Friday Apr 24, 2009


Yesterday, Ludo did a presentation for the Glassfish Aquarium project at Sun who use USTREAM to broadcast their content to anyone interested in engaging with the team via this medium.  The content is interesting and this is a better way to make presentations more engaging as not only do they provide the video feed but also a twitter mashup for interactive feedback from the audience.  If you agree and want to see additional innovators using the internet to engage with their community members in a more engaging way then you should check out Leo Laporte on  I have been following the work that Leo Laporte has been doing with FLOSS, MacBreakWeekly and SecurityNow where he is innovating how to provide video content via the web.  He has in effect created his own broadcasting company.  SecurityNow has done some recent podcasts on the conflicker worm and the recent cyberespionage that has been in the news which is interesting and informative.  

For those of you that missed Ludo's presentation on OpenDS.  Here is the video.

Tuesday Mar 31, 2009

OpenDS in One Image

What is it like working on an open source project?  A lot of people wonder how does it differ.  The nightly builds, the open nature of communication and involvement, the external contributors and the community managers like Ludo Poitou make it a very dynamic environment.  The best way to understand it is to watch this great video that Ludo put together that represents the last three years of activity.  

Thanks Ludo:

Sunday Mar 01, 2009

Join OpenDS and OpenSSO at Community One EAST

March is going to be an exciting month with a number of events to help make it fun by joining us at one of the events listed below.  The month get's started with an Unconference in New York sponsored by the OpenSSO team.  The OpenDS team will be there as well leading a discussion on using LDAP and OpenDS as an identity repository.  The event is free and only requires you to sign-up at  Here is the link and you can see how many people are attending.  As of tonight there were 54 attendees.  Sign-up here.

At the wiki page for the event you can add topics that you would like to discuss.  There is already a suggested list that includes a presentation by Ludo on OpenDS as a datastore.  You can access the wiki here.

Saturday Jan 17, 2009

Identity Security Webinar Wednesday, Jan. 21: OpenSSO and OpenDS in One Powerful Solution

There is a great webinar being offered on Wednesday, Jan. 21 which you may have missed the announcement because of all the excitement about the Inauguration and Martin Luther King Holiday in the US.  Daniel Raskin, Product Line Manager OpenSSO, and Jamie Nelson, Director of Engineering for OpenSSO, will be talking about the current release as well as the plans for the next release of OpenSSO Express.  There are already 200 registrants and there is a cap at 250 so register now so you don't get left out!

The Directory crowd should be interested as well, because OpenDS is bundled with OpenSSO and is used as OpenSSO's policy store and can be leveraged as a user store as well.  Here are the details:

Sun Software Webinar:
See how Sun's OpenSSO Enterprise provides a single solution for Web access management, federation, and Web services security.

Join Sun for a live webinar on one of today's most exciting aspects of identity management! During this session, we will discuss OpenSSO innovation and how it pushes access management, federation, and secure Web services capabilities to a new level. Learn how to solve challenges around these capabilities with a single solution.

Event:  Access Management, Federation, and Secure Web Services with OpenSSO Enterprise
Date:  Wednesday, January 21, 2009
Time:  10:00 am PST / 1:00 pm EST

» Register Now

This webinar will be presented by Sun's OpenSSO experts: Daniel Raskin, the senior product line manager, and Jamie Nelson, the director of engineering.
We hope that you can join us!

If you have any questions or feedback, please send a message to

Thank you,
Sun Microsystems, Inc.

Thursday Jan 08, 2009

OpenDS--Open Source Improves Quality in Software Development

Gary Williams, a staff engineer and the QA lead of OpenDS, published a great article with Marina Sum on the topic of how working on an open source software project has improved quality in product development.  The process is without challenges which he outlines in the article as well.  However, he also gives great detail about the test harness that is used, the amount of automation and community involvement to address the challenges and get high quality product in community hands more frequently.  The full article is available on the Sun Developer Network here

These are the types of processes that quality open source projects do as a part of the project development process.  Indira Thangasamy, produced a similar article on how they approach QA within the OpenSSO project.  As companies evaluate other open source projects, especially in these challenging economic times where cost reduction provide stronger rational's to consider starting projects using open source software.  The quality approach of communities becomes an important differntiator as companies use open source in production and customer facing systems.

Here is a quick overview of the test harness used on OpenDS:

We use open-source, Java platform-based test tools, such as the following, not only to demonstrate our support for open source but also to ensure that they are accessible to everyone:

Here are a couple of other highlights:

  • Unit Testing and Automation:  "Testing starts in the programming phase with unit tests, which verify that the code works as intended and which must exist for all features. Today, we run 30,000 automated unit tests daily on different Java virtual machines. No code can be integrated without satisfying the precommit requirements."
  • Code coverage — With open-source EMMA, we find out the number of code lines, blocks, methods, and classes that are exposed by the unit and functional tests. Part of that information pinpoints the amount of the code tested as a percentage of the total, defining if we've met the quality criteria. We also define which areas of the code are not tested, called coverage holes, and create new tests to fill them.
  • Feature coverage — OpenDS delivers features that customers want, that is, customer requirements. Each feature is recorded as an issue in the Issue Tracker, a tool that monitors defects. This data tells us the state the features are in and their status: Ready for Test or Tested.
  • Documentation coverage — To ensure that the documentation is reviewed according to the test plan, we adopt a two-phase documentation review process: a technical review of the content followed by a formal QA review. Like the product features, the documentation is divided into categories—books, chapters, and sections—that are recorded in the Issue tracker. Through this coverage, we measure the percentage of the documentation reviewed over time and identify the reviewers and review status.
  • Defect rates — This is a traditional measure. The goal is to have no high-priority bugs open at release time. Our Bug Council constantly studies the defects and assesses the risks to customers. We also plot simple graph trends to gauge how well the project is converging.

Thanks to Gary and Marina for publishing this article and allowing the community to learn from your experience. 

Thursday Dec 11, 2008

OpenDS 1.1.0-Build003 is now available

The OpenDS Team released the latest build of OpenDS which is 1.1.0 Build003.  You can read his blog summarizing the release here.  If you haven't tried the new console that provides tools to create, edit and manage users and schema in an OpenDS instance. 

Here is a list of the major updates, which I borrowed from Ludo's blog.

  • Revision 4591 (Issue #3571) - Adjust the Control Panel to reflect changes to the windows service configuration.
  • Revision 4592 (Issue #3566) - Increase the timeout of the windows service and make it configurable.
  • Revision 4593 (Issue #3564) - Fix a problem that caused make-ldif to fail with a "Permission denied" message.
  • Revision 4594 (Issue #3569) - Amend the dsconfig command to handle multi-valued properties correctly.
  • Revision 4595 (Issue #3567) - Various fixes to the persistent search mechanism.
  • Revision 4598 (Issue #3580) - Fix a Java exception in the control panel when accessing cn=backup.
  • Revision 4601 (Issue #3572) - Fix an issue where adding a local backend with dsconfig resulted in a number of erroneous messages printed to the error log.
  • Revision 4602 (Issue #3582) - Fix a failure in the --revert option of the upgrade.
  • Revision 4605 (Issue #3585) - Change the network group time/size limits to have no default value.
  • Revision 4616 (Issue #3567) - Additional fixes to the persistent search mechanism.
  • Revision 4621 (Issue #3587) - Refresh the index tab of the control panel after rebuilding indexes.
  • Revision 4622 (Issue #3588) - Control Panel : make all Base DNs available for VLV index creation.
  • Revision 4623 (Issue #3589) - Control Panel : fix an error raised at new vlv index creation.
  • Revision 4632 (Issue #3596) - Control Panel : reset data fields when opening the New Base DN window.
  • Revision 4633 (Issue #3599) - Control Panel : new schema object panels were not refreshed.
  • Revision 4634 (Issue #3603) - Control Panel : the manage schema function included other files.
  • Revision 4637 (Issue #3611) - Control Panel : fix an exception raised when refreshing the backups directory.
  • Revision 4638 (Issue #3612) - Control Panel : fix the value of the "Java Home" variable in the "Java Settings" panel.
  • Revision 4639 (Issue #3613) - Control Panel : fix incorrect output messages when deleting a subtree.
  • Revision 4641 (Issue #3614) - Control Panel : fix restore failure when the available backup was a directory.
  • Revision 4643 (Issue #3616) - Control Panel : add the missing --useSSL option.
  • Revision 4645 (Issue #3620) - Control Panel : add the missing --noPropertiesFile option to the command-line equivalents.
  • Revision 4647 - Add the standard schema files necessary for OpenSolaris LDAP naming services.
  • Revision 4648 (Issue #3622) - Control Panel : change the object class sort to be case insensitive
  • Revision 4649 (Issue #3622) - Control Panel : sort all the elements in the schema panels without taking case into account.
  • Revision 4650 (Issue #3623) - Control Panel : refresh the Matching Rules used by the attributes panel.
  • Revision 4652 (Issue #3618) - Control panel : View All Base DS's generated SEVERE ERRORS.
  • Revision 4659 (Issue #3547) - Fix an issue that prevented persistent searches from being abandoned.
  • Revision 4682 (Issue #3481) - Change the permissions on the password file generated by setup/quicksetup.
  • Revision 4697 - Implement a new ACI bind rule keyword "ssf" that allows users to control the level of access based on the security level of the connection.
  • Revision 4703 - Provide suppport for SMF for SVR4 packages.

Tuesday Nov 04, 2008

OpenDS Blogger Review, OpenDS and OpenSolaris

The monthly OpenDS Community call happened today.  It was a great call with insight into the upcoming inclusion of OpenDS in OpenSolarisOpenDS can be installed on OpenSolaris today but what is new is that it will be available in the new OpenSolaris application repository. I have blogged before on the importance of user experience in software. This is especially important for infrastructure sotware as it increases adoption, reduces training and maintenance costs and most importantly is "the right thing to do" when building product.  The inclusion of OpenDS in the OpenSolaris repository will improve the overall user experience of acquiring and using the software on this important platform for developers and enterprises.  Additionally, the team talked about the latest release and inclusion of the new console. 

In addition to all of the above, I came across the  following review by CS Connell who was comparing OpenDS to several other LDAP directory solutions.  Although his analysis is not comprehensive, the blog post does a nice job of illustrating his analysis of several different solutions against his business and technical requirements. Here are some of the highlights:

 "From an install standpoint, OpenDS seemed quite a bit easier to me, even though I had never seen it before."

"However, one feature that I very much liked (and we need) from OpenDS was virtual attributes, specifically isMemberOf. "

"In the end though, I just felt OpenDS was easier, and would certainly be more straightforward for someone without much backround in the technology .. and it had the nifty isMemberOf attribute we wanted"

He also posts some initial performance testing results.  Although, I can't confirm or properly comment on his results I will leave conclusions up to you.  We will be posting some testing results of our own on OpenDS shortly to give you some additional information.  

OpenDS Monthly Call Tuesday November 4th, 2008, 9am PST, 6pm CET, 5pm GMT.

There are great things happening in the OpenDS project.  Last week the team released a major update to the code.  The release also contained a great new console to manage schema, edit entries, etc.  I will blog more about this later in the week.  

Additionally, Ludo is having his monthly call this morning to go over the new release and discuss some upcoming feature's.  Hopefully, you can join the call.  Here are the details.

Dear OpenDS users and developers,

Please join us on the phone for the next OpenDS monthly public  
meeting, Tuesday November 4th, 2008, 9am PST, 6pm CET, 5pm GMT.

On the agenda for this month meeting, we will review the current  
status of OpenDS 1.1, do an update on the roadmap and will present in  
details the changes that being integrated in OpenDS to be able to  
integrate it as part of OpenSolaris. These changes include SVR4  
packages, additional features with SASL authentication, SMF support,  
separation of binaries and data...

The call in details can be found here.

Tuesday Jul 29, 2008

Sun OpenDS Standard Edition 1.0 Released

Sun OpenDS TM Standard Edition (SE) 1.0 is the newest member of the Sun Directory Server family of products. This directory server includes an LDAP core that is designed for easy installation, embedding, and configuration. 

Sun OpenDS SE 1.0 is a high-performance, highly-extensible, pure Java directory server that delivers a fully compliant LDAPv3 server that passes all of the compliance, interoperability and security tests suites. Furthermore, Sun OpenDS SE 1.0 implements most of the standard and experimental LDAP extensions defined in the IETF as RFCs or Internet-Drafts, ensuring maximum interoperability with LDAP client applications.

With a limited footprint allowing the server to be embedded in other Java applications, Sun OpenDS SE 1.0 has a very rich set of APIs making it easy to extend and increase usage scope.

Sun OpenDS SE 1.0 also supports a multi-master replication model that guarantees the high availability of the data for all operations, searches or updates. While theoretically unlimited with regards to the number of masters, the Sun OpenDS SE 1.0 server has been stressed under heavy and durable load with 4 Masters.

Sun OpenDS SE 1.0 is based on the open source community project OpenDS that is constructing next generation directory service software. The initial effort is led by Sun and the primary contributions are by Sun employees, but the goal is to attract developers and other interested parties from around the world. Sun OpenDS SE is the Sun commercial offering based on this project.  

You can find out more information about Sun OpenDS SE 1.0 commercial release at:



This blog provides information regarding the Oracle Directory Server Enterprise Edition and Oracle Unified Directory products. Use this blog to get the latest breaking information regarding releases and updates plus other technical and non-technical information.


« April 2014