Archive for category Identity

Planet Identity

I’ve been running a Sun internal version of Planet Identity for about 6
months now, as a way to follow the very interesting discussions about
Identity that are covered in several blogs.
And then came SuperPat and in a couple of days he registered the planetidentity.org domain, got the Planet software installed and configured and Planet Identity is now live.
There are already lots of feeds aggregated on Planet Identity, but if you know some that should be there send a note to Pat.

Leave a comment

Victim of Identity theft ?

Just hilarious.

Leave a comment

Pretty close to be the winner

Sun Java Directory Server Enterprise Edition 2004Q2 was a finalist in the annual eWeek Excellence Award competition, in the Authentication and User Management category but in the end didn’t win, RSA Federated Identity Manager did.

Anyway, Sun won 2 awards in this competition:

Leave a comment

The use (or non-use) of DSML…

SuperPat aka Pat Patterson, one of our expert on Sun Java System Access Manager,  is asking if anyone uses DSML ?
After co-authoring the DSMLv2 specifications with Microsoft, we implemented it in the Sun Java System Directory Server 5.2 nearly 2 years ago, provided some client tools in the Directory Server Resource Kit,  and still we haven’t heard of any customer’s deployment using DSML.
I did get some reports from the field of some evaluation of DSMLv2, got
a few questions with regards to security and authentication, a couple
of queries on the performances… but still I have not heard from any
use in production.
And the last time I discussed about DSML with a friend who works for Novell, he basically said the same thing.

Still DSML is coming back in conversations some time to time, like
today as DSML was mentioned on the OpenLDAP mailing list with a proposed implementation of the client and the server side.

So, I’ll re-iterate Pat’s question: Is anyone using DSML ?

7 Comments

National secure digital identity card in France

The french goverment is planning on introducing (following some
european requirements) a secure digital national Identity program.
The idea is to replace the current national id with a smartcard
containing fingerprints and photo (digitally signed) and potentially to
use the card for other applications such as medical records, e-voting
or banking services…
To make sure
that the french government understands  what are the people concerns, it has launched a website for information and discussion including  a forum.

The rest is in french on the site for the “Debat National sur la carte d’identite electronique

Debat national sur la carte d’identite electronique

L’opinion publique est notamment sollicitee sur les themes suivants : 

  • Le principe de la mise en place d’une carte nationale
    d’identite electronique sur laquelle une puce electronique contiendrait
    l’empreinte digitale et la photo du detenteur ;
  • Les garanties souhaitees en termes de protection de la vie privee ;
  • L’acces, depuis cette carte, a d’™autres applications comme des services
    administratifs (teleprocedures, e-vote…), ou encore des services
    marchands (services bancaires, achats en ligne, abonnements divers…) ;
  • Les modalites pratiques souhaitees  : lieu de delivrance, prix eventuel d’une telle carte, etc.

Leave a comment

A quick and not so dirty HowTo documentation for Directory Server configuration

Dave recently blogged A quick and dirty HowTo manually configure Directory Server, where he explained how to configure Java Enterprise System Directory Server on Sparc from the command line.
The good news is that all of what he said was not only fully accurate but based on public interfaces and thus fully supported.
The explainations stand for the Java ES version of Directory Server on Solaris (sparc or x86), installed as native packages, and the steps described in his entry are written in our Installation and Tuning Guide.
The same steps will also work with Java Enterprise System 2004Q2 Directory Server on Linux, since we also support RPM packages and delivered the directoryserver utility (the path is different though: /opt/sun/sbin/directoryserver).
And of course, this will continue to work with Java Enterprise System 2005Q1 which is currently in the beta phase.

Leave a comment

Internationalized Searches with Directory Server

Sun Java System Directory Server does support some powerfull locale specific matching rules, allowing searches according to French, Spanish, Japanese, Esperanto or even Manx.
The list of supported locales is impressive and OIDs have been allocated for each of them. The list is fully documented in the Directory Internationalization Reference” manual.
However, during the re-organization of the documentation for Directory Server 5.2, it appears that the section on how to search using these matching rules was removed.
The documentation of the Directory Server 5.1 on the subject is still valid. It’s in the iPlanet Directory Server 5.1 Administration Guide, Appendix B: Finding Directory Entries.
The section is Searching an Internationalized Directory and the most important part is the mapping table between Search Types, Operators and OID suffixes..
And below this table, you will find all the examples that illustrate the various searches for internationalized data.

1 Comment

Internationalized Searches with Directory Server

Sun Java System Directory Server does support some powerfull locale specific matching rules, allowing searches according to French, Spanish, Japanese, Esperanto or even Manx.
The list of supported locales is impressive and OIDs have been allocated for each of them. The list is fully documented in the Directory Internationalization Reference” manual.
However, during the re-organization of the documentation for Directory Server 5.2, it appears that the section on how to search using these matching rules was removed.
The documentation of the Directory Server 5.1 on the subject is still valid. It’s in the iPlanet Directory Server 5.1 Administration Guide, Appendix B: Finding Directory Entries.
The section is Searching an Internationalized Directory and the most important part is the mapping table between Search Types, Operators and OID suffixes..
And below this table, you will find all the examples that illustrate the various searches for internationalized data.

1 Comment

Red Hat acquires rights to Netscape software…

The news have hit the street a few days ago: Red Hat has acquired the rights on Netscape Server products, and among them, Netscape Directory Server.

Vincent Eynard already blogged (in French, no translation available yet) on it and raised many questions.

“They’re buying antique software,” Joe Keller said, adding that Red Hat’s tactical shifts are confusing. “They used to find the best of open source and bring that forward. Now they’re buying the oldest of commercial software and making it open source.”

It’s true that Red Hat has acquired the rights to the software but what they didn’t acquire was:

  • A customer base. Currently AOL has almost no enterprise customers outside their own portfolio.
  • Engineering or marketing leadership: They don’t have any of either skill set left. Sure, engineers who were left on the way would be please to work again on Directory Server if there is commitment to the product, but most of them have moved to other areas.
  • Market credibility. Netscape hasn’t been a player in this space for a long time.

Anyway, the software is old and the market has moved. What customers want is not just a directory server but a robust Identity Data Service. Which is what the Sun Java System Directory Server Enterprise Edition, a product which includes not only the directory server, but also a proxy server for high-availability, security and client interoperability, AD synchronization and an impressive resource kit, delivers today.

I’m not sure I understand Red Hat strategy with this acquisition, but I’m curious to see what will be their position with regards to OpenLDAP which is already part of their platform, and how they are going to manage to open source some software that has non transferable patents (such as Directory Server). And if they succeed to open source it, I’ll be watching people’s discussions about the code that I wrote more than 3 years ago!

2 Comments

SLAMD has been released as Open Source

SLAMD the Distributed Load Generation Engine has been released as open source release under the Sun Public License.
You can download the product from slamd.com or slamd.dev.java.net.
SLAMD was originally designed for use with LDAP directories and includes a number of utilities and tests that turn a Directory Server benchmark into a kids game.
The “how-to” guide for Sun JavaTM Systems Directory Server 5 is also available: Benchmarking the Sun ONE Directory Server 5.2 with SLAMD and MakeLDIF.

Leave a comment

SLAMD has been released as Open Source

SLAMD the Distributed Load Generation Engine has been released as open source release under the Sun Public License.
You can download the product from slamd.com or slamd.dev.java.net.
SLAMD was originally designed for use with LDAP directories and includes a number of utilities and tests that turn a Directory Server benchmark into a kids game.
The “how-to” guide for Sun JavaTM Systems Directory Server 5 is also available: Benchmarking the Sun ONE Directory Server 5.2 with SLAMD and MakeLDIF.

Leave a comment

Benchmarking LDAP

Since I’ve started to work on LDAP, benchmarking a Directory Server has always been a hot topic. In the past, the only publicly available tool was DirectoryMark. Sun and Netscape (iPlanet/Sun ONE…) had their own tools part of the Directory Server Resource Kit: searchrate, modrate…
Now there is SLAMD, a distributed load generation engine which was primarily designed to benchmark LDAP based servers such as Sun Java System Directory Server.
Fintan Ryan posted yesterday on his blog some details on using SLAMD with Sun DS.
We’ve been using SLAMD for some time now, and we cannot imagine running a benchmark, a performance or replication test without it (thanks again Neil).

Leave a comment

Directory Server 5.2 Patch 2 now available for all platforms

Updates to Sun Java System Directory Server 5.2 for all compressed archive versions are now available through SunSolve. These updates bring the product in line with the Directory Server product packaged with the Sun JavaTM Enterprise System 2004Q2, for all supported platforms.
This version also introduces support to the Microsoft Windows 2003 enterprise edition.
The release notes are providing details on the changes and the patch numbers for the specific platforms. Make sure you read them before installing…

Leave a comment

End to end Identity Management on the front page…

The new Sun identity management product line is making it on the www.sun.com front page.
The details are here.

Leave a comment

Follow

Get every new post delivered to your Inbox.

Join 1,174 other followers

%d bloggers like this: