Directory Services

OpenDS 2.3.0-build001 is now available…

LudoLeave a comment

In December, the team had released OpenDS 2.2.0, a stable release of the LDAP directory server written for the Java platform. While the quality assurance team was testing and making sure the level of quality and reliability was there, the developers continued to add features on the trunk.

So today, I’m happy to announce the promotion of OpenDS 2.3.0-build001, the first development build on the path to OpenDS 2.4, a stable release currently planned for Summer 2010.

OpenDS 2.3.0-build001 is built from revision 6353 of our source tree and contains 2 major features :

  • The import code has been refined to improve performances, especially with very large data set. Tests have been run with 1,000,000,000 entries and the file imported in about 40 hours.
  • This version of OpenDS provides support for Subentries in LDAP [RFC 3672] and Collective Attributes for LDAP [RFC 3671]. In addition to the support of the Collective attribute standard, OpenDS supports a more user friendly notation, allowing to make use of Collective attribute definitions with standard attributes. More on this subject in a future article, although if you want to understand how to use it, Anton already wrote a description on the OpenDS Wiki.

These 2 features are just started to be seriously tested by the OpenDS team, so they cannot be considered as fully stable yet. There are already some issues being investigated, with the rebuild-index and verify-index commands. If you do find an issue with this OpenDS build, please report it in Issue Tracker.

The direct link to download the core server is: http://www.opends.org/promoted-builds/2.3.0-build001/OpenDS-2.3.0-build001.zip

The direct link to download the DSML gateway is: http://www.opends.org/promoted-builds/2.3.0-build001/OpenDS-2.3.0-build001-DSML.war

We have also updated the archive that may be used to install OpenDS via Java Web Start. You may launch that using the URL http://www.opends.org/promoted-builds/2.3.0-build001/install/QuickSetup.jnlp, or visit https://www.opends.org/wiki/page/OverviewOfTheQuickSetupTool for more information.

Detailed information about this build is available at http://www.opends.org/promoted-builds/2.3.0-build001, including the detailed change log

Major changes since OpenDS 2.2.0 include :

  • Multiple improvements on the Control Panel and the Setup including display of equivalent command-line commands, cosmetic aspects, messages, referral handling…
  • Multiple incremental improvements with the External Changelog, including reliability and performance
  • Revision 6190 – Upgraded the version of the Berkeley DB Java Edition to 4.0.73
  • Revision 6192 (Issue #4360) – Improves responsiveness of the OpenDS server when hammered with large searches and slow clients
  • Revisions 6198, 6209 (Issue #4371) – Solves an issue with PKCS12 certificates that do not have alias
  • Revision 6208 (Issue #4373) – Improves time to start the replication service
  • Revision 6292 (Issue #3601) – Adds the ability to update or delete schema attribute types and object classes definitions in the Control Panel
  • Revision 6332 (Issue #4472) – Fixes the way a Workflow element is checked to be a parent of another Workflow element
  • Revision 6334 (Issue #4464) – Solves an issue where reading the RootDSE could take too long when External Changelog is enabled
  • Revision 6336 (Issue #4477) – Increases the maximum size of DB log files from 10MB to 100MB
  • Revision 6351 – Support for localization in Catalan (ES_CA)
  • Revision 6353 (Issue #4489) – Resolve an issue where Java would not be detected even though JAVA_HOME variable was set

Technorati Tags: , , , , , , ,

Happy New Year !

Ludo2 Comments

Hello again after this too long break. Well, I wasn’t on vacation the whole time, but I find it hard to go back into writing mood. I also got distracted by the amount of snow that we received in Grenoble’s valley: yesterday there was still 30 cm of snow everywhere around my house.

Under the snow

Anyway, I’m back to this blogosphere, with the same hope that I will be posting more regularly than last year.

Opends Logo Tag

Looking back at 2009, it’s been an amazing year for the OpenDS project team.

In a year, we’ve released 3 important versions of OpenDS, with many features and innovation:

  • In January, OpenDS 1.2 added the Control Panel, SASL security, Support for JCEKS, enhancements in Access Controls and several Solaris / OpenSolaris specific features such as IPS packages, support for SMF and RBAC, …
  • In July, OpenDS 2.0 brought many performance improvements, several new features including Assured Replication, Recurring Tasks, Locale specific matching rules, and enhancements of the monitoring, the indexing, the ease of use, …
  • In December, OpenDS 2.2 added support for Fractional Replication, External Changelog, some date and time based matching rules, syntaxes extensions for Enumerations and Regular Expressions, up to 8 Masters in Replication, …

During the same period, the OpenDS Community has more than doubled, and so has the number of downloads of the OpenDS builds.

The OpenDS development continues. We have planned the release of OpenDS 2.4 in the middle of 2010. You can check the OpenDS RoadMap to see the features that are being worked on. If you’re using OpenDS in production, or if you’re building solutions that use the OpenDS LDAP directory server, please share your experience with the community. Send us details of your experiences or deployments. We will post them on the OpenDS wiki or Sun Adoption Stories blog.

While we’re still in January, let me wish all of you a happy and prosperous New Year 2010, and a long life to the OpenDS project.

Technorati Tags: , , , , ,

OpenDS helps load testing in the cloud.

LudoLeave a comment

In the CloudJason Shao explains on his blog how they do loadtesting of their web-based portal application on Amazon EC2.

What raised my interest was that they’ve added the OpenDS ldap directory server in the image, as it was faster and easier than dealing with their usual infrastructure.

This is not the first time we see customers deploying OpenDS in the cloud. As a matter of fact, I think the first in production deployment of OpenDS was on network.com. More recently, Arnaud posted an article and performance numbers on running OpenDS on Amazon EC2.

If you are building services on the cloud and need authentication, authorization or storing profiles for your users, OpenDS provides a standard based solution (LDAP) that is very easy and fast to deploy. Give it a try !

Technorati Tags: , , , , ,

OpenDS 2.2 has been released !

Ludo1 Comment

Opends Logo TagThe OpenDS development team is very happy to announce the immediate availability of OpenDS 2.2.0.

The Sun team is also announcing the release of Sun OpenDS Standard Edition 2.2, a commercial offering based on OpenDS 2.2.0.

OpenDS is an LDAPv3 compliant directory service written entirely in Java. With less than 5 months since the availability of OpenDS 2.0, the new release brings several new features and enhancements :

  • New scalable Import and Indexing feature allows to import 10 M entries in less than a half hour
  • External Changelog is activated with Replication to search and retrieve data updates
  • Fractional Replication, to specify which attributes to include or exclude in replication
  • Extensible matching rules for date and time based attributes to define time based access control rules
  • Support for custom syntaxes based on substitutions, regular expressions or enumerations
  • Remote server management in the Control Panel
  • Improved replication management and grouping, tested with up to 8 masters
  • Recurrent Tasks in the Control Panel to automate backups
  • Dsconfig script friendly mode

OpenDS 2.2.0 is the promotion of OpenDS 2.2.0-RC4, built with revision 6181 of the b2.2 branch, to stable status.

You can download it as a Zip file or install it now with the Java WebStart Installer.

As with previous stable releases, we’ve taken a snapshot of the documentation wiki. Links are still being verified and some screenshots might be updated in the coming days, but the content is complete.

You can find more information about OpenDS 2.2 in the release notes. And if you’re considering deploying in production and you’re looking for support options, please check Sun OpenDS Standard Edition 2.2, built on the same code.

I’d like to thank all the members of the community who have helped us to make OpenDS 2.2 a better release, and especially those who helped with translations : Marek Roszkowski and Bartłomiej Pelc for the Polish translation, Christian Brennsteiner for the German one, and all those who have created issues in the Issue Tracker : crstop, robdale, ajangity, swtet2003, soonleong, stroeder, ogr. My thanks are also going to the chatters on the IRC channel that are providing enormous feedback.

New features and enhancements have already been committed on the trunk and are available for test in daily builds. Please check the OpenDS roadmap for more details on coming features, and possible contribute to it.

Technorati Tags: , , , ,

Securing JBoss JMX console with OpenDS

LudoLeave a comment

Steve Millidge, founder of C2B2, has just published a nice and illustrated step by step tutorial for securing JBoss JMX console with LDAP and more specifically the OpenDS directory server. Similar steps could be used to secure all the different subsystems in JBoss, as illustrated in this already 2 years old tutorial about JBoss Portal, OpenSSO and OpenDS.

Technorati Tags: , , , , , ,

OpenDS 2.2.0 Release Candidate 4 is now available

Ludo1 Comment

Opends Logo TagLast week, the OpenDS 2.2.0 Release Candidate 4 has been made available on our website. This new release candidate was mostly done to accommodate with some late changes to messages being localized, and give more time for testing to OpenDS 2.2 and the Sun branded product based on it.

OpenDS 2.2.0-RC4 is built from revision 6147 of the b2.2 branch of the source tree.

The direct link to download the core server is: http://www.opends.org/promoted-builds/2.2.0-RC4/OpenDS-2.2.0-RC4.zip

The direct link to download the DSML gateway is: http://www.opends.org/promoted-builds/2.2.0-RC4/OpenDS-2.2.0-RC4-DSML.war

We have also updated the archive that may be used to install OpenDS via Java Web Start. You may launch that using the URL http://www.opends.org/promoted-builds/2.2.0-RC4/install/QuickSetup.jnlp, or visit https://www.opends.org/wiki/page/OverviewOfTheQuickSetupTool for more information.

Detailed information about this build is available at http://www.opends.org/promoted-builds/2.2.0-RC4, including the detailed change log

Major changes incorporated since OpenDS 2.2.0-RC3 include:

  • Revision 6150 (Issue #4355) – Fixes a caching issue with the Control Panel when aborting a search
  • Revisions 6156, 6160, 6172 (Issue #4358, #4329, #4340) – Resolve several issues with the External Change Log at initialization or shutdown
  • Revision 6181 (Issue #4325) – Resolves an issue with values of Enumeration Syntax not being case insensitive in Add or Modify operations

Technorati Tags: , , , , , , ,

OpenDS 2.2.0 Release Candidate 3 is now available

Ludo2 Comments

Opends Logo TagThe OpenDS development team is very pleased to announce the immediate availability of OpenDS 2.2.0-RC3.

OpenDS 2.2 offers the following new features from OpenDS 2.0 :

  • Scalable import and indexing
  • External changelog compliant with the Internet-Draft "Definition of an Object Class to Hold LDAP Change Records", draft-good-ldap-changelog-04.txt
  • Fractional replication
  • Extensible matching rules for time base attributes
  • Support for custom syntaxes based on substitution, regular expressions or enumeration
  • Remote server management in control panel
  • Recurrent tasks in control Panel
  • Default automatic Backup in the control panel
  • Separation of LDAP Servers and Replication Servers for replication
  • Ability to merge disjoint replication topologies
  • Dsconfig script friendly mode

The purpose of the Release Candidate is to solicit one last round of testing before the final release. So please test the OpenDS release with your client applications, in your environment or on your favorite platform.

If you do find a bug, please report it with Issue Tracker.

We welcome feedback. Please report you experience with OpenDS on our mailing lists, or on #opends IRC channel on Freenode.

OpenDS 2.2.0-RC3 is built from revision 6147 of the b2.2 branch of the source tree.

The direct link to download the core server is: http://www.opends.org/promoted-builds/2.2.0-RC3/OpenDS-2.2.0-RC3.zip

The direct link to download the DSML gateway is: http://www.opends.org/promoted-builds/2.2.0-RC3/OpenDS-2.2.0-RC3-DSML.war

We have also updated the archive that may be used to install OpenDS via Java Web Start. You may launch that using the URL http://www.opends.org/promoted-builds/2.2.0-RC3/install/QuickSetup.jnlp, or visit https://www.opends.org/wiki/page/OverviewOfTheQuickSetupTool for more information.

Detailed information about this build is available at http://www.opends.org/promoted-builds/2.2.0-RC3, including the detailed change log

Major changes incorporated since OpenDS 2.2.0-RC2 include:

  • Revision 6100 (Issue #4337) – Resolves an issue in which importing large LDIF files would consume a lot of disk space
  • Revision 6102 (Issue #4298) – Fixes a problem with Replication changelog that could grow out of bound
  • Revisions 6108, 6123 (Issue #4283) – Resolves an issue in the Control Panel when adding operational attributes to an entry
  • Revision 6109 (Issue #4292) – Changes the Control Panel to abandon the systematic use of the ManageDSAIT Control
  • Revision 6111 (Issue #4264) – Fixes an issue in the Control Panel when doing multiple modifications on a single entry
  • Revision 6113 (Issue #4302) – Fixes unexpected errors in the Control Panel Manage Entries screen with concurrent searches
  • Revision 6117 (Issue #4322) – Provides a way in the Control Panel to rebuild all indexes
  • Revision 6118 (Issue #4328) – Resolves an issue where the Control Panel would freeze on Ubuntu
  • Revision 6119 (Issue #4332) – Resolves an issue on Windows with installation path names containing spaces
  • Revision 6120 (Issue #4269) – Fixes a problem with the External Changelog changenumber not being reset when the database was re-initialized
  • Revision 6122 (Issue #4296) – Publishes External Changelog base DN in the root DSE entry
  • Revision 6126 (Issue #4350) – Changes the way replication domain names are created with the dsreplication utility
  • Revision 6129, 6147 (Issue #4336) – Changes the Control Panel to provide the ability to refresh the suffix and entries in the Manage Entries window
  • Revision 6131 (Issue #4335) – Fixes the way scrolling works in the Control Panel
  • Revision 6134 (Issue 4293) – Resolves issues when verifying newly created indexes
  • Revision 6138 (Issue 4338) – Changes the default Global Access Controls to provide better secure by default permissions for users to update their own entry

Technorati Tags: , , , , , , ,

OpenDS in Polish

LudoLeave a comment

PolandflagPavel Heimlich just announced today, on the project users mailing list that the OpenDS project is now (partly) localized in Polish. Translation of the messages for the command line tools has been contributed by 2 members of the Polish OpenDS Community : Bartłomiej Pelc and Marek Roszkowski. Many thanks from the development team to both of you.

This is the 6th localization of OpenDS that is shipping. Other languages are still work in progress : Italian, Serb, Portuguese, Korean… If you want to contribute, it’s easy: Join the project as a Contributor, and create your account of the Community Translation Interface. The project is currently named OpenDS 2.3easy (it’s a subset of the whole OpenDS messages, leaving out the server error messages).

The Polish translation files are available in the latest daily build. If you want to turn of Polish localization or try some other language, check the tip for enabling / disabling specific language. If you find any problem with the translations, please let us know. You can either file an issue in the Issue Tracker, or send an email on the localization and internationalization mailing list : g11n (at) opends.dev.java.net.

Technorati Tags: , , , ,

OpenDS Silent install

LudoLeave a comment

Opends Logo TagOne of the things we’re the most proud of in the OpenDS project is the simplicity of installation and initial configuration, thanks to the Java Web Start QuickSetup installer. We say that you can download, install and configure OpenDS to run on your machine in less than 3 minutes and 6 clicks.

But OpenDS can also be downloaded as a Zip and installed with the setup program, which can be either graphical or in command line and even used in silent mode.

The OpenDS community is often full of resources and Lucas Rockwell pointed out to his script for downloading and installing OpenDS automatically. I’ve taken the liberty to improve his idea and show it here :

#!/bin/sh

# This is the OpenDS version number to install

if [ -z “$1” ]
then
VER=2.2.0
else
VER=$1
fi

# Download with curl or wget, uncomment the preferred download method
curl -O http://www.opends.org/promoted-builds/${VER}/OpenDS-${VER}.zip
# wget -nd http://www.opends.org/promoted-builds/${VER}/OpenDS-${VER}.zip

unzip OpenDS-${VER}.zip

cd OpenDS-${VER}/

# Some possible option change :
# Replace -d 20 (generate sample data with 20 entries) with -a (create
# top entry) or -l <ldifFile> (load data from the LDIF file)
# Change -w “secret12” with -j /tmp/me/passwordfile to avoid hardcoded
# cleartext password
# Add -O to avoid starting the server after install
# Add -Q for a quiet install
# ./setup –help for more information on options

./setup –cli -n -b “dc=example,dc=com” -d 20 -p 1389 \
–adminConnectorPort 4444 -D “cn=Directory Manager” \
-w “secret12” -q -Z 1636 –generateSelfSignedCertificate

As you can see, it’s really trivial and it does the work from a few seconds to a few minutes depending on the speed of your internet connection.

The script can be downloaded here.

Have fun !

Technorati Tags: , , , ,

What’s new in Sun Directory Server Enterprise Edition 7 ?

LudoLeave a comment

Did you attend the event I talked about last week ? Remember, it was a webinar about Sun DSEE 7 and Role Manager 5.

Well, if you could not attend the webinar, you can watch it now, or download the video. The slides are also available.

Enjoy.

Technorati Tags: ,

Enumeration based attributes in LDAP

Ludo7 Comments

Yesterday I’ve explained how to restrict LDAP attribute values using Regular Expression based syntaxes, with the OpenDS directory server. There is another use case for restricting attribute values: when there is an enumerated list of possible values. It’s possible to define finite list of values as a regular expression, but as we wanted to be able to provide additional values, we added in OpenDS the ability to define Enumeration based syntaxes, and we implemented it as a syntax definition extension as well.

Here’s an example of use of an Enumeration syntax for the day of the week. Let’s first define and load the syntax in the OpenDS directory server’s schema :

$ bin/ldapmodify -D cn=directory\ manager -p 1389

Password for user ‘cn=directory manager’:

dn: cn=schema

changetype: modify

add: ldapsyntaxes

ldapSyntaxes: ( 1.3.6.1.4.1.32473.4 DESC ‘Day Of The Week’

X-ENUM ( ‘monday’ ‘tuesday’ ‘wednesday’ ‘thursday’

‘friday’ ‘saturday’ ‘sunday’ ) )

Processing MODIFY request for cn=schema

MODIFY operation successful for DN cn=schema

^D

Let’s use the syntax in an attribute, itself used in an object classes:

$ bin/ldapmodify -D cn=directory\ manager -p 1389

Password for user ‘cn=directory manager’:

dn: cn=schema

changetype: modify

add: attributetypes

attributetypes: ( 1.3.6.1.4.1.32473.5 NAME ‘test-attr-enum’

SYNTAX 1.3.6.1.4.1.32473.4 )



add: objectclasses

objectclasses: ( 1.3.6.1.4.1.32473.6 NAME ‘testOCenum’ SUP top

AUXILIARY MUST test-attr-enum)

Processing MODIFY request for cn=schema

MODIFY operation successful for DN cn=schema

^D

Let’s create a test entry :

$ bin/ldapmodify -D cn=directory\ manager -p 1389

Password for user ‘cn=directory manager’:

dn: cn=TestEntry,dc=example,dc=com

changetype: add

sn: TestEntry

cn: TestEntry

objectclass: Person

Processing ADD request for cn=TestEntry,dc=example,dc=com

ADD operation successful for DN cn=TestEntry,dc=example,dc=com

^D

And now, let’s make use of the newly created schema objects with that test entry :

$ bin/ldapmodify -D cn=directory\ manager -p 1389

Password for user ‘cn=directory manager’:

dn: cn=TestEntry,dc=example,dc=com

changetype: modify

add: objectclass

objectclass: testOCenum



add: test-attr-enum

test-attr-enum: monday

Processing MODIFY request for cn=TestEntry,dc=example,dc=com

MODIFY operation successful for DN cn=TestEntry,dc=example,dc=com

^D

But if the value isn’t part of the enumeration, it gets rejected :

$ bin/ldapmodify -D cn=directory\ manager -p 1389

Password for user ‘cn=directory manager’:

dn: cn=TestEntry,dc=example,dc=com

changetype: modify

replace: test-attr-enum

test-attr-enum: Lundi

Processing MODIFY request for cn=TestEntry,dc=example,dc=com

MODIFY operation failed

Result Code: 21 (Invalid Attribute Syntax)

Additional Information: When attempting to modify entry cn=TestEntry,dc=example,dc=com to replace the set of values for attribute test-attr-enum, value "Lundi" was found to be invalid according to the associated syntax: The provided value "Lundi" cannot be parsed because it is not allowed by enumeration syntax with OID "1.3.6.1.4.1.32473.4"

$

The enumeration syntaxes, like the regular expression one, matches like a DirectoryString, that is matches using CaseIgnoreMatch equality rule.

$ bin/ldapsearch -p 1389 -D cn=directory\ manager -w secret12 \

-b "dc=example,dc=com" ‘(test-attr-enum=Monday)’

dn: cn=TestEntry,dc=example,dc=com

objectClass: Person

objectClass: top

objectClass: testOCenum

test-attr-enum: monday

cn: TestEntry

sn: TestEntry

But the biggest advantage of the Enumeration syntax is the ability to use Ordering match, which is not based on strings, but on the order of the enumerated values in the syntax definition. So "Monday" is lower than "Tuesday" which is lower than "Wednesday"…

$ bin/ldapsearch -p 1389 -D cn=directory\ manager -w secret12 \

-b "dc=example,dc=com" ‘(test-attr-enum<=Thursday)’

dn: cn=TestEntry,dc=example,dc=com

objectClass: Person

objectClass: top

objectClass: testOCenum

test-attr-enum: monday

cn: TestEntry

sn: TestEntry

I hope you will find this useful and make use of these syntaxes. To do so, you need to download and install OpenDS 2.2 Release Candidate 1 (or higher).

And if you have additional requirements with syntaxes, I’d be happy to hear about them.

Technorati Tags: , , , ,

Regular Expression based attributes in LDAP

Ludo1 Comment

One of the question that I get frequently asked when discussing with customers or coworkers about defining custom schema and attributes, is how to restrict the values that can be set to an attribute. From a pure LDAP standard point of view, you would need to define a new syntax and describe the valid values. Then you would need to check with the directory server’s vendor or discuss with the open source developers to get the syntax implemented in the server, either in the core product, or as a plug-in extension. In the end, the easy choice goes to use a standard syntax (like DirectoryString) and let all client applications validate the values.

In OpenDS, we’ve choose another option. We have added support for regular expression based syntaxes, and implemented this as a syntax definition extension.

So in order to define, for example, an attribute whose values must be in the form of host:port, you simply need to define a new syntax for it with the regular expression pattern and load it in the server’s schema:

$ bin/ldapmodify -D cn=directory\ manager -p 1389

Password for user ‘cn=directory manager’:

dn: cn=schema

changetype: modify

add: ldapsyntaxes

ldapSyntaxes: ( 1.3.6.1.4.1.32473.1

DESC ‘Host and Port in the format of HOST:PORT’

X-PATTERN ‘^[a-zA-Z][.a-zA-Z0-9-]+:[0-9]+$’ )

Processing MODIFY request for cn=schema

MODIFY operation successful for DN cn=schema

^D

And then you can make use of the newly defined syntax in attributes.

$ bin/ldapmodify -D cn=directory\ manager -p 1389

Password for user ‘cn=directory manager’:

dn: cn=schema

changetype: modify

add: attributetypes

attributetypes: ( 1.3.6.1.4.1.32473.2 NAME ‘test-attr-regex’ SYNTAX 1.3.6.1.4.1.32473.1 )



add: objectclasses

objectclasses: ( 1.3.6.1.4.1.32473.3 NAME ‘testOCregex’ SUP top AUXILIARY MUST test-attr-regex)

Processing MODIFY request for cn=schema

MODIFY operation successful for DN cn=schema

^D

Let’s create a test entry

$ bin/ldapmodify -D cn=directory\ manager -p 1389

Password for user ‘cn=directory manager’:

dn: cn=TestEntry,dc=example,dc=com

changetype: add

sn: TestEntry

cn: TestEntry

objectclass: Person

Processing ADD request for cn=TestEntry,dc=example,dc=com

ADD operation successful for DN cn=TestEntry,dc=example,dc=com

^D

And now make use of this new attribute and objectclass:

$ bin/ldapmodify -D cn=directory\ manager -p 1389

Password for user ‘cn=directory manager’:

dn: cn=TestEntry,dc=example,dc=com

changetype: modify

add: objectclass

objectclass: testOCregex



add: test-attr-regex

test-attr-regex: localhost:1389

Processing MODIFY request for cn=TestEntry,dc=example,dc=com

MODIFY operation successful for DN cn=TestEntry,dc=example,dc=com

^D

$ bin/ldapmodify -D cn=directory\ manager -p 1389

Password for user ‘cn=directory manager’:

dn: cn=testentry,dc=example,dc=com

changetype: modify

replace: test-attr-regex

test-attr-regex: foobar.com

Processing MODIFY request for cn=testentry,dc=example,dc=com

MODIFY operation failed

Result Code: 21 (Invalid Attribute Syntax)

Additional Information: When attempting to modify entry cn=testentry,dc=example,dc=com to replace the set of values for attribute test-attr-regex, value "foobar.com" was found to be invalid according to the associated syntax: The provided value "foobar.com" cannot be parsed as a valid regex syntax because it does not match the pattern "^[a-zA-Z][.a-zA-Z0-9-]+:[0-9]+$"

It’s simple and efficient. But wait there’s more to come, tomorrow.

Technorati Tags: , , , ,

A Must Event : “What’s new in DSEE 7 and Role Manager 5” webinar !

LudoLeave a comment

On Wednesday October 21, 2009 at 8:00am PST, Nick Wooler, product manager for Directory Services, and Neil Ghandi, Role Manager Technical Product Manager will be giving an overview of some of the great features that exist in the new releases of Sun Directory Server Enterprise Edition and Sun Role Manager.

Here are a few highlights:

What’s New with Directory Server EE 7.0

  • Boosts speed and performance: DSEE 7.0 has been optimized to improve performance of some operations by more than 3x the current version. In addition, this release provides hardware optimization with up to 60% improvement in authentications and modifications.
  • Reduces Total Cost of Ownership– Reduce cost by using the only solution in the market that provides customers with a directory server, virtual directory, proxy server, web console and Active Directory synchronization tool-kit under a single license.
  • Hassle Free Upgrade – DSEE 7.0 provides a simple upgrade path and provides 5x performance improvement in data import times, thereby reducing migration costs.

What’s New with Role Manager 5.0

  • 360 Degree View of Assigned Access – A unified view of data related to user access that empowers reviewers to make more intelligent decisions concerning users access.
  • Closed-loop Remediation – A complete end-to-end solution for reviewing user access and removing inappropriately assigned access.
  • Rule Life-cycle Management – The first solution for managing the complete life-cycle of role assignment and SoD audit rules.

Register now for the webinar and you will learn more about the releases and what business problems they solve in your enterprise.



Webinar

Improve Compliance, Access Controls, and Performance with Sun’s Latest Releases of Role Manager and DSEE

Wedneday October 21, 2009

10:00am PDT / 1:00pm EDT / 19:00 CET

One Hour

Technorati Tags: , , , ,

Tip on OpenDS localization and error messages…

LudoLeave a comment

The OpenDS LDAP directory server is localized by default in many different languages, thanks to our community.

All (well we try) messages from the client tools, command lines or graphical, are translated in Chinese (Simplified and Traditional), German, French, Japanese, Korean and Spanish (and soon Polish). But the server error messages are also localized, and the OpenDS directory server picks up the current locale of the process owner to choose in which language to print them.

Not everyone wants to have the server error messages in their own language, especially in distributed or international teams. There is a way to make sure the server always uses English as the language for the message, regardless of who starts it, and it’s very simple (thanks to Josu for reminding me how to do it 😉 ):

Edit the java.properties file (from the config/ directory) and append the following to the start-ds.java-args line:

-Duser.language=en -Duser.country=US

Example:

start-ds.java-args=-server -Xms128m -Xmx256m -Duser.language=en -Duser.country=US

Now run the dsjavaproperties command and restart the server.

Et voila ! All in English.

Technorati Tags: , , , , , ,

OpenDS 2.2.0 Release Candidate 1 is now available

Ludo1 Comment

Opends Logo TagThe OpenDS development team is very pleased to announce the immediate availability of OpenDS 2.2.0-RC1 which is the first release candidate for OpenDS 2.2.

OpenDS 2.2 offers the following new features from OpenDS 2.0 :

  • Scalable import and indexing
  • External changelog compliant with the Internet-Draft "Definition of an Object Class to Hold LDAP Change Records", draft-good-ldap-changelog-04.txt
  • Fractional replication
  • Extensible matching rules for time base attributes
  • Support for custom syntaxes based on substitution, regular expressions or enumeration
  • Remote server management in control panel
  • Recurrent tasks in control Panel
  • Default automatic Backup in the control panel
  • Separation of LDAP Servers and Replication Servers for replication
  • Ability to merge disjoint replication topologies
  • Dsconfig script friendly mode

We’ve also captured a first snapshot of the OpenDS 2.2 documentation and hosted it on it’s own wiki: https://docs.opends.org/2.2/. The documentation is not complete yet, but will be almost at the same time we will do the final release of OpenDS 2.2.

The purpose of the Release Candidate is to solicit one last round of testing before the final release. So please test the OpenDS release with your client applications, in your environment or on your favorite platform.

If you do find a bug, please report it with Issue Tracker.

We welcome feedback. Please report you experience with OpenDS on our mailing lists, or on #opends IRC channel on Freenode.

OpenDS 2.2.0-RC1 is built from revision 5941 of our source tree.

The direct link to download the core server is: http://www.opends.org/promoted-builds/2.2.0-RC1/OpenDS-2.2.0-RC1.zip

The direct link to download the DSML gateway is: http://www.opends.org/promoted-builds/2.2.0-RC1/OpenDS-2.2.0-RC1-DSML.war

We have also updated the archive that may be used to install OpenDS via Java Web Start. You may launch that using the URL http://www.opends.org/promoted-builds/2.2.0-RC1/install/QuickSetup.jnlp, or visit https://www.opends.org/wiki/page/OverviewOfTheQuickSetupTool for more information.

Detailed information about this build is available at http://www.opends.org/promoted-builds/2.2.0-RC1, including the detailed change log

Major changes incorporated since OpenDS 2.1.0-build002 include:

  • Revisions 5870, 5888 (Issue #4181) – Resolves a Null pointer exception in DSML Gateway with specific substring search filters
  • Revision 5871 (Issue #4217) – Fixes an issue with ACI containing parenthesis in the description field
  • Revision 5874 – Improves the rebuild-index processing for performances
  • Revision 5880 (Issue #4252) – Fixes a replication issue between OpenDS 2.1/2.2 and OpenDS 2.0
  • Revision 5883 (Issue #4203) – Fixes an issue where restore -l (list the available backups) would exit with return code 1
  • Revision 5926 (Issue #4257) – Fixes an error raised when deleting recurrent tasks

Technorati Tags: , , , , , , ,