Friday Jul 17, 2009

OpenDS 2.0 is here !

The OpenDS development team is very please to announce the availability of OpenDS 2.0.0 and it's supported companion Sun OpenDS Standard Edition 2.0.

OpenDS is an LDAPv3 compliant Directory Service written entirely in Java. The 2.0 release has many new features since OpenDS 1.0 that was released a year ago:
• A graphical control panel that enables basic server and data administration is available and replaces the OpenDS 1.0 status-panel
• An administration connector manages all administration related traffic to the server. By separating user operations and administration operations, the administration connector ensure a better quality of service and simplify logging and monitotring
• Connections can be secured and encrypted with SASL mechanisms
• Access Control mechanism has been enhanced to control access based on the level of security of the connection
• The ;binary transfert option is now supported
• Standard schema files related to Solaris and OpenSolaris LDAP naming services are provided by default
• Setup and tools provide an enhanced support for the JCEKS keystore and alternate security providers
• A new mode for Multi-Master Replication providing greater consistency and availability of data: Assured Replication
• Recurring tasks allow an administrator to schedule repeated tasks such as backups
• New extensible matching rules and indexing allowing comparing, ordering of data according to specific locales and languages
• Better monitoring information for the server and for Replication
• Full compliance with RFC 4518 and matching of UTF-8 in attributes with a DirectoryString syntax
• VLV indexes are now built during the Import
• Works with IBM JVM (Java 6 SR4 required)
• Works by default with JConsole and VisualVM when JMX Connection Handler is enabled
• Default settings and ergonomics have been improved reducing the need for tuning parts of the server
• Greatly improved performances and stability over time of those performances
• Resolved a possible security issue when Pre-ReadEntry, Post-ReadEntry and Assertion Controls were enabled

OpenDS 2.0.0 is a promotion of OpenDS 2.0.0 Release Candidate 4, built with revision 5492, to the stable and finalized version.
It can be installed with the Java WebStart QuickSetup or downloaded as a Zip file.
A DSML-to-LDAP Gateway is available as a War file.

Like for previous OpenDS releases, a snapshot of the documentation wiki has been setup. The documentation is still being verified and a few links might not be functional yet. We expect it to be finalized by the end of next week.

You can find more information about OpenDS 2.0 in the release notes.
For a supported version of OpenDS, please check the Sun OpenDS Standard Edition 2.0 home page or get it directly from Sun Download Center.

I'd like to address a special thank to our external contributors who have helped making this release a better release, especially Christian Brennsteiner for the German translation of messages, Tosiki Iga for the Japanese translation, D.J Hagberg for the performance enhancements, Andy Wang for the IBM JVM Support.
Thanks also to all users who have raised issues during the development phase, helping us with testing the server in ways we can't.

This is a major milestone for the OpenDS project, but there is more to come... Make sure you check the Roadmap and you participate to it.

Technorati Tags: , , , ,

Thursday Jul 09, 2009

Lowering the bar for OpenDS Translation...

Opends Logo TagPavel Heimlich, also known as Hajma on in the OpenDS project and lead for many Translation projects, has gone through all of the OpenDS messages to figure out the ones that were still in use and important to translate. There is now a "simplified" OpenDS project in the Community Translation Interface that contains a 5th of the initial messages, making it easier and faster for the volunteers to translate OpenDS to their preferred language. There are currently on-going translation for chinese, french, german, japanese, korean, polish, portuguese, serbian and spanish, but new language projects can be initiated on demand.
If you're interested, check the How To Guide.

Technorati Tags: , , , , ,

Wednesday Jul 01, 2009

Work Paleontology

It all started today by a conversation with a colleague on our long experience with LDAP and Directory Services...

E3X LogoI told him that I've started my carrier as a developer in the X.400 domain. In my first job, for a French startup called E3X, between 1991 and 1995, I've wrote 3 different versions of a P7 Message Store for the UCOM.X400 product line. Along the same dates, I've also been involved a little bit with X.500. One of the things that I've done, was using our UCOM.X500 product to store information about some restaurants in the Sophia-Antipolis area, so that we could search and choose one whenever we had visitors coming. The data included beside the usual address and phone number, the type of food, opening hours, whether reservation was necessary and so on...

The schema defined eventually got cleaned up and published as an internet draft by my manager at that time, Dr. Alain Zahm. You can find a summary of this internet draft at the very end of this page: http://choices.cs.uiuc.edu/uChoices/Papers/Proposals/92.MobileComputing/INDEX.
Minutes of IETF OSI-DS meeting in November 1992 also shows that the schema was discussed.
Now that all public and research X.500 servers have been stopped and decommissioned, there is no trace of this anymore. Google is too young to have references to this, and so is Yahoo. But I do remember that in the mid 90ies, whenever I was searching for my name, most of the results coming back were associated with some little known restaurants on the French Riviera !

In 1995, I joined Sun to work on the Solstice X.400 product and a year later, with I've started working on University of Michigan slapd code to produce Sun Directory Services 1.0, released in September 1997... the rest is history :-)

Technorati Tags: , ,

Saturday Jun 27, 2009

To the FISL attendees...

FISL 10

Many of you have requested the slides.
Here they are :

Thanks for your presence...
A more detailed article is in the works.

Technorati Tags: , , , , ,

Wednesday Jun 24, 2009

OpenDS 2.0.0 Release Candidate 3 is now available

Opends Logo TagThe OpenDS development team is very pleased to announce the immediate availability of OpenDS 2.0.0-RC3, the third and probably last release candidate for OpenDS 2.0.

OpenDS 2.0 has a number of new features over OpenDS 1.2.0 that was released in February 2009 :

  • A new mode for Multi-Master Replication providing greater consistency and availability of data: Assured Replication
  • Recurring tasks allow an administrator to schedule repeated tasks such as backups
  • New extensible matching rules and indexing allowing comparing, ordering of data according to specific locales and languages
  • Better monitoring information for the server and for Replication
  • Full compliance with RFC 4518 and matching of UTF-8 in attributes with a DirectoryString syntax
  • VLV indexes are now built during the Import
  • Several improvements in the Control Panel
  • Works with IBM JVM (Java 6 SR4 required)
  • Works by default with JConsole and VisualVM when JMX Connection Handler is enabled
  • Default settings and ergonomics have been improved reducing the need for tuning parts of the server
  • Greatly improved performances and stability over time of those performances
  • Resolved a possible security issue when Pre-ReadEntry, Post-ReadEntry and Assertion Controls were enabled

Overall, over 170 issues have been fixed.

The purpose of the Release Candidate is to solicit one last round of testing before the final release.
So please test the OpenDS release with your client applications, in your environment or on your favorite platform.

Our quality team will be doing the same during the next 2 to 3 weeks.

If you do find a bug, please report it with Issue Tracker.

We welcome feedback. Please report you experience with OpenDS on our mailing lists, or on #opends IRC channel on Freenode.

OpenDS 2.0.0-RC3 is built from revision 5460 of the b2.0 branch of our source tree.

The direct link to download the core server is: http://www.opends.org/promoted-builds/2.0.0-RC3/OpenDS-2.0.0-RC3.zip

The direct link to download the DSML gateway is: http://www.opends.org/promoted-builds/2.0.0-RC3/OpenDS-2.0.0-RC3-DSML.war

We have also updated the archive that may be used to install OpenDS via Java Web Start. You may launch that using the URL http://www.opends.org/promoted-builds/2.0.0-RC3/install/QuickSetup.jnlp, or visit https://www.opends.org/wiki/page/OverviewOfTheQuickSetupTool for more information.

Detailed information about this build is available at http://www.opends.org/promoted-builds/2.0.0-RC3.

Major changes incorporated since OpenDS 2.0.0 RC2 include:

  • Revision 5436. Delivers updated localization bundles
  • Revision 5439 (issue #4047) - Resolves an issue with uninstalling OpenDS.
  • Revision 5440 (Issue #4049) - Fixes an issue in the Control Panel where monitoring information was not available for all Connection Handlers.
  • Revision 5441 (Issue #4045) - Fixes an issue with start-ds -F so it reports snmp build information.
  • Revision 5452 (Issue #3713) - Resolves an issue where sockets could be leaked when replication connection fails due to SSL handshake.
  • Revision 5459 (Issue #4057) - Fixes an issue where restoring the schema from a backup would silently fail and prevent the server from working.

Technorati Tags: , , , , ,

Tuesday Jun 23, 2009

If "God" says it...

...It must be true.

James Gosling
In a interview published this monday in eWeek Europe, James Gosling queried about Innovation in Java, replied the following:

"It's all over the place inside Sun. People are doing cool things in any direction you want to look. The enterprise guys — the GlassFish group — they're totally on a tear these days. The OpenDS guys are being really successful. The OpenJDK guys are getting some real traction. Stuff like the Jigsaw modularity stuff is getting a lot of excitement."

As one of the OpenDS guys, I like the middle of the response... And so it must be true !

Technorati Tags: , , , ,

Thursday Jun 11, 2009

OpenDS 2.0.0 Release Candidate 2 is now available

Opends Logo TagThe OpenDS development team is very pleased to announce the immediate availability of OpenDS 2.0.0-RC2, the second and probably last release candidate for OpenDS 2.0.

OpenDS 2.0 has a number of new features over OpenDS 1.2.0 that was released in February 2009 :

  • A new mode for Multi-Master Replication providing greater consistency and availability of data: Assured Replication
  • Recurring tasks allow an administrator to schedule repeated tasks such as backups
  • New extensible matching rules and indexing allowing comparing, ordering of data according to specific locales and languages
  • Better monitoring information for the server and for Replication
  • Full compliance with RFC 4518 and matching of UTF-8 in attributes with a DirectoryString syntax
  • VLV indexes are now built during the Import
  • Several improvements in the Control Panel
  • Works with IBM JVM (Java 6 SR4 required)
  • Works by default with JConsole and VisualVM when JMX Connection Handler is enabled
  • Default settings and ergonomics have been improved reducing the need for tuning parts of the server
  • Greatly improved performances and stability over time of those performances
  • Resolved a possible security issue when Pre-ReadEntry, Post-ReadEntry and Assertion Controls were enabled

Overall, over 170 issues have been fixed.

The purpose of the Release Candidate is to solicit one last round of testing before the final release.
So please test the OpenDS release with your client applications, in your environment or on your favorite platform.

Our quality team will be doing the same during the next 2 to 3 weeks.

If you do find a bug, please report it with Issue Tracker.

We welcome feedback. Please report you experience with OpenDS on our mailing lists, or on #opends IRC channel on Freenode.

OpenDS 2.0.0-RC2 is built from revision 5417 of the b2.0 branch of our source tree.

The direct link to download the core server is: http://www.opends.org/promoted-builds/2.0.0-RC2/OpenDS-2.0.0-RC2.zip

The direct link to download the DSML gateway is: http://www.opends.org/promoted-builds/2.0.0-RC2/OpenDS-2.0.0-RC2-DSML.war

We have also updated the archive that may be used to install OpenDS via Java Web Start. You may launch that using the URL http://www.opends.org/promoted-builds/2.0.0-RC2/install/QuickSetup.jnlp, or visit https://www.opends.org/wiki/page/OverviewOfTheQuickSetupTool for more information.

Detailed information about this build is available at http://www.opends.org/promoted-builds/2.0.0-RC2.

Major changes incorporated since OpenDS 2.0.0 RC1 include:

  • Revisions 5376, 5388, 5390 (Issues #3997, 4006 and 3993) - Improvements to the schema parsing mechanism.
  • Revision 5378 (Issue #3898) - Make all information from a BIND request accessible from AuthenticationInfo.
  • Revision 5381 (Issue #4009) - Fixes to the upgrade facility.
  • Revision 5384 (Issue #3856) - Improvements to the way in which connections and extended operations are logged.
  • Revision 5386 (Issue #3996) - Fix a problem that could result in lost delete operations within a replication topology.
  • Revision 5392 (Issue #4010) - Fix an exception in the DSML implementation.
  • Revision 5394 (Issue #4014) - Improve the information showed by start-ds.
  • Revision 5395 (Issue #4013) - Fix an encoding error for the server side sort response control.
  • Revision 5396 (Issue #4011) - Correct a problem with indexing after an upgrade.
  • Revisions 5398, 5400, 5403 & 5412 - Localization improvements.
  • Revision 5402 (Issue #4007) - Improve performance when importing entries containing attributes with many values.
  • Revisions 5404 & 5409 (Issue #4020) - Allow help links in the control panel to be customized.
  • Revision 5406 (Issue #4022) - Fix a Java exception when using dsconfig -m/unit-time.
  • Revision 5407 (Issue #4027) - Fix an NPE when configuring network groups.
  • Revision 5411 (Issue #3988) - Improve throughput stability and GC performance under heavy connect/disconnect loads.
  • Revision 5414 (Issue #4062) - Enable the deregistering of add/change/delete configuration listeners.
  • Revision 5415 (Issue #4012) - Improve the import task to handle missing include branches.
  • Revision 5417 (Issue #4023) - Restart the server after scheduling a restart task.

Technorati Tags: , , , , ,

Friday May 29, 2009

In Love with DSEE !

Some people seem to be in love with our Directory Server Enterprise Edition product and are showing it ! I wonder when we will start seeing OpenDS license plates ;-)

DSEE lover

Photo courtesy of Kent Spaulding, CTO at Skyworth TTG.

Technorati Tags: ,

Monday May 25, 2009

OpenDS 2.0.0 Release Candidate 1 is now available

Opends Logo TagThe OpenDS development team is very pleased to announce the immediate availability of OpenDS 2.0.0-RC1 which is the first release candidate for OpenDS 2.0.

OpenDS 2.0 has a number of new features over OpenDS 1.2.0 that was released in February 2009 :

  • A new mode for Multi-Master Replication providing greater consistency and availability of data: Assured Replication
  • Recurring tasks allow an administrator to schedule repeated tasks such as backups
  • New extensible matching rules and indexing allowing comparing, ordering of data according to specific locales and languages
  • Better monitoring information for the server and for Replication
  • Full compliance with RFC 4518 and matching of UTF-8 in attributes with a DirectoryString syntax
  • VLV indexes are now built during the Import
  • Several improvements in the Control Panel
  • Works with IBM JVM (Java 6 SR4 required)
  • Works by default with JConsole and VisualVM when JMX Connection Handler is enabled
  • Default settings and ergonomics have been improved reducing the need for tuning parts of the server
  • Greatly improved performances and stability over time of those performances
  • Resolved a possible security issue when Pre-ReadEntry, Post-ReadEntry and Assertion Controls were enabled

Overall, over 150 issues have been fixed. However, there are still a few issues with the release candidates, and more specifically upgrading from an earlier version is not functional. This should be fixed in the next release candidate.

Localization of the OpenDS messages is still work in progress and thus some messages can still appear in English when running a localized version of the server.

The purpose of the Release Candidate is to solicit one last round of testing before the final release.
So please test the OpenDS release with your client applications, in your environment or on your favorite platform.

If you do find a bug, please report it with Issue Tracker.

We welcome feedback. Please report you experience with OpenDS on our mailing lists, or on #opends IRC channel on Freenode.

OpenDS 2.0.0-RC1 is built from revision 5374 of the b2.0 branch of our source tree.

The direct link to download the core server is: http://www.opends.org/promoted-builds/2.0.0-RC1/OpenDS-2.0.0-RC1.zip

The direct link to download the DSML gateway is: http://www.opends.org/promoted-builds/2.0.0-RC1/OpenDS-2.0.0-RC1-DSML.war

We have also updated the archive that may be used to install OpenDS via Java Web Start. You may launch that using the URL http://www.opends.org/promoted-builds/2.0.0-RC1/install/QuickSetup.jnlp, or visit https://www.opends.org/wiki/page/OverviewOfTheQuickSetupTool for more information.

Detailed information about this build is available at http://www.opends.org/promoted-builds/2.0.0-RC1.

Major changes incorporated since OpenDS 1.3.0-build006 include:

  • Revision 5318 (Issue #3969) - Provide support for wildcards in dsconfig certificate management.
  • Revision 5321 (Issue #3962) - Fix memory leaks after Bind - Unbind
  • Revision 5323 (Issue #3971) - Enable Windows to detect the JVM automatically on install.
  • Revision 5336 (Issue #3981) - Fix uncontrolled memory growth under heavy connect/disconnect load.
  • Revision 5338 (Issue #3977) - Fix memory leak in Control Panel.
  • Revision 5347 (Issue #3938) - Improve the speed of dsconfig in non-interactive mode.
  • Revision 5364 (Issue #3995) - Fix an error that caused replication to stop if the queue-size-bytes maximum was reached.
  • Revision 5365 (Issue #3250) - Fix a problem that could cause replication initialization to fail.
  • Revision 5369 (Issues #3984 & #3989) - Fix security issues with Assertion, Pre-Read, and Post-Read Controls.
  • Revision 5374 - Upgrade JE to the latest official release (3.3.82).

Technorati Tags: , , , , ,

Tuesday May 19, 2009

OpenDS as the OpenSSO User Repository

OpenSSO Express 7 was announced earlier in April with a full support for OpenDS Standard Edition for storing users' identity data.
Back in March, I pointed out Indira's blog and the detailed how to guide for configuring OpenDS as the OpenSSO user store.

BlahRecently, the official documentation appeared on the OpenSSO resource center. So if you want to use OpenDS as the OpenSSO User Repository, I encourage you to read and follow the steps detailed here: http://wikis.sun.com/display/OpenSSO/Using+OpenDS+as+a+User+Data+Store.

Technorati Tags: , , , , ,

Thursday Apr 30, 2009

Directory experts from the US meet in Somerset.

Nick Wooler presenting at Sun Directory Masters 2009 in NJYesterday and today, we're hosting the US version of the Sun Directory Masters in Somerset NJ. Despite the weak economy and the swine flu, over 40 sales engineers, consultants, software architects met to discuss with the lead developers from the Directory engineering team, the coming features of Sun Directory Server Enterprise Edition 7 and Sun OpenDS Standard Edition 2.0.

With an agenda very similar to the Grenoble event, yesterday we've covered the Directory landscape, the Directory Services products roadmap, performances and new deployment scenarios offered with the new products. Today, we're discussing Sun OpenDS Standard Edition 2.0, its performances, tools to transition legacy directory services to new deployments, benchmarking tools... We also have presentations done by our partners like Bill Hathaway from Versatile or our own field engineers or architects like Brad Diggs, Michael Melore (trying to entertain the attendance at lunch break), Wajih Ahmed or Lee Trujillo (as pictured during his talk below).

Michael Melore, Master of ceremony at the Directory Masters in Somerset NJLee Trujillo talking DirTracer at the Directory Master event in Somerset NJ

Technorati Tags: , , , , , , ,

Thursday Mar 12, 2009

OpenDS Tips: Adding schema from OpenLDAP

Opends Logo TagThe OpenDS schema is slightly different from the OpenLDAP one, but it's quite simple to convert schema files from one format to another.
OpenDS, like Sun Directory Server Enterprise Edition and Fedora DS, uses a strict RFC 4512 and LDIF format.
In OpenLDAP, the actual text of the schema definition is similar and described using the RFC 4512 notation but uses the printer friendly notation, similar to the textual description in RFC documents.

So when converting schema files from OpenLDAP, for use in OpenDS, there are mainly 4 differences to take care of:

  • In OpenLDAP, an attribute definition begins with "attributetype" while in OpenDS it begins with "attributetypes: "
  • Similarly, in OpenLDAP, an object class definition has an "objectclass" prefix while it is "objectclasses: "
  • OpenDS follows the LDIF conventions that the continuation line begins with a single space character, and that an empty line is an entry separator
  • Finally, OpenDS schema files have a .ldif extension and only this extension is considered when loading schema from the config/schema directory.

The following python script can be used to convert an OpenLDAP schema file to a format usable by OpenDS (as well as Sun Directory Enterprise Edition). The script also recursively expands the OID macro format used in OpenLDAP schema files.
For now, syntax definitions are currently ignored as they cannot be loaded in OpenDS as they require associated code.

Usage is quite simple: schema-convert.py -o result.ldif openldap-schema-file


Enjoy and don't hesitate to send feedback, suggestions for improvements.

Update on March 15: I've added support for name prefixed OIDs substitution as suggested by Martin Gwerder.

Update on April 9: OpenDS schema files uses the .ldif extension, and only files with this extension are loaded by the server from the config/schema directory.

Update on July 31: Now checking and removing quotes around Sup or Syntaxes values.


#!/usr/bin/env python
# encoding: utf-8
"""
schema-convert.py

# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License, Version 1.0 only
# (the "License").  You may not use this file except in compliance
# with the License.
#
# You can obtain a copy of the license at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE
# or https://OpenDS.dev.java.net/OpenDS.LICENSE.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at
# trunk/opends/resource/legal-notices/OpenDS.LICENSE.  If applicable,
# add the following below this CDDL HEADER, with the fields enclosed
# by brackets "[]" replaced with your own identifying information:
#      Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#
#      Copyright 2009 Sun Microsystems, Inc.

Created by Ludovic Poitou on 2009-01-28.

This program converts an OpenLDAP schema file to the OpenDS schema file format.
"""

import sys
import getopt
import re
import string

help_message = '''
Usage: schema-convert.py [options] <openldap-schema-file>
options:
\\t -o output : specifies the output file, otherwise stdout is used
\\t -v : verbose mode
'''


class Usage(Exception):
	def __init__(self, msg):
		self.msg = msg


def main(argv=None):
	output = ""
	seclineoid = 0
	IDs = {}
	if argv is None:
		argv = sys.argv
	try:
		try:
			opts, args = getopt.getopt(argv[1:], "ho:v", ["help", "output="])
		except getopt.error, msg:
			raise Usage(msg)
	
		# option processing
		for option, value in opts:
			if option == "-v":
				verbose = True
			if option in ("-h", "--help"):
				raise Usage(help_message)
			if option in ("-o", "--output"):
				output = value
		
		
	except Usage, err:
		print >> sys.stderr, sys.argv[0].split("/")[-1] + ": " + str(err.msg)
		print >> sys.stderr, "\\t for help use --help"
		return 2
	try:
		infile = open(args[0], "r")
	except Usage, err:
		print >> sys.stderr, "Can't open file: " + str(err.msg)
	if output != "":
		try:
			outfile = open(output, "w")
		except Usage, err:
			print >> sys.stderr, "Can't open output file: " + str(err.msg)
	else:
		outfile = sys.stdout
	outfile.write("dn: cn=schema\\n")
	outfile.write("objectclass: top\\n")
	outfile.write("")
	for i in infile:
		newline = ""
		if not i.strip():
			continue
		#if i.startswith("#"):
		#	continue
		if re.match("objectidentifier", i, re.IGNORECASE):
			# Need to fill in an array of identifiers
			oid = i.split()
			if not re.match ("[0-9.]+", oid[2]):
				suboid = oid[2].split(':')
				IDs[oid[1]] = IDs[suboid[0]] + "." + suboid[1]
			else:	
				IDs[oid[1]] = oid[2]
			continue
		if seclineoid == 1:
			subattr = i.split()			
			if not re.match("[0-9.]+", subattr[0]):
				if re.match (".\*:", subattr[0]):
					# The OID is an name prefixed OID. Replace string with the OID
					suboid = subattr[0].split(":")
					repl = IDs[suboid[0]] + "." + suboid[1]
				else:
					# The OID is a name. Replace string with the OID
					repl = IDs[subattr[0]]
				newline = string.replace(i, subattr[0], repl, 1)
			seclineoid = 0
			
		if re.match("attributetype ", i, re.IGNORECASE):
			newline = re.sub("attribute[tT]ype", "attributeTypes:", i)
			# replace OID string with real OID if necessary
			subattr = newline.split()
			if len(subattr) < 3:
				seclineoid = 1
			else: 
				if not re.match("[0-9.]+", subattr[2]):
					if re.match (".\*:", subattr[2]):
						# The OID is an name prefixed OID. Replace string with the OID
						suboid = subattr[2].split(":")
						repl = IDs[suboid[0]] + "." + suboid[1]
					else:
						# The OID is a name. Replace string with the OID
						repl = IDs[subattr[2]]
					newline = string.replace(newline, subattr[2], repl, 1)
				
		if re.match("objectclass ", i, re.IGNORECASE):
			newline = re.sub("object[cC]lass", "objectClasses:", i)
			# replace OID String with real OID
			subattr = newline.split()
			if len(subattr) < 3:
				seclineoid = 1	
			else:
				if not re.match("[0-9.]+", subattr[2]):
					if re.match (".\*:", subattr[2]):
						# The OID is an name prefixed OID. Replace string with the OID
						suboid = subattr[2].split(":")
						repl = IDs[suboid[0]] + "." + suboid[1]
					else:
						# The OID is a name. Replace string with the OID
						repl = IDs[subattr[2]]
					newline = string.replace(newline, subattr[2], repl, 1)

		# Remove quoted syntax.
		if re.search("SYNTAX\\s'[\\d.]+'", newline):
			# Found a quoted syntax in an already updated line
			newline = re.sub("SYNTAX '([\\d.]+)'", "SYNTAX \\g<1>", newline)
		else:
			if re.search("SYNTAX\\s'[\\d.]+'", i):
				# Found a quoted syntax in the original line
				newline = re.sub("SYNTAX '([\\d.]+)'", "SYNTAX \\g<1>", i)

		# Remove quoted SUP
		if re.search("SUP\\s'[\\w\\-]+'", newline):
			# Found a quoted sup in an already updated line
			newline = re.sub("SUP '([\\w\\-]+)'", "SUP \\g<1>", newline)
		else:
			if re.search("SUP\\s'[\\w\\-]+'", i):
				# Found a quoted sup in the original line
				newline = re.sub("SUP '([\\w\\-]+)'", "SUP \\g<1>", i)

		# transform continuation lines with only 2 spaces
		if re.match("  +|\\t", i):
			if newline != "":
				newline = "  " + newline.strip() + "\\n"
			else:	
				newline = "  " + i.strip() + "\\n"
			
		if newline != "":
			outfile.write(newline)
		else:
			outfile.write(i)

	outfile.close()
if __name__ == "__main__":
	sys.exit(main())

Technorati Tags: , , , , , , ,

Thursday Feb 19, 2009

Directory Masters will meet again this year...

View from Sun GECAs last year, Directory Experts from all over the world will meet again in the Grenoble Engineering Center, France, on April 1st - 2nd, 2009 and later in Sun facilities in Somerset, NJ, USA on April 29th - 30th, 2009.

The Directory Masters Event brings together a highly technical community of experts in the Directory space, to share the product knowledge and best practices, enabling sales and deployments of the Sun Directory Server Enterprise Edition and Sun OpenDS Standard Edition products. This event is opened to Sun employees and Sun partners, more specifically to those in Pre-Sales, Sales and Service Delivery who are involved in the design, the architecture and the deployment of large or mission critical Directory services solutions.

During the 2 days event, experts will be presented and discussing the Sun Directory Services roadmap, DSEE 7.0 new features, OpenDS present and future, best practices, experience reports and much more.

The event is free of charge but sitting is limited. So if you're interested, eligible and not registered yet, do it now !
Send an email at dirMasters09 at sun dot com indicating your name, title, company and/or organization, and of course which event you would like to participate in.

Location Details

  • Event Date: April 1-2, 2009

Location: Grenoble, France

Address: Sun Microsystems
Grenoble Engineering Center

180 Avenue de l'europe, Inovallee
38334 Montbonnot cedex.
France.

  • Event Date : April 29-30, 2009.

Location: Somerset, NJ, USA

Address: Sun Microsystems Inc.
400 Atrium Drive
Somerset, NJ 08873
U.S.A

Technorati Tags: , , ,

Wednesday Jan 21, 2009

OpenDS Tips: Disabling Schema checking

Opends Logo TagWhen you install OpenDS LDAP directory server, the server is configured to verify that newly-written or added entries conform to the directory server's schema (and therefore conform to the LDAP standards).

If you intend to run a reliable service with OpenDS, and provide interoperability between multiple LDAP clients, you should not change this setting. But sometime, developers need to quickly test LDAP with existing data and don't have the complete definition of the schema, or don't have time to deal with loading the proper schema. Then, the quick option is to disable schema checking.

This can be done using the dsconfig advanced mode, and the global configuration option check-schema.

dsconfig set-global-configuration-prop \\
--set check-schema:false \\
--hostname localhost \\
--trustAll \\
--port 4444 \\
--bindDN cn=Directory\\ Manager \\
--bindPassword \*\*\*\*\*\* \\
--no-prompt

There are 2 other properties that can be tuned for a finer grain control of schema checking:

  • invalid-attribute-syntax-behavior: controls whether the syntax of the attribute values are checked when adding, modifying entries.
  • single-structural-objectclass-behavior: controls how the server should behave if an attempt is made to add or modify an entry with more than one structural objectclass.

You can find more details on schema checking on the OpenDS documentation wiki and more specifically at https://www.opends.org/wiki/page/HowToExtendTheLDAPSchema#section-HowToExtendTheLDAPSchema-ConfiguringSchemaChecking

Technorati Tags: , , ,

Tuesday Jan 20, 2009

OpenDS QA Lead makes the front page on Java.net

The article published by Gary Williams, QA lead for the OpenDS project, and Marina Sum, technical writer for Sun Developers Network, has been picked by Java.net and promoted on the front page.

QA for OpenDS Article on Java.Net front page

Nice work Gary and Marina !

Technorati Tags: , , , , , , ,

About

This is the blog of a senior software engineer, specialized in LDAP, Directory Server and OpenDS. Ludovic Poitou works in France at the Grenoble Engineering Center, in the Directory Services Engineering team. Outside work, I love skiing and taking photo

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today