This is the blog of a software engineer, specialized in LDAP, directory servers, identity management and open source. Ludovic Poitou is currently Product Management Director for ForgeRock Directory Services, as well as Director of Operations for the ForgeRock France Entity, based in France in the Grenoble area. Outside work, he enjoys photography, music, cycling and skiing with his lovely girls.
How are things for you and your family?
I was thinking about you the other day as we just bought a new house in a small village called Thames Ditton (opposite Hampton Court Palace). I once took you the an old pub next to the river in the village and the house is just 100m from there.
We have more room now if you ever want to come and stay!
All the best, Richard
Ludo, thanks for all the blogs on OpenDJ. They are great
I am testing OpenAM and OpenDJ integration and there is one requirement where I am having multiple OpenDJ instances with different users in each instance. Can a single OpenAM instance be integrated with both the DJ instances to manage the SSO for users in both these repositories
Yes OpenAM can be configured to use multiple User repositories with different users in each OpenDJ instance. The easiest way to achieve that is to use different realms for each user repository. But it’s also possible to achieve that with an authentication chain where a user is first searched in an OpenDJ instance, and then if not found, in the other one.
I recently come across your blogs and they are really good. I was able to understand the internals.
We have one problem with OpenDJ 2.4.4 Java 1.6.0_24 in our production env. From last 4 month intermidialy both the LDAP servers stops responding. The error logs shows java.lang.OutOfMemoryError:
java option –xms 1GB -Xmx 2GB .
This looks like a bad tuning of OpenDJ. You may want to enable GC logs to have a better understanding of the memory use of OpenDJ.
Great blog, very useful to openam administrators.
I just beginner in LDAP and OpenDJ but i meet a problem about performance of OpenDJ. If you have time then email for me to help me understand more about LDAP and especially OpenDJ. My email firstname.lastname@example.org thanks.
Sorry, but this is not really how open source development works. OpenDJ is a fully documented project and you can find information about tuning for performance in the Administration guide. There are also public mailing lists , where you can post your questions and the community can help (provided the questions contain enough details to be answered).
Again, i just met problem lost “o=test” after ran a couple of script to migrated data on OpenDJ. Do you know how many reason could make it happen ?
I have downloaded former times opendj 2.7
now i see that the last versio you offer is opendj 2.6.
Why you where no more offering opendj 2.7
OpenDJ 2.7 is the development version of OpenDJ. You can find nightly builds from opendj.forgerock.com.
The latest ForgeRock product release is OpenDJ 2.6.
Ludo, have you done a OpenDS to AD LDS migration by chance? Looking for best process.
OpenDJ, the product that i develop and manage at ForgeRock is the natural continuation of OpenDS. I’ve never had any request to replace OpenDS with AD LDS. It feels like a regression both from a feature point of view and an open source !
Hi Ludo, thanks for your excellent blog on forgerock. We are trying OpenDJ replication, and trying to achieve topology like in : https://ludopoitou.com/2013/10/01/opendj-visualizing-the-replication-topology/ – but for a far less number of users.
For us, our OpenIDM is using OpenDJ back-end and we have synchronization set up using “sync.json” – My question is is there a need to set up live sync between DJ and IDM once DJs start to participate in global replication ? Our main concerns are : It should not be able to provision duplicate users/orgs/groups across regions.
Connaissez vous un expert ou une société que je pourrais contacter pour un audit d’un annuaire openDS qui connaît quelques faiblesses ?