Thursday May 01, 2008

Blog moved to



    This blog is being continued at

Wednesday Mar 05, 2008

LDAP eTime Analysis Tool

Directory Server eTime Analysis Tool


I recently posted a tool on Sun's website to help LDAP engineers with performance and benchmarks.

In a nutshell, this tool will parse an LDAP access log pulling out eTime information and presenting the results of this data as a histogram of eTimes and counts for each LDAP operation.

The introduction on the wiki states:

Sun Java System Directory Server Enterprise Edition (DSEE) can provide the administrator some very useful information in the access logs around timing. In particular, the etimes can provide some insight into how the directory is performing the internal operations. The script will provide the user a histogram report of all the etimes and counts providing a visual representation of operation performance.

This is in addition to what is available from other performance tools such as

SLAMD. In those tools, most of the results are averages, where this script will provide the actual etimes of the directory operations. It is important to note that etimes in the directory server represent the elapsed etime during the operation internal to the directory server. It doesn't include network or potential queuing time that other tools would help measure.

Over time, I hope to add more information on this wiki to make it easier to use. You'll find a .zip archive of the script, some sample access logs and a sample OpenOffice Spreadsheet to help slice and dice the data. Below is a screenshot of this spreadsheet.

Please let me know if you find the tool useful and if you have any useful enhancements.

Technorati Tags: ,

Thursday Feb 28, 2008

Visually Impared ... and Driving?

A few weeks ago while stopping by the drive up ATM my daughter noticed something that I never saw or really thought about.

ATM Machine ATM Machine

The decal affixed to the machine says it all.

My daughter then went on to ask, what if the "visually impaired" person can't see the sign. I went to say, that's why it also includes the braille.

I know, maybe not a politically correct blog, but makes you wonder.

Friday Jan 25, 2008

FAMFest 08 is Complete

As mentioned in Pat's blog, we just wrapped up a great week in Vegas with some incredibly talented folks from Sun's Federation and Access Management communities, also known as FAMFest. Here's a pic of the attendees from our '08 event.


What is FAMFest? A get together of federation and access management experts to build out product demos of Federation Access Manager 8.0. It was an great event with all 21 attendees working over 10 hour days to put together the foundation for our next generation of federation and access management demos and products. I was very proud to be a part of this effort.

We can't wait to share the results of our work in upcoming weeks and months. Stay Tuned!

Technorati Tags: , , ,

Friday Jan 04, 2008

A Mac alternative to the Microsoft Office 2008 upgrade...NeoOffice

As Steven J. Vaughan-Nichols point out in his eWeek article yesterday, you do have an alternative to shelling out some bucks for the new Microsoft Office 2008 upgrade, due out the next couple of weeks.

If you get a chance, try out NeoOffice, now version 2.2.2. This is a Mac OS X version, of the popular suite. It uses the Mac OS X Aqua interface as opposed to the X11 requirements of OpenOffice.

Although I have Microsoft Office 2004 on my Macs and agree that it's one of the better running apps on my Mac, I honestly haven't used it since I've installed NeoOffice over 2 years ago. Yes, NeoOffice is a bit slower, yes, it is a bit buggy, but I can edit any Microsoft Office document, presentation or spreadsheet all for the price of $0.

So, before you shell out $150-$300 for Microsoft Office 2008, just give NeoOffice 2.2.2 a test drive. It might surprise you.

Technorati Tags: ,

Tuesday Dec 18, 2007

FAMTalk: Talking about Federated Access Management

This week, a few colleagues (Tim Campbell, Steven Jarosz and Pat Patterson) and myself launched a podcast, called FAMTalk (FAM short for Federated Access Management), podcast dedicated to the discussion of federation and access management.

Checkout episodes 1a and 1b as we kick things off with Tim's discussion around Sun's Access and Federation Manager. We'll also be sure to include a lot of discussion around OpenSSO. Make sure you subscribe to the RSS Feed or iTunes so you don't miss anything.

 Images Famtalk

Now, this show is a 2-way street. It requires your participation through the use of emails, comments and suggestions. And if you have a project to share, join us live on an episode. Even send us an audio file of your questions and we'll try to include that in the show.

We hope to make this a monthly podcast with each of us hosing different episodes. And we are also somewhat new to this podcasting thing, so bear with us as we figure out the right audio levels, music, etc... Help us shape where this goes.

Talking FAM with you soon!

Technorati Tags: , ,

Saturday Dec 15, 2007

Running BLIND...

This past Sunday (Dec. 9th) at the Dallas White Rock Marathon I had the honor of running with a couple of legends, known as Harry & Mike. Harry & Mike are 100% blind. I was one of 4 who guided them through the streets of Dallas for 13 miles (half-marathon). As of a few years ago, Harry had completed over 150 marathons. He often water skis and does motivational speaking. You can read more about Harry on this website.

A fun day was had by all. Running with Mike and Harry gave me a different perspective on the race. We take for granted what we see with our eyes. It's what they heard that amazed me. Very perceptive guys. They were both very thankful and gracious in that we took time to help guide them. I thank them for the opportunity. I look forward to many more runs.


This pic is of Harry Cordellos (2nd from left) and 3 of the guides (Sean Dowd, Nolan Duncan and myself).


And this pic is of Mike running with Ann Dannis.

And a big thanks to our very own Mary "Grand Mary" Kennard for the wonderful pics!

Technorati Tags: ,

Tuesday Nov 06, 2007

13949712720901ForOSX - We need Java6 in Leopard!

C'mon Apple! Get with it. We need Java6 support in Leopard.

Sunday Oct 21, 2007

CEC2007-DS6 Presentation..Thanks Ludo

Cleaning out some email from the last two weeks and came across this picture from the session that Ludovic Poitou and I gave on Directory Server 6.

First, you may remember the photo I took from my iPhone. The picture below (From Ludo's camera) is of me and Ludo before our session.


Ludo - Thanks for spending the time with me preparing this session, presenting that Monday and the time spent the rest of the week in Las Vegas. And for others out there that may get a chance to work with Ludo in the future, take it when you can.

Technorati Tags: ,

Thursday Oct 18, 2007

OpenPTK Architecture: Summary (Part 1)

My previous post on the announcement of OpenPTK provided a high-level architecture diagram making up the components of the OpenPTK. Over the next few weeks, documentation and more detail on this architecture will be uploaded to the documentation section of our website. Here some initial thoughts on the OpenPTK Architecture. Details will follow in future blogs and documents.

btw, check out Derrick Harcey's recent blog on OpenPTK and OpenSSO.

Project OpenPTK Architecture


The architecture is broken up into 3 different tiers (Consumer, Framework, Service). The java source of the project has been somewhat segmented into different packages representing the consumer and service tier along with specific areas of the framework.

Consumer Tier
Today, there are 3 mechanisms in the consumer tier to talk with OpenPTK's framework. These include:

  • Java API - A small number of easy to use classes to support Java developers. The java developer should only need to use the org.openptk.provision.api and org.openptk.provision.exception packages. These includes items like creation of a OpenPTK context, calling a OpenPTK provisioning operation (i.e. create, read, update, delete, etc...). This Java API is used directly the Portlet and Command Line sample applications shipped with OpenPTK, as well as the other consumer tier mechanisms.
  • JSP Taglibs - A JSP Taglib package has been provided to support the JSP developer in integrating access to OpenPTK services into their JSP pages. Sample taglib applications (User Management Lite, Tablib Test Samples) has also been provided with OpenPTK.
  • Web Service (.wsdl) - A set of web services has also been provided to support web service requests. A sample Provision Web Service application is also provided to deploy a server to respond to requests from web service clients.

Service Tier
The service tier provides a common Service interface to the Framework tier. Regardless of the type of service (i.e. SPML, LDAP, JDBC, ...), each service has the option to provide one of eight types of provisioning operations:

  • Create
  • Read
  • Update
  • Delete
  • Search
  • Change Password
  • Reset Password
  • Forgotten Password

It is up to the service developer of a particular service to implement the methods for each operation. The current release only includes a fully functional SPML 1.0 implementation. The framework can pick which of the operations to use (as defined in the Framework Configuration).

Framework Tier
The framework tier is the abstraction layer providing the linkage between the consumer and service tiers using a number of different types of framework services. Here is a partial list:

  • Configuration - When a consumer first initializes the framework a configuration .xml file is used to describe many components (context, service, logging, attributes, transformations). This configuration will allow for the definition of many of each component allowing the consumer to pick and choose at run time.
  • Context - Defines which Service, Logger and various debug/audit flags to use.
  • Request - Object used to make all requests to the service tier, regardless of the type of service.
  • Response - Object used to receive all responses from the service tier.
  • Logging - Specifies a class to use for logging. Initially, loggers to a filesystem is included, but this is expected to be enhanced to support other logging options (i.e. database).
  • Debugging - Most components from the framework have a debugging component, allow for messages to be emitted.

If you have questions, comments, please don't hesitate to leave them here, or by visiting the Project OpenPTK website.

Technorati Tags: , , ,

Wednesday Oct 10, 2007

Project OpenPTK is LIVE!

OpenptkWhile at Sun's Customer Engineering Conference (CEC) 2007 in Las Vegas this week, we launched the first release of Project Open Provisioning ToolKit, or Project OpenPTK. Myself along with Scott Fehrman and Derrick Harcey released version 1.0 of OpenPTK as a community project on

"Project Open Provisioning ToolKit (OpenPTK) provides a bridge between Identity Solutions and specialized user interfaces or access points."

The initial release includes a consumer Java API, Web Services (.wsdl), HTML Taglibs, and JSR-168 portlets with user self-service, administration and command line interface (CLI) examples. The architecture supports several pluggable back-end services including Sun's Identity Manager (via SPML) and future Sun's Access Manager and LDAPv3 support. The following is a high-level architecture representing these consumer and service tiers as well as a glimpse into some of the Framework Tier elements. Look for forthcoming blogs on these different areas.


We look forward to the ride ahead and ongoing learning experience as we gain support from the Identity Management community. With this out in the open, we welcome any comments, suggestions and best of all, your contributions to the community.

Already a big thanks to Mark Dixon (Discovering Identity), Marty and Tatsuo Kudo for blogging about their initial experiences with OpenPTK at CEC.

Please visit our home page or Community Project and Join Us!

Technorati Tags: , , , ,

Tuesday Oct 09, 2007

CEC2007 - Day 1 Recap

What a whirlwind day 1 for myself and my colleagues at CEC. I can't imagine a better day on several fronts.

Directory Server 6 Tips, Tricks and Secrets I can't do a better job than the following folks (Rajesh, Tatsuo, Marty's Blog, Terry Gardner, Terry Gardner 2, on their blogs from the session that Ludovic and presented yesterday. I know that Ludovic and I had a great time putting it together and sharing the many tips, tricks and secrets on directory.

Project OpenPTK After 21 months of thought, design, code and documentation, me and my awesome colleagues, Scott Fehrman and Derrick Harcey officially launched OpenPTK. I won't go into detail here as we'll provide more info in a forthcoming blog.

Cowboys over Bills (25-24) Even though Tony Romo and the refs did everything they could to stop the Cowboys from winning Monday Night Football, Folk's 53 yd field goal (two actually) with 2 seconds left brought them to 5-0 setting up a great game this next Sunday against the 5-0 Pats.

Craps And to top the night off, I had a once in a lifetime night at the craps table. Note to self, stay away the tables tonight.

Technorati Tags: , , ,

Monday Oct 08, 2007

CEC2007-Directory Tips, Tricks and Secrets Session

Had some great attendance at our Directory Server Tips, Tricks and Secrets session today.  Here's a pic of the class saying hi.


To all the attendees of the session, Thanks!  I look to get more of the tools we discussed out to the masses.  Any questions from the session, just drop me an email. 

CEC2007 - Ready for Day 1 Sessions

Made my way to Las Vegas Sunday morning.  Note to self..."don't ever book a 6:40am flight to Las Vegas".  The airport/city is dead at 7:30am in the morning and you can't check into the hotel until 10:30am.

Today, I'm getting ready for a couple of sessions that I and some colleagues are giving:

Why do we get the lucky draw of a 6pm slot.  I will try to take some picks from the sessions and post them later in the day with some comments about each session.

If you are a CEC 2007 participant, and see this, please say hi during one of my sessions.

Friday Oct 05, 2007

What Happens in Vegas, Stays in Vegas...

Early Sunday morning, I head out to Paris in Las Vegas for a week of the Sun Customer Engineering Conference (CEC). The motto for vegas is

"What Happens in Vegas, Stays in Vegas".

I along with many other Sun and Partner attendees will hopefully be breaking that rule this year as we blog about different sessions and goings on.

Maybe even some updates from the craps tables. I hope to get out an article later today previewing some of the directory and identity related sessions for the week.




« July 2016