Friday Nov 13, 2009

Identity in Healthcare Webinar Nov. 18

The  Sun Identity Management team will be giving a webinar next Wednesday to discuss the very important topic of Identity Management and healthcare.  As the healthcare legislation moves through congress the increase of 36M patients on healthcare providers, insurance companies, and patients will be profound.  The cost savings projected by the bills will rely on IT systems to provide increased access to information to drive productivity gains.  As we have seen with recent high profile identity security breeches at hospitals identity security is critical in making sure the right people have access to the appropriate information, that information must be shared with all members of the value chain securely.

Sun's Identity Management Suite provides a powerful package of solutions to help with storing identity information with Directory Server Enterprise Edition;  managing authorization, federation and web services security with OpenSSO; providing provisioning solutions with Identity Manager; and, defining and managing role based access control with Role Manager.

Join this free Webinar to learn how Sun's identity management solutions can help your organization to:

  • Automate management of digital identities for other providers, patients, physicians, clinicians, and payors Provide single sign-on (SSO) and secure federated access to privacy-regulated healthcare information while adhering to strict mandates
  • Enable delegated, self-service password management
  • Comply with the Health Insurance Portability and Accountability Act (HIPAA), internal security policies, and corporate governance policies with complete auditing and reporting capabilities

Sun identity management solutions make it easier for healthcare organizations to manage and share digital information.

Register here.

Topic: Topic: Sun Webinar Series - Identity Management for Healthcare
Date: Wednesday, November 18, 2009
Time: 10:00 am PDT / 1:00 pm EDT / 19.00 CET (check my timezone)
Duration: 1 hour

Sun Product Manager Suresh Sridharan

Monday Nov 02, 2009

Farewell to a Directory Hero

This weekend the Directory Community said goodbye to a true hero, Don Bowen.  Many on the Directory Team at Sun had the pleasure of working with Don and will miss his energy and enthusiasm for life, technology and his family.  Our condolences go out to his family.  We will miss you Don!

 You can read more or leave a comment for his family here!  

Thursday Oct 22, 2009

What's New In Directory Server Enterprise Edition 7?

Yesterday, Neil Ghandi, Matt Hamlin, Etienne Remillon and Nick Wooler gave a quick overview of what is new in Directory Server Enterprise Edition 7 and Role Manager 5.  Here are just a few of the great highlights that were discussed during the presentation.  Of course, you can get the full video embeded below.  Lastly, if you are interested in seeing more events like this you can go to the webinar site here.  

You can download the slides here.  You can download the video here.

Monday Oct 19, 2009

Beta Class for "Directory Server Enterprise Edition 7.0 Maintenance and Operations Class"

 Sun Learning Services will be holding a beta class for Sun Directory Server Enterprise Edition (Directory Server EE) 7.0 Administration training in San Francisco, CA, from Tuesday, December 1 through Friday, December 4, 2009. Tuition is waived and there will be no charge for your valued partnership in this review. However, participants are responsible for travel expenses, lodging and incidentals.

This course provides students with the opportunity to learn to perform routine maintenance and troubleshooting techniques, monitor and tune servers, create and manage multiple databases, and perform other tasks encountered in day-to-day operations of Directory Server EE 7.0.

Labs acquaint students with the tools included with Directory Server EE. Students should use them to perform tasks such as searching and modifying directory data, exporting and importing data, starting and stopping servers, and troubleshooting. Students should also migrate server versions, create multiple databases, configure servers for replication, and tune

This course focuses on maintenance and operations issues related to Directory Server EE rather than planning and design issues. For planning and design topics, refer to DIR-2217: Sun Java(TM) System Directory Server Enterprise Edition: Analysis and Planning. If you are already extremely familiar with Directory Server EE, this course probably covers topics you are already familiar with.

We are looking for attendees who will provide a lot of feedback about the class and how we can improve it. We want students who will ask a lot of difficult and annoying questions that we can't answer, do the labs and make them break, and beat up on the product.

PLEASE READ CAREFULLY: If you have specific in-depth needs, such as heavy-duty performance tuning or analysis, planning, and architecture, please be advised that this class will NOT meet those needs. If you are new or somewhat new to the product, and need to know how to install and administer the product, use the command-line interface and Directory Server Control Center console, use the logs, and know a little about directory proxy server, this class will be will be an ideal introduction.

PLEASE NOTE: We require a passing level of familiarity with LDAP concepts, such as DN, DIT, RDN, search filter, and base DN. We will not have time to cover basic LDAP concepts during this beta course. You also need to know how to use the Solaris OS (or Linux) command line.

Our classroom space in San Francisco is extremely limited and we will very likely be unable to accommodate all who are interested. Apologies in advance if we cannot accept your enrollment.

If you're interested in attending, please contact David Goldsmith ( for more information.

Thursday May 14, 2009

Our Vote for iPhone App of Year: LDAP App Could Save You 1.43 FTE in Productivity

At this very moment, every company on the planet is trying to find ways to reduce cost.  A creative and innovative member of the Directory Server team at Sun has come up with a way to do just that using the iPhone and LDAP.  Ludo's blog post located here, provides a great overview of the technical detail (what tools, platform, etc.) so please read it for more detail on how Anton put this solution together.  Let's focus on the business angle of this important innovation using LDAP.  Again, we hope David Kearns is reading because this is really what "Pimping Your Directory" is all about.

More and more companies are having to support mobile workforces or employees that work a portion of their time at home.  Sun has been one of the leaders in this space.  Not only does it improve productivity but it gives knowledgeworkers more empowerment thus improving their quality of work and life and thus loyalty to the company that employs them.  However, the tools that support these workers have been slow to catch-up.  Company Directories are a good example.  How many times do employees call the 1-800 number to get an employee number to make a phone call on the road?  As a consultant, I used to do this all the time.  As a Sun employee, I have used this feature more than once while traveling to different trade shows, between offices, etc.  This ties up valuable resources who could be routing real customer calls! I have realized this paradox but when you have to get something done you go through the path of least resistance.  And, let's face it voice portals have not replaced human beings in either efficiency or effectiveness.

Here is where the innovator at Sun, Anton Bobrov, filled the gap. The Sun IT and Directory Teams recognized this gap a long time ago and placed a limited version of the employee directory outside the firewall.  It is a great tool if you have a web browser and don't want to VPN into the network.  However, Anton realized there was a better solution via the iPhone.  He has developed an iPhone App that is an LDAP browser that allows employees to connect to this Directory outside the firewall and quickly search, find an employee and make the phone call from one device.  My vote for iPhone App of the Year would be for the LDAP app by Zen and our very own Anton Bobrov. 

The Business Case

So hypothetically, using Company A with 33,000 employees as an example, imagine 5% of employees have an iPhone.  Imagine that same 5% make one phone call a week or 52 calls per year to the 1-800 number to get a phone call.  Imagine each call takes 2 min of productivity away from the call center employee then this simple application could save approximately 2,860 hours.  Put another way this is 1.43 FTE per year worth of productivity.

Number of Employees

 33,000 Employees 

Percent that have iPhone

 5% Employees 

Number of Employees with iPhone

 1,650 Employees 

Number of calls made per year to 1-800 per week by one employee
 52 calls per year per employee
Total number of calls made in a year
 85,800 calls per year
Total number of hours taken (avg time per search 2 min)  2,860 hours
 Number of Employees Needed to Cover this Task (50 weeks \* 40 hours)  1.43 FTE's

Please see Ludo's blog for more detail on how the app works and what Anton did to build it.  His bog is located here.

ZEN Directory App for iPhoneZEN Directory App for iPhone and iTouch

How do you get it?

Go to the App Store and seach "LDAP".  You want to download the Zen version for $3.99.  Refer to the cost savings table above if you balk at the price.  Here are the configuration details for Sun's directory, as described in Ludo's blog here.

Here's the settings that I've used (once you've installed the Directory application, there is a "Directory" section in the Settings application).

Identity: cn=John Smith (12345),ou=people,dc=sun,dc=com
[your Sun ID should be enclosed in brackets and watch the spaces]
Password: My Sun password
(Keep the remaining untouched).

How do I get one for my company?

If you are employee at a company that has a large mobile workforce you should show this blog post to an IT Director, Call Center Director, or someone who can make this project happen.  This is a quick win for most companies in improving productivity.  You can use DSEE or OpenDS with replication to create the directory instance outside the firewall.  Publish a configuration guide for employees and start improving productivity.

Tuesday May 12, 2009

450,000 LDAP Operations per Second

Benoit Chaffanjon did an interesting "Benchmarketing" (you have to read his blog to understand why he calls it that) that showed Directory Server Enterprise Edition may be able to support 450,000 + LDAP operations per second.   The benchmarketing was done on a Sun Blade 6000 using the Intel Xeon x5560 on OpenSolaris.  All the gory details can be read in Benoit's blog here.  This is mind-blowing when you consider the cost of transaction per second and also what this might look like on an SSD.  We are doing some further testing as Mark Craig mentions in his blog not only to validate these amazing results but also to confirm the performance using OpenSSO and on a SSD.

You can Try It by clicking button below:

Here is one table taken from Benoit's blog

Modify Operations Performed  




Std Dev

Corr Coeff






Modify Time (ms)  

Total Duration

Total Count

Avg Duration

Avg Count/Interval

Std Dev

Corr Coeff







Search Operations Performed  




Std Dev

Corr Coeff






Initial Search Time (ms)  

Total Duration

Total Count

Avg Duration

Avg Count/Interval

Std Dev

Corr Coeff







Subsequent Search Time (ms)  

Total Duration

Total Count

Avg Duration

Avg Count/Interval

Std Dev

Corr Coeff







You can Try and Buy one of these machines today. 

Monday May 11, 2009

Directory Server Webinar: Reduce Identity Sprawl and Improve Enterprise Performance

The team is back from our successful trip to the European Identity ConferenceLudo and Mark Craig did a great job on the Identity Bus and Virtual Directory panels.  We will have more about this later in the week.  

We wanted to pass along a quick note about an upcomming webinar on Directory Services which will be held May 20.  The webinar will cover how to reduce cost and improve the speed and performance of your enterprise using directory services.  The conversation will go over the following:

  • How to use save cost by consolidating identity sprawl in your enterprise
  • How to meet agressive time-lines on a merger and acquisition
  • How to federate faster with virtual directories

If you are interested, please sign-up here.  Even if you are not able to attend, registering will give you access to the replay.

Oh, and that is not Craig MacDonald in the picture to the right.  We got this from a very talented photographer in the Creative Commons here.

Wednesday May 06, 2009

Directory Experts Speak at European Identity Conference

Ludo Poitou and Mark Craig from Sun Microsystems will be a part of two illustrious panels at the European Identity Conference today.  Ludo will be a part of the panel talking about the Identity Bus which is a topic that Felix Gaethens, Kim Cameron, and David Kearns talked about last year.  The discussion should be interesting becasue Sun has some of the products necessary to create the "identity bus" today through OpenDS, DSEE, Virtual Directory, OpenSSO, Identity Manager Connectors, and Netbeans,  You don't need all of these to create the bus but a standards based way of storiing and accessing identities and then leveraging them via other applications or into the cloud are all possible using the tools at Sun.

Mark Craig will be joining Oracle, Radiant Logic and Symlabs in talking about Virtual Directories and their importance to Directory Services.  Sun includes it's virtual directory features as a part of it's core product and license so all customers who use DSEE 6.3 today have a virtual directory already as a part of their license.  Mark will be explaining how customers are using Virtual Directory to do data center consolidation, simplify mergers and acquisitions, and federate faster using Sun's Virtual Directory.

Tuesday Mar 31, 2009

OpenDS in One Image

What is it like working on an open source project?  A lot of people wonder how does it differ.  The nightly builds, the open nature of communication and involvement, the external contributors and the community managers like Ludo Poitou make it a very dynamic environment.  The best way to understand it is to watch this great video that Ludo put together that represents the last three years of activity.  

Thanks Ludo:

Gartner IAM and Ludo's Architect Zone Interview on OpenDS

The identity team was in London for the Gartner Identity Access Management conference last week which was a successful event.  We had the opportunity to meet and talk with some great customers and hear about the Thompson-Reuters implementation of OpenSSO and Directory Server Enterprise Edition serving 300,000 concurrent users with persistent cookies.  This implementation allows traders to get their Reuter's feed on their smartphone and their desktop without having to login twice.  This reduces transaction fees and keeps their business model in tact.  The OpenSSO team did some great engineering work to meet the performance and functional requirements for Thomson-Reuters.  We video-taped the presentation and should have that for your soon.  

Gartner IAM

Also, Ludo Poitou was recently featured in an article on OpenDS in the Architect Zone or DZone.  He describes some of the exciting things happening in the community with MySQL and discusses how to embed OpenDS in applications.  This is a great jump-off point for customers getting started with deploying OpenDS as an identity repository for their application or infrastructure serving email, calendar or network infrastructure.  You can read the whole article here.

Thursday Mar 05, 2009

Are you a Directory Hero?

Are you a Directory Hero?  We want to know. 

In the last three months we have heard from several of you via the IRC chat on at identity conferences or at user groups around the world about the great projects that leverage the innovations from the OpenDS community.  We have been able to share a few of the great stories via the blogs story site.  Everyone learns from hearing about the ways in which you are using LDAP in your organization.  It is this sharing in the open that makes being a part of an Open Source Software project exciting and a great learning experience. I am reminded of a truism "Share comes before success".

Therefore, we are annoncing a new opportunity for you to share your stories with us at Sun.  If you have deployed OpenDS and are using it please send us a story at the following email address.  Here are some suggested questions that you can answer.  Alternatively, blog or create a video about your implementation and send us the link.  We want to show our appreciation for sharing so for the top 30 stories we receive we will send you a free t-shirt.  Please include an address in your submission. 

Here is what to do:

  1. Step 1:  Download the questionaire.
  2. Step 2:  Answer the questions that apply to your deployment
  3. Step 3:  Create blog or videocast and post somewhere
  4. Step 4:  Share:  Send us the link at the email address above and include questionaire, link to your blog or video and an address for us to send the t-shirt.

Here is the suggested questionaire to guide you through what information the community would like to hear about your implementation.

Questions (Download here) and you don't have to answer them all:

  1. Can you tell us more about your company ?
  2. Can you tell us about the application, site, or service in which you have adopted OpenDS?   [ Note: this is where you can hopefully get some publicity for your  own business or project.  So consider including any hyperlinks,  screenshots, etc. that you would like for us to use in that context.  Also, are you embedding OpenDS in your application?]
  3. How and when did you first find out about OpenDS?
  4. Did you go through an evaluation process before selecting OpenDS? If so, can you tell us a little bit about the process and results?
  5. What specific version of OpenDS are you using?
  6. On what operating system do you run OpenDS? Do you use the same OS for both development and production deployment?
  7. On what hardware platform do you run OpenDS? Do you use the same platform for both development and production deployment?
  8. Have you purchased a OpenDS license? If not, have you thought about doing so and do you know it includes access to patches and sustaining releases (more details from
  9. What specific features of OpenDS are you using?
  10. What do you like most about OpenDS?
  11. What would you most like to see improved in OpenDS?
  12. Does your application also use a database? If so, which one?
  13. Are there any figures about the scale of your adoption which you would like to share (such as how much traffic is being handled, how many entries are stored in OpenDS, how many servers are used)?
  14. How has OpenDS performed since your application/service went live? Have you run into any production issues which you would attribute to OpenDS?
  15. Would you recommend OpenDS to others? Why?
  16. How does OpenDS figure in your future plans?
  17. How would your describe your participation in the OpenDS project (e.g. user only, submitter of bug reports and RFEs, developer who has contributed code)?
  18. Is there anything else you think would be of interest in a story about your OpenDS adoption?

Wednesday Feb 25, 2009

Directory Server 6.3.1 Released: Download Today

Sun  Directory Server Enterprise Edition 6.3.1 released.

The 6.3.1 release is a patch to existing 6.x deployment that provides customers with a way to apply the latest fixes and updates found in Directory Server, Directory Proxy Server and Directory Server Control Center components in one installation event. 

Specifically,  the Directory Server 6.3.1 provides fixes to replication issues in mixed DS 5.2 and 6.x topologies, on Directory Proxy Server it improves support for Virtualization (Join and JDBC) and includes additional performance related improvements.  Furthermore this patch release improves overall quality and robustness of deployments.  You can read a consolidated view of all the fixes and updates contained in the release in the Release Notes located here.

It is available in the following forms:
  • Native patch - patches to upgrade Directory Server Enterprise Edition 6.0, 6.1, 6.2 and 6.3 native packages installed using the Java ES installer
  • Zip compressed archive distribution - patches to Directory Server Enterprise Edition 6.0, 6.1, 6.2 and 6.3 zip installations

Directory Server Enterprise Edition 6.3.1 patches are available through SunSolve Patchzip :

  • 126748-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : SunOS 5.9/5.10 Sparc patchzip
  • 126749-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : SunOS 5.9_x86 patchzip
  • 126750-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : SunOS 5.10_x86, x64 patchzip
  • 126751-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : Linux RHEL3 RHEL4 patchzip
  • 126752-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : HP-UX 11iv2 PA Risc patchzip
  • 126753-05: Sun Java(TM) System Directory Server Enterprise Edition 6.3.1 : Windows 2000/2003 Server patchzip

Native Package :

  • 125276-08: Directory Server Enterprise Edition 6.3.1 : SunOS 5.9/5.10 Sparc Native Patch
  • 125277-08: Directory Server Enterprise Edition 6.3.1 : SunOS 5.9_x86 Native Patch
  • 125278-08: Directory Server Enterprise Edition 6.3.1 : SunOS 5.10_x86, x64 Native Patch
  • 125309-08: Directory Server Enterprise Edition 6.3.1 : Linux RHEL3 RHEL4 Native Patch
  • 125311-08: Directory Server Enterprise Edition 6.3.1 Windows MSI Native Patch

For the detailed information on what you need to install based on your current installation, refer to the Sun Java System Directory Server Enterprise Edition 6.3.1 Release Notes.

Directory Server Enterprise Edition
Marketing Team

Thursday Dec 11, 2008

Sun Directory Server Provides Infrastructure for Energy Innovators and Reduces Cost

As President-elect Obama announced his Energy Team yesterday, I was excited for two reasons.  One, Steven Chu is a Californian from Lawrence Berkeley National Laboratory and it is nice to see local citizens playing National and Global roles improving our environment.  Two, I am proud to work at Sun because a large number of the energy innovators like Argonne Laboratory, which is also a part of the Department of Energy, are using Sun's Software to provide the backbone of innovation within these organizations.  

Argonne Laboratory uses Directory Server Enterprise Edition to power their collaboration infrastructure.  They also use MySQL, JavaES, OpenSSO Enterprise and Virtualization (e.g. xVM Server) to power their innovation.  You can see a great video with David Salbego, Director of IT Infrastructure at Argonne National Labs regarding his experience and business benefits resulting from Sun solutions. 

BC Hydro also used OpenSSO Enterprise and Directory Server to reduce cost of providing a web portal for their customers to get interact with their organization.  They reduced the use of paper and conserved resources for our environment.  You can read about the solution here.

Wednesday Nov 05, 2008

Gartner Identity Access Management Event, Nov. 10-13, Orlando, FL

Gartner Identity and Access Management conference is happening next week, Nov. 10-12 in Orlando, Florida.  This is a great event that brings together analysts, customers and vendors to share knowledge and experience on important topics that shape the Identity and Security industry.  The Directory Product Line Manager, Nick Wooler, will be attending with a few of other notable Identity Product Managers at Sun including: Daniel Raskin, OpenSSO; Nick Crown, Identity and Role Manager; Craig MacDonald, Identity Manager; and our fearless leader John Barco.

Come by and spend some time with your favorite Identity team.  On Monday, November 10 we will be watching Monday Night Football and talking identity in the Presidential Suite at the Gaylord Hotel at 9:00pm ET.  There will be great food, drinks and music as well as a few discussions about Identity.  We hope to see you there.

And, we will be having a few games of Identity Hero.  If you want to practice, check it out here.

Wednesday Oct 15, 2008

Identity Management Europe User Group in Munich and Burton Catalyst Europe--Prague

The product management team will be attending Burton Catalyst Europe in Prague next week.  This is a great conference that brings together a number of thought leaders and practitioners in the Identity, Security and Dyanmic Data Center spaces to talk about real problems.  One of the tag-lines of the conference is to remove "Vendor-Hype" which is a refreshing approach.  As a vendor we attend the conference to have additional conversations with customers and analysts about the problems teams are experiencing, creative solutions that are being employed to solve those problems, and contribute our voice to where we believe the industry is headed.  

Additionally, while we are in Europe, on Tuesday, October 28 we will be attending the Sun Identity User Group in Munich.  This User Group session is open to all Identity Manager, Access Manager, Directory Server Enterprise Edition, and Federation Manager customers.  For anyone new to this User Group, it is a customer driven forum providing a valuable opportunity for customers to exchange practical and technical knowledge and experiences.  Here is information on the time and location:

Sun Identity Management User Group - EMEA 2008
Tuesday, October 28, 2008
9:00 am - 4:30 pm
Registration & Continental Breakfast will begin at 8:30 am
Sun Microsystems GmbH
Sonnenallee 1
85551 Kirchheim-Heimstetten

The agenda of the User Group can be found here.  You can register for the User Group by going here.


This blog maintained by Etienne Remillon provides information regarding Oracle Unified Directory and Oracle Directory Server Enterprise Edition products. Use this blog to get the latest breaking information regarding releases and updates plus other technical and non-technical information.


« August 2016