Month: June 2013

Thanks to all participants of the 1st ForgeRock Open Identity Summit !

Ludo1 Comment

ForgeRock Open Identity Summit opening

I hope all attendees enjoyed the summit as much as I have. It’s been a real pleasure to meet face to face some of the project members, customers and partners I’ve interacted with, over emails and phone for the last 3 years, and to see again colleagues, ex-coworkers…

All the photos that I’ve captured during the summit are now publicly available on Flickr.

See you at the next summit !

[Update on June 19] The presentations from the summit are now online. Goto the Summit page and click on the Agenda.

LP0_8918LP0_8901LP0_8817

See you next week at the ForgeRock Open Identity Summit…

LudoLeave a comment

Pacific Grove, CA, photo by Jack FrenchTime is running fast and the ForgeRock Open Identity Summit is just around the corner.

For those who haven’t registered yet, I believe that there are still a few spots available : http://forgerock.com/summit/.

For the other ones, I’m looking forward to see you next week, in sunny and beautiful Pacific Grove.

Tips: Do not index virtual attributes in OpenDJ

LudoLeave a comment

OpenDJ-300x100OpenDJ, the open source LDAP directory service in Java, offer some interesting services to reduce and optimize the size and usage of data.

One of them is the Virtual Attribute feature, which allow certain attributes and values to be computed as needed, either based on some of the server internals or other attributes. OpenDJ ships with a number of virtual attributes by default : entryDN, entryUUID, etag, gouverningStructureRule, hasSubordinate, isMemberOf, numSubordinate, password Expiration Time (ds-pwp-password-expiration-time), structuralObjectClass, subSchemaSubEntry, …

Since these attributes are virtual and thus not stored as part of the entries in the database backend, you must not define any index for them. When possible, the virtual attribute provider will make use of default system index (like entryDN uses the DN index), but most of the time, these attributes are for reading and consuming.

If you do configure an index for one of the virtual attribute, the server will repeatedly report that the index is degraded with an error message similar to the following :

[21/Jan/2013:09:16:07 +0000] category=JEB severity=NOTICE msgID=8847510 msg=Due to changes in the configuration, index dc_example_dc_com_entryDN is currently operating in a degraded state and must be rebuilt before it can be used

And then some seaches may fail to return entries. So you must delete this index to let the server behave properly.

Making OpenDJ easier for Linux, DevOps and the cloud…

LudoLeave a comment

packagerpm

I’ve recently made some changes on the OpenDJ nightly builds page and made available 2 new deliveries for OpenDJ : an RPM package and a Debian package.

The goal of providing native packages for OpenDJ is to make things much easier for the Linux system administrators and the DevOps  who want to deploy OpenDJ automatically, as well as for whoever wants to run OpenDJ in a VM in the cloud.

packagedeb

There has been several other efforts to build native packages for OpenDJ, here and there, but due to the structure of OpenDJ deliveries, you could not properly upgrade versions. The packages available with the nightly builds are taking advantage of the new upgrade mechanism that has been developed, allowing an easier and smoother migration from previous releases.

If you do use the packaged version, make sure you log any bugs you find in theOpenDJ issue tracker.

I’d like to thank Danny Turner for his great contributions to the OpenDJ native packaging.