Incomplete Sentences

For an identity management solution over the long term, Sun Microsystems is the way to go because...

I started this thought a week or so back, see my Nov 30th blog entry, to kinda remind myself that I wouldn't mind getting more clear on this.

So, Sun's a dominant player in the Identity Managment space. I'm glad since I work in that space. But what are the reasons again? I think I've heard most of them, but I don't think I've ever gotten the details and seen the big picture. Since I wrote the last entry, a few explanations have crossed my path in blurbs.

  • Standards Based: J2EE, Liberty support, more. Customers tend to like this. I think it's a key "long term" point.
  • Flexibility and Adaptability:
  • Comprehensive:
  • Experience:
  • So far, so incomplete. Another thing is...

Thursday Nov 30, 2006

It's the little things

I've been taking an online Access Manager Training class. I think I'm getting used to this online learning thing.

One thing that can't be disputed, Access Manager is complex. I guess everything is these days. Well, software, anyways. I just completed 2 more of the 12 modules: "Logging and Debugging" and "Authentication and Single Sign-On."

I found most of it to be of interest, but one of the coolest things for me was that I learned something new about the UNIX command ls. Isn't that the silliest thing?

The command shown was ls -lrt. I don't remember ever learning the -r or -t options.

When debugging, one reviews a directory of debug files. If you use the -t option, it puts files in order chronologically from the most recent to the least recent. The -r option reverses that chronological order: from the least recent to the most recent.

Anyway, the most recently updated file is often the source of the problem. So this technique can help one debug. It's those little things that really matter. These things are so little that nobody tells you about them. Well, I guess training folks do, but nobody else does. They assume you know. Trust me, I don't know. Well, now I do. Is it just me?

Wednesday Nov 29, 2006

Writing Out Loud...And In Incomplete Sentences

For an identity management solution over the long term, Sun Microsystems is the way to go because...

Friday Nov 17, 2006

Getting Some Identity

Since I'm a technical writer of identity management software, it makes sense that my blog should reflect that identity. It's starting to.

I've added identity management centric type things. One thing is the identity management ad over here on the right. I just looked at the source for Pat Patterson's blog, copied it, and pasted into the appropriate template (it's a behind-the-scenes thing in the Apache Roller blog software), no tribble at all.

I've also added links to various blogs and such, almost completely about identity management. At least, that's the way it was as I'm writing this. It could be 2046 as you're reading this particular entry. I dont' know. Therefore, I might have completely changed this blog by then/now. In fact, the world might be gone. But if it is gone, how is it that you're reading this? So, that's one thing about blogs. You don't know how long they'll be posted. Indefinitely, it seems. So, think about what you're writing. But you should know that by now. I mean, it's 2046 in your world. If you haven't learned by now how important it is to be cautious about what you say and write, you never will. By the way, what's Sun's stock in 2046? I'm wondering if I should hold on to my stock until then.

Okay, so I added a little Java Duke button, too. It links to the Free and Open Source Java web site.

Beisdes that, I changed the look and feel of the blog a little. Notice how the title for a blog entry is red? Well, you in 2046 might not see that, but those looking at this blog around November 2006 probably do see it. That sort of change should be easy enough to make, right? It wasn't. I was tearing open the CSS and other templates. Carnage! Pure carnage! Anyway, I finally gave the blog a little indiviiduality, not much, but a little bit. Actually, the blog more or less looks like a thousand other Sun blogs, but it's the thought that counts. I thought a lot about making it unique.

A question to the visitors of this blog in 2046: What were the hot trends in identity management around 2015? I want to pass the info on to Sun engineers now so we can be way ahead of the game. I suppose by 2046 computers will be able to check one's DNA before providing access to resources, in a non-instrusive manner of course.

So, that covers how my blog is getting some identity. It covers a few other things, too. But mostly it covers the blog identity thing. I'll keep adding identity as time goes by, borrowing liberally from whomever's blog I can.

Sunday Nov 12, 2006

Training - Online vs. Classroom

I'll take the classroom any day.

I understand that some people prefer online courses to instructor-led courses. And not because the online courses are so much cheaper, but because they're so much more enjoyable.

I am definitely not one of those people. Not that there's anything wrong with that. If that's who you are.

I'm taking an Access Manager 7 Online Training Course through Sun Training right now, and it's good stuff. Don't get me wrong; it's excellent. I'm dying, I tell you! I just finished the fourth of 12 modules. There's a soothing instructor's voice talking me through the whole thing. Lots of screen casts. It's quite clear. Dying! Burning alive! It's killing me! High quality, state of the art, professional, online training. I highly recommend it if you like that kind of thing. I've learned a lot.

Give me a right-there-in-the-classroom instructor any day of the week. I actually took an instructor-led Access Manager class about a year and a half ago. Heaven! A delight. Of course, I didn't have to pay for it, so it was that much more delightful. Through Sun Training, I also once took a Solaris 10 instructor-led course. That was equally fantastic. That class made me want to be a better man, and that's as good as it gets.

What does this all mean to you? I have no idea. But, here's the link to all of the Identity Management Training courses. Perhaps you too will reach a higher state of consciousness. Unlikely, highly unlikely, but let's not count it out.

Thursday Nov 02, 2006

Access Manager Hollywood

I haven't quit my day job yet, but I might have a career in commercials.

I participated in a fun little "commericial" for Identity Management training. I've embedded here in my blog. Mostly, I wanted to see how hard it would be to add it here. It wasn't hard.

In the commercial, David Goldsmith is the interviewer. I'm the second person interviewed. For some reason, I keep looking at something. I don't remember what it was. It looks like I'm looking at the microphone. I think I was trying to understand the inner conflict of needing Identity Management training when I'm obviously heading toward a career as an actor.

Identity Management just for me


What does this box do?


« July 2016