Tuesday Jan 19, 2010

DSEE 7 Reduces Cost of Storage Using F-20 PCI Flash Drives

DSEE 7 launched in November and just after Christmas a couple of our Directory experts in the community at Sun took it for a test drive on the new F-20 PCIe flash drives at Sun.  The results confirmed the internal testing we did in the improved performance in import times, the reduction in Directory footprint due to compression and the overall performance improvements for DSEE 7.   This is critical for our customers because it will allow them to take advantage of growth in their business while bending the operational cost curve for their system. In some organizations, their operational budget is their biggest line-item so being able to meet growth targets while also addressing the time, cost and complexity of servicing the environment can release capital for investment in new product development.  

The team that did this great work has agreed to share the results of their testing in a series of blog articles over the next week.  The first article will be presented tomorrow by Brad Diggs, Principal Field Technologist.  Here are just a few highlights from the results that Brad will share tomorrow on compression:

  • The storage footprint was reduced by as much as 66%.
  • We were able to cache greater than 50% more entries into the filesystem cache.
  • Compression almost completely negated average entry growth that is due to the natural addition of operational attributes and replication metadata over time.
  • The nsslapd-db-page-size could be smaller and more consistent with entry growth over time. 

The other team members will be sharing insights that they learned during the testing so I encourage you to bookmark these blog's and take a look over the next couple of weeks.  The team will be sharing not only the results but the lessons learned.  One of the blog articles will discuss tuning to get better import times as well as how to set-up your own SLAMD environment to test your Directory infrastructure.  Please bookmark the following blog locations to see the results:

Brad Diggs, Principal Field Technologist, here
Ludo Poitou,  OpenDS Community Manager, here
Mark Craig, Directory Integration Team Manager, here
Wajih Ahmed,  Principal Field Technologist, here
Nick Wooler, Directory Server Product Line Manager, here

As you look at your business goals for 2010 and are looking for ways to meet your growth goals while keeping your costs under control then take another look at Directory Server 7.  Does your Directory Server provide you with the proven performance and continued innovation as Sun Directory Server Enterprise Edition 7? 

Wednesday Dec 16, 2009

Sun OpenDS Standard Edition 2.2 Released

Sun OpenDS TM Standard Edition (SE) 2.2 is an updated version of newest member of the Sun Directory Server family of products. It includes an LDAP core that is designed for easy installation, embedding, and configuration as well as a new Directory Proxy Server for load-balancing, high availability and data distribution.

Sun OpenDS SE 2.2 is a high-performance, highly-extensible, pure Java directory server that delivers a fully compliant LDAPv3 server that passes all of the compliance, interoperability and security tests suites. Furthermore, Sun OpenDS SE 2.2 implements most of the standard and experimental LDAP extensions defined in the IETF as RFCs or Internet-Drafts, ensuring maximum interoperability with LDAP client applications.

With a limited footprint allowing the server to be embedded in other Java applications, OpenDS has a very rich set of APIs making it easy to extend and increase usage scope.

Sun OpenDS SE 2.2 also supports a multi-master replication model with optional assured replication that guarantees the high availability of the data for all operations, searches or updates. While theoretically unlimited with regards to the number of masters, the Sun OpenDS SE 2.2 server has been stressed under heavy and durable load with 8 Masters.

This 2.2 version significantly increases performance both in read and write, making it one of the most efficient commercial directory servers available.

Sun OpenDS SE 2.2 is based on the open source community project OpenDS that is constructing next generation directory service software. The initial effort is led by Sun and the primary contributions are by Sun employees, but the goal is to attract developers and other interested parties from around the world. Sun OpenDS SE is the Sun commercial offering based on this project.  

You can find out more information about Sun OpenDS SE 2.2 commercial release at:


Friday Nov 13, 2009

Identity in Healthcare Webinar Nov. 18

The  Sun Identity Management team will be giving a webinar next Wednesday to discuss the very important topic of Identity Management and healthcare.  As the healthcare legislation moves through congress the increase of 36M patients on healthcare providers, insurance companies, and patients will be profound.  The cost savings projected by the bills will rely on IT systems to provide increased access to information to drive productivity gains.  As we have seen with recent high profile identity security breeches at hospitals identity security is critical in making sure the right people have access to the appropriate information, that information must be shared with all members of the value chain securely.

Sun's Identity Management Suite provides a powerful package of solutions to help with storing identity information with Directory Server Enterprise Edition;  managing authorization, federation and web services security with OpenSSO; providing provisioning solutions with Identity Manager; and, defining and managing role based access control with Role Manager.

Join this free Webinar to learn how Sun's identity management solutions can help your organization to:

  • Automate management of digital identities for other providers, patients, physicians, clinicians, and payors Provide single sign-on (SSO) and secure federated access to privacy-regulated healthcare information while adhering to strict mandates
  • Enable delegated, self-service password management
  • Comply with the Health Insurance Portability and Accountability Act (HIPAA), internal security policies, and corporate governance policies with complete auditing and reporting capabilities

Sun identity management solutions make it easier for healthcare organizations to manage and share digital information.

Register here.

Topic: Topic: Sun Webinar Series - Identity Management for Healthcare
Date: Wednesday, November 18, 2009
Time: 10:00 am PDT / 1:00 pm EDT / 19.00 CET (check my timezone)
Duration: 1 hour

Sun Product Manager Suresh Sridharan

Monday Nov 02, 2009

Farewell to a Directory Hero

This weekend the Directory Community said goodbye to a true hero, Don Bowen.  Many on the Directory Team at Sun had the pleasure of working with Don and will miss his energy and enthusiasm for life, technology and his family.  Our condolences go out to his family.  We will miss you Don!

 You can read more or leave a comment for his family here!  

Thursday Oct 22, 2009

What's New In Directory Server Enterprise Edition 7?

Yesterday, Neil Ghandi, Matt Hamlin, Etienne Remillon and Nick Wooler gave a quick overview of what is new in Directory Server Enterprise Edition 7 and Role Manager 5.  Here are just a few of the great highlights that were discussed during the presentation.  Of course, you can get the full video embeded below.  Lastly, if you are interested in seeing more events like this you can go to the webinar site here.  

You can download the slides here.  You can download the video here.

Friday Oct 16, 2009

Register for Webinar: What's New in DSEE 7 and Role Manager 5

Sun's Identity Team have been busy over the summer!  On Oct. 9, 2009 the Identity Management Team announced the release of Directory Server Enterprise Edition 7 and Role Manager 5.  Next Wednesday, Oct. 21 at 8:00am PT, Neil Ghandi (Role Manager Technical Product Manager) and Nick Wooler (Product Line Manager, Directory Services) will be giving an overview of some of the great features that exist in the new releases.  Here are a couple of highlights:

What's New with Directory Server EE 7.0

Boosts speed and performance: DSEE 7.0 has been optimized to improve performance of some operations by more than 3x the current version. In addition, this release provides hardware optimization with up to 60% improvement in authentications and modifications. 
Reduces Total Cost of Ownership– Reduce cost by using the only solution in the market that provides customers with a directory server, virtual directory, proxy server, web console and Active Directory synchronization tool-kit under a single license.
Hassle Free Upgrade – DSEE 7.0 provides a simple upgrade path and provides 5x performance improvement in data import times, thereby reducing migration costs.
What's New with Role Manager 5.0
360 Degree View of Assigned Access – A unified view of data related to user access that empowers reviewers to make more         intelligent decisions concerning users access.
Closed-loop Remediation – A complete end-to-end solution for reviewing user access and removing inappropriately assigned access.
Rule Life-cycle Management – The first solution for managing the complete life-cycle of role assignment and SoD audit rules.

Interested in hearing more? Interested in hearing more about the release and what business problems it solves for your enterprise?  Register here for the Webinar here:

Topic: Improve Compliance, Access Controls, and Performance with Sun's Latest Releases of Role Manager and DSEE
Date: Wednesday, October 21, 2009
Time: 10:00 am PDT / 1:00 pm EDT / 19.00 CET (check my timezone)
Duration: 1 hour

 Sun Product Managers: Neil Gandhi and Nick Wooler


 Register Here

Wednesday Sep 02, 2009


Our very own, Ludo Poitou will be presenting with other luminaries in the identity industry at The 2nd.International conference on LDAP, LDAPCon 2009 will be held on September 20th and 21st at Waterfront Marriot Hotel , Portland OR, USA.

LDAP is gaining renewed attention as the identity repository for enterprise, telco's, global partner networks, healthcare and education institutions.  The LDAP repositories have been faced with massive growth over the last five years and the performance and availability they have come to rely upon is being tested. New requirements driven by the growth of users, the explosion of security requirements imposing more "writes" and the access to web services security and policies are forcing LDAP experts to look at new innovations.

You should attend, if you want to be apart of hearing how LDAP experts are innovating and addressing these business and technical challenges.  If you haven't registered yet, please register NOW here!

The registration fee includes access to the LinuxCon 2009 (Sep 21 - 23), and if you still need to be convinced that it's worth attending, you can check the agenda here.

Thursday May 14, 2009

Our Vote for iPhone App of Year: LDAP App Could Save You 1.43 FTE in Productivity

At this very moment, every company on the planet is trying to find ways to reduce cost.  A creative and innovative member of the Directory Server team at Sun has come up with a way to do just that using the iPhone and LDAP.  Ludo's blog post located here, provides a great overview of the technical detail (what tools, platform, etc.) so please read it for more detail on how Anton put this solution together.  Let's focus on the business angle of this important innovation using LDAP.  Again, we hope David Kearns is reading because this is really what "Pimping Your Directory" is all about.

More and more companies are having to support mobile workforces or employees that work a portion of their time at home.  Sun has been one of the leaders in this space.  Not only does it improve productivity but it gives knowledgeworkers more empowerment thus improving their quality of work and life and thus loyalty to the company that employs them.  However, the tools that support these workers have been slow to catch-up.  Company Directories are a good example.  How many times do employees call the 1-800 number to get an employee number to make a phone call on the road?  As a consultant, I used to do this all the time.  As a Sun employee, I have used this feature more than once while traveling to different trade shows, between offices, etc.  This ties up valuable resources who could be routing real customer calls! I have realized this paradox but when you have to get something done you go through the path of least resistance.  And, let's face it voice portals have not replaced human beings in either efficiency or effectiveness.

Here is where the innovator at Sun, Anton Bobrov, filled the gap. The Sun IT and Directory Teams recognized this gap a long time ago and placed a limited version of the employee directory outside the firewall.  It is a great tool if you have a web browser and don't want to VPN into the network.  However, Anton realized there was a better solution via the iPhone.  He has developed an iPhone App that is an LDAP browser that allows employees to connect to this Directory outside the firewall and quickly search, find an employee and make the phone call from one device.  My vote for iPhone App of the Year would be for the LDAP app by Zen and our very own Anton Bobrov. 

The Business Case

So hypothetically, using Company A with 33,000 employees as an example, imagine 5% of employees have an iPhone.  Imagine that same 5% make one phone call a week or 52 calls per year to the 1-800 number to get a phone call.  Imagine each call takes 2 min of productivity away from the call center employee then this simple application could save approximately 2,860 hours.  Put another way this is 1.43 FTE per year worth of productivity.

Number of Employees

 33,000 Employees 

Percent that have iPhone

 5% Employees 

Number of Employees with iPhone

 1,650 Employees 

Number of calls made per year to 1-800 per week by one employee
 52 calls per year per employee
Total number of calls made in a year
 85,800 calls per year
Total number of hours taken (avg time per search 2 min)  2,860 hours
 Number of Employees Needed to Cover this Task (50 weeks \* 40 hours)  1.43 FTE's

Please see Ludo's blog for more detail on how the app works and what Anton did to build it.  His bog is located here.

ZEN Directory App for iPhoneZEN Directory App for iPhone and iTouch

How do you get it?

Go to the App Store and seach "LDAP".  You want to download the Zen version for $3.99.  Refer to the cost savings table above if you balk at the price.  Here are the configuration details for Sun's directory, as described in Ludo's blog here.

Here's the settings that I've used (once you've installed the Directory application, there is a "Directory" section in the Settings application).

Identity: cn=John Smith (12345),ou=people,dc=sun,dc=com
[your Sun ID should be enclosed in brackets and watch the spaces]
Password: My Sun password
LDAP: book.sun.com
(Keep the remaining untouched).

How do I get one for my company?

If you are employee at a company that has a large mobile workforce you should show this blog post to an IT Director, Call Center Director, or someone who can make this project happen.  This is a quick win for most companies in improving productivity.  You can use DSEE or OpenDS with replication to create the directory instance outside the firewall.  Publish a configuration guide for employees and start improving productivity.

Tuesday May 12, 2009

450,000 LDAP Operations per Second

Benoit Chaffanjon did an interesting "Benchmarketing" (you have to read his blog to understand why he calls it that) that showed Directory Server Enterprise Edition may be able to support 450,000 + LDAP operations per second.   The benchmarketing was done on a Sun Blade 6000 using the Intel Xeon x5560 on OpenSolaris.  All the gory details can be read in Benoit's blog here.  This is mind-blowing when you consider the cost of transaction per second and also what this might look like on an SSD.  We are doing some further testing as Mark Craig mentions in his blog not only to validate these amazing results but also to confirm the performance using OpenSSO and on a SSD.

You can Try It by clicking button below:

Here is one table taken from Benoit's blog

Modify Operations Performed  




Std Dev

Corr Coeff






Modify Time (ms)  

Total Duration

Total Count

Avg Duration

Avg Count/Interval

Std Dev

Corr Coeff







Search Operations Performed  




Std Dev

Corr Coeff






Initial Search Time (ms)  

Total Duration

Total Count

Avg Duration

Avg Count/Interval

Std Dev

Corr Coeff







Subsequent Search Time (ms)  

Total Duration

Total Count

Avg Duration

Avg Count/Interval

Std Dev

Corr Coeff







You can Try and Buy one of these machines today. 

Monday May 11, 2009

Directory Server Webinar: Reduce Identity Sprawl and Improve Enterprise Performance

The team is back from our successful trip to the European Identity ConferenceLudo and Mark Craig did a great job on the Identity Bus and Virtual Directory panels.  We will have more about this later in the week.  

We wanted to pass along a quick note about an upcomming webinar on Directory Services which will be held May 20.  The webinar will cover how to reduce cost and improve the speed and performance of your enterprise using directory services.  The conversation will go over the following:

  • How to use save cost by consolidating identity sprawl in your enterprise
  • How to meet agressive time-lines on a merger and acquisition
  • How to federate faster with virtual directories

If you are interested, please sign-up here.  Even if you are not able to attend, registering will give you access to the replay.

Oh, and that is not Craig MacDonald in the picture to the right.  We got this from a very talented photographer in the Creative Commons here.

Wednesday May 06, 2009

Directory Experts Speak at European Identity Conference

Ludo Poitou and Mark Craig from Sun Microsystems will be a part of two illustrious panels at the European Identity Conference today.  Ludo will be a part of the panel talking about the Identity Bus which is a topic that Felix Gaethens, Kim Cameron, and David Kearns talked about last year.  The discussion should be interesting becasue Sun has some of the products necessary to create the "identity bus" today through OpenDS, DSEE, Virtual Directory, OpenSSO, Identity Manager Connectors, and Netbeans,  You don't need all of these to create the bus but a standards based way of storiing and accessing identities and then leveraging them via other applications or into the cloud are all possible using the tools at Sun.

Mark Craig will be joining Oracle, Radiant Logic and Symlabs in talking about Virtual Directories and their importance to Directory Services.  Sun includes it's virtual directory features as a part of it's core product and license so all customers who use DSEE 6.3 today have a virtual directory already as a part of their license.  Mark will be explaining how customers are using Virtual Directory to do data center consolidation, simplify mergers and acquisitions, and federate faster using Sun's Virtual Directory.

Thursday Mar 05, 2009

Are you a Directory Hero?

Are you a Directory Hero?  We want to know. 

In the last three months we have heard from several of you via the IRC chat on OpenDS.org at identity conferences or at user groups around the world about the great projects that leverage the innovations from the OpenDS community.  We have been able to share a few of the great stories via the blogs story site.  Everyone learns from hearing about the ways in which you are using LDAP in your organization.  It is this sharing in the open that makes being a part of an Open Source Software project exciting and a great learning experience. I am reminded of a truism "Share comes before success".

Therefore, we are annoncing a new opportunity for you to share your stories with us at Sun.  If you have deployed OpenDS and are using it please send us a story at the following email address.  Here are some suggested questions that you can answer.  Alternatively, blog or create a video about your implementation and send us the link.  We want to show our appreciation for sharing so for the top 30 stories we receive we will send you a free t-shirt.  Please include an address in your submission. 

Here is what to do:

  1. Step 1:  Download the questionaire.
  2. Step 2:  Answer the questions that apply to your deployment
  3. Step 3:  Create blog or videocast and post somewhere
  4. Step 4:  Share:  Send us the link at the email address above and include questionaire, link to your blog or video and an address for us to send the t-shirt.

Here is the suggested questionaire to guide you through what information the community would like to hear about your implementation.

Questions (Download here) and you don't have to answer them all:

  1. Can you tell us more about your company ?
  2. Can you tell us about the application, site, or service in which you have adopted OpenDS?   [ Note: this is where you can hopefully get some publicity for your  own business or project.  So consider including any hyperlinks,  screenshots, etc. that you would like for us to use in that context.  Also, are you embedding OpenDS in your application?]
  3. How and when did you first find out about OpenDS?
  4. Did you go through an evaluation process before selecting OpenDS? If so, can you tell us a little bit about the process and results?
  5. What specific version of OpenDS are you using?
  6. On what operating system do you run OpenDS? Do you use the same OS for both development and production deployment?
  7. On what hardware platform do you run OpenDS? Do you use the same platform for both development and production deployment?
  8. Have you purchased a OpenDS license? If not, have you thought about doing so and do you know it includes access to patches and sustaining releases (more details from http://wikis.sun.com/display/sunopends)?
  9. What specific features of OpenDS are you using?
  10. What do you like most about OpenDS?
  11. What would you most like to see improved in OpenDS?
  12. Does your application also use a database? If so, which one?
  13. Are there any figures about the scale of your adoption which you would like to share (such as how much traffic is being handled, how many entries are stored in OpenDS, how many servers are used)?
  14. How has OpenDS performed since your application/service went live? Have you run into any production issues which you would attribute to OpenDS?
  15. Would you recommend OpenDS to others? Why?
  16. How does OpenDS figure in your future plans?
  17. How would your describe your participation in the OpenDS project (e.g. user only, submitter of bug reports and RFEs, developer who has contributed code)?
  18. Is there anything else you think would be of interest in a story about your OpenDS adoption?

Wednesday Feb 25, 2009

Directory Server 6.3.1 Released: Download Today

Sun  Directory Server Enterprise Edition 6.3.1 released.

The 6.3.1 release is a patch to existing 6.x deployment that provides customers with a way to apply the latest fixes and updates found in Directory Server, Directory Proxy Server and Directory Server Control Center components in one installation event. 

Specifically,  the Directory Server 6.3.1 provides fixes to replication issues in mixed DS 5.2 and 6.x topologies, on Directory Proxy Server it improves support for Virtualization (Join and JDBC) and includes additional performance related improvements.  Furthermore this patch release improves overall quality and robustness of deployments.  You can read a consolidated view of all the fixes and updates contained in the release in the Release Notes located here.

It is available in the following forms:
  • Native patch - patches to upgrade Directory Server Enterprise Edition 6.0, 6.1, 6.2 and 6.3 native packages installed using the Java ES installer
  • Zip compressed archive distribution - patches to Directory Server Enterprise Edition 6.0, 6.1, 6.2 and 6.3 zip installations

Directory Server Enterprise Edition 6.3.1 patches are available through SunSolve Patchzip :

  • 126748-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : SunOS 5.9/5.10 Sparc patchzip
  • 126749-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : SunOS 5.9_x86 patchzip
  • 126750-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : SunOS 5.10_x86, x64 patchzip
  • 126751-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : Linux RHEL3 RHEL4 patchzip
  • 126752-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : HP-UX 11iv2 PA Risc patchzip
  • 126753-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : Windows 2000/2003 Server patchzip

Native Package :

  • 125276-08: Directory Server Enterprise Edition 6.3.1 : SunOS 5.9/5.10 Sparc Native Patch
  • 125277-08: Directory Server Enterprise Edition 6.3.1 : SunOS 5.9_x86 Native Patch
  • 125278-08: Directory Server Enterprise Edition 6.3.1 : SunOS 5.10_x86, x64 Native Patch
  • 125309-08: Directory Server Enterprise Edition 6.3.1 : Linux RHEL3 RHEL4 Native Patch
  • 125311-08: Directory Server Enterprise Edition 6.3.1 Windows MSI Native Patch

For the detailed information on what you need to install based on your current installation, refer to the Sun Java System Directory Server Enterprise Edition 6.3.1 Release Notes.

Directory Server Enterprise Edition
Marketing Team

Wednesday Nov 05, 2008

Gartner Identity Access Management Event, Nov. 10-13, Orlando, FL

Gartner Identity and Access Management conference is happening next week, Nov. 10-12 in Orlando, Florida.  This is a great event that brings together analysts, customers and vendors to share knowledge and experience on important topics that shape the Identity and Security industry.  The Directory Product Line Manager, Nick Wooler, will be attending with a few of other notable Identity Product Managers at Sun including: Daniel Raskin, OpenSSO; Nick Crown, Identity and Role Manager; Craig MacDonald, Identity Manager; and our fearless leader John Barco.

Come by and spend some time with your favorite Identity team.  On Monday, November 10 we will be watching Monday Night Football and talking identity in the Presidential Suite at the Gaylord Hotel at 9:00pm ET.  There will be great food, drinks and music as well as a few discussions about Identity.  We hope to see you there.

And, we will be having a few games of Identity Hero.  If you want to practice, check it out here.

Tuesday Nov 04, 2008

OpenDS Monthly Call Tuesday November 4th, 2008, 9am PST, 6pm CET, 5pm GMT.

There are great things happening in the OpenDS project.  Last week the team released a major update to the code.  The release also contained a great new console to manage schema, edit entries, etc.  I will blog more about this later in the week.  

Additionally, Ludo is having his monthly call this morning to go over the new release and discuss some upcoming feature's.  Hopefully, you can join the call.  Here are the details.

Dear OpenDS users and developers,

Please join us on the phone for the next OpenDS monthly public  
meeting, Tuesday November 4th, 2008, 9am PST, 6pm CET, 5pm GMT.

On the agenda for this month meeting, we will review the current  
status of OpenDS 1.1, do an update on the roadmap and will present in  
details the changes that being integrated in OpenDS to be able to  
integrate it as part of OpenSolaris. These changes include SVR4  
packages, additional features with SASL authentication, SMF support,  
separation of binaries and data...

The call in details can be found here.


This blog maintained by Etienne Remillon provides information regarding Oracle Unified Directory and Oracle Directory Server Enterprise Edition products. Use this blog to get the latest breaking information regarding releases and updates plus other technical and non-technical information.


« July 2016