Paul Dhanjal

ZDNet - Short Clip: Identity management in times of disaster.

Steve Cooper says it like it is as he discusses IdM challenges for the American Red Cross. His comment about moving between his offices in different locations highlights a real problem - even for CIOs.

Plone is a ready-to-run open source content management system that is built on the powerful and free Zope application server. Plone is easy to set up, extremely flexible, and provides you with a system for managing web content that is ideal for project groups, communities, web sites, extranets and intranets.

Read more on the features of Plone 3.0.

Mark your calendars - Aug 29, 2007 8:00am PT.

From Liberty Alliance Webcast site:

Noted author Rakesh Radhakrishnan, an IT architect with Sun, joins us to present the second in a series of webcasts exploring the intersection of Identity Management with SOA. Based on experiences Rakesh has had working in the teleco sector, Rakesh will explore the strategic significance, market requirements and all the potential possibilities of leveraging Standards based Identity Systems for an Enterprise IT environment (& Enterprise Architecture) and Telecommunication environment to provide a pragmatic view for the future in network convergence and converged services based on Service Oriented Architecture.

Password for call-in information is at bottom of page.

So much for a “painless” install of Sol10!

I just spent the entire morning trying to get my Solaris 10 system working. Usually these things don’t take too much time but I was having a hardware issue with my built-in network adapter. My Intel Pro 10/100VE device that wasn’t being recognized by the OS and it turns out, there’s a great post on the SUN Forums which basically involves the following:

prtconf -pv | less

Find your “Ethernet controller” entry which looks something like this:

Node 0×000019
compatible: ‘pci8086,27dc.1028.1ab.1‘ + ‘pci8086,27dc.1028.1ab’
+ ‘pci1028,1ab’ + ‘pci8086,27dc.1′ + ‘pci8086,27dc’
model: ‘Ethernet controller‘
power-consumption: 00000001.00000001
fast-back-to-back:
devsel-speed: 00000001
interrupts: 00000001
max-latency: 00000038
min-grant: 00000008
subsystem-vendor-id: 00001028
subsystem-id: 000001ab
unit-address: ‘8′
class-code: 00020000
revision-id: 00000001
vendor-id: 00008086
device-id: 000027dc
name: ‘pci1028,1ab’

Add the compatible value (I used pci8086,27dc.1028.1ab.1) to your /etc/driver_aliases

Run devlinks then sys-unconfig et voilà!
Warning: sys-unconfig will revert the machine to its original configuration state.

Below was the news report from ONN on the outage.

.
It was in fact, a power outage. Pacific Gas and Electric Co. attributed Tuesday’s power outage to failed transmission line breakers at the company’s Martin substation on Bayshore Boulevard.The SUN pages were not spared. Ouch!

We all know the loss is probably in the millions (for being out for an hour) but in a way, this should be treated as a wakeup call to many companies who take their availability for granted. What a costly exercise in BCP!

Read the complete and real Forbes article here.

The first ever International LDAP Conference will be held this year in the lively German city of Cologne. LDAPCon 2007 is being hosted by the German Unix User Group (GUUG) and Open Services GmbH. (Sounds like a codename for a new form of Ecstasy.) Good news for all you GUUG, NLUUG, SUUG and UKUUG members - you get 20% off the registration fee!
I’ll skip this one however I will wait to see PDF slides from Ludo’s presentation. Good luck bro.

My colleagues asked me to share what little I know about SLAMD, the distributed load engine used in testing LDAP and other web services. SLAMD is a Java based SUN open source project currently owned by Neil Wilson who’s excellent blog cn=Directory Manager is packed with information about directory services. SLAMD is very powerful and can be used to stress test a variety of web application including AM, SiteMinder, AD, POP, IMAP, and HTTP services. For the time being, it appears that Neil and the team’s current focus appears to be OpenDS - the all Java Open Source Directory Server. More on that later but for now, let’s do a simple deploy.

Server Setup

To get started with SLAMD download the latest version which is 2.0.0 Alpha 1 from the site (the Alpha’s been out for more than a year now). Earlier version of SLAMD required a separate LDAP server to store jobs and configuration data. The latest alpha now has an embedded Berkley DB and can be deployed as a WAR file or standalone with the Tomcat server. Installation is very straightforward. Simply download the main files and extract. You will notice the Full Distro contains everything – web container, backend db, SLAMD server, and clients.

If you are using the WAR file as I did, you’ll need to add the following entry to server.xml in your Tomcat server and restart it.

<!– SLAMD Context –>
<Context path=”/slamd” docBase=”slamd” debug=”0″>
</Context>

Once started you can access the page at:

http://localhost:8080/slamd

The main page is as shown below.

Client Setup

After editing slamd_client.conf you can kick off a few clients (start_client.sh) and see them in the server status page.

Prepping The Directory

Setting up a directory server for SLAMD may require adding a large set of test accounts which may not necessarily be in the same level of the DIT. If you have several levels of the LDAP tree and custom attributes for an organization, this may pose a problem for testing.

You will need create an LDIF accordingly. In this case, we’ve used MakeLDIF to create both the corp level branches and its sub level user accounts. MakeLDIF can be found in the tools directory or obtained from the SUN Directory Server SDK.

<INSERT MAKELDIF EXAMPLES>

Scheduling A Job

A quick glance at the “Schedule a Job” and you’ll get a taste for how powerful the tool is for testing.

<INSERT SCREENS - SHOW CONTEXT FOR JOB>

Closing Thoughts

Given that SLAMD stores bind credentials, it is wise to protect this page with an authentication scheme. You can even add the following lines to the Tomcat server.xml file:

<Realm className=”com.sun.slamd.realm.LDAPRealm”
ldapHost=”server.example.com”
ldapPort=”389″
bindDN=”"
bindPassword=”"
loginIDAttribute=”uid”
userBase=”ou=People,dc=example,dc=com”/>

You will also need to uncomment lines from webapps/slamd/WEB-INF/web.xml - they are specified in the file towards the end.

Conclusion

It’s ideal to create a job set which mimics the production environment with similar client behavior and load. All in all, SLAMD is a very powerful tool. It should be considered during any LDAP migration, patch release or simply for performance tuning and benchmarking for SLAs.

I had a chance to look at the highly anticipated iPhone at the Apple Store recently. I was very impressed with the screen quality. It’s just stunning to look at. I can’t say as much for the matte silver backing. I assume it’s for heat dissipation but it just looks cheap compared to the front.

It’s a device that fits nicely in your hand and the metal edge give a nice warm feeling that encourages the device to be caressed and will make any cell phone jealous. The transitions between applications is beautiful and it’s a nice multi-touch device - two fingers are used to zoom in and out of Google Maps. It’s truly a wonder that no single cell phone company ever made something so intuitive. I guess it takes an outsider to teach the boys like Nokia and Samsung how to play the game.

The only complaint was my difficulty in using the touch screen keyboard. Maybe my fingers are too big but it took me 30 seconds to type “facebook.com”. The rep assured me that it’s faster than a Blackberry but I found it hard to believe. I will give it another go next time I’m near the store but for now I’m holding out.

Another thing to note is that the device requires a 2YR activation with AT&T and current hacks such as the DVD Jon Activation Hack don’t allow you to use the phone on other providers such as T-Mobile.