Skip to content

LDAP, Mark Spencer and Asterisk

AsteriskOpenLDAPOpen SourceSuretec In Interview With Asterisk Founder, Mark Spencer:

3) What improvements would you personally like to see in any upcoming releases? Perhaps Active Directory or LDAP[?] integration?

LDAP, Clustering Events, and Video are three areas I'm especially interested in in terms of the core of the software. I'm also interested in ways to make Asterisk even more approachable for new developers of either core functionality or new systems utilizing Asterisk.


Suretec agree and are trying to help.

[...]I think a low-cost Asterisk unified communications solution is a perfect opportunity for Digium. Thus, perhaps something called Asterisk UC Edition might be a good name. Your thoughts on this idea?

[....]we want the core of Asterisk to remain Open Source and as such encourage the development of Open Source technologies wherever possible. I believe it would be foolish to attempt to make Asterisk's innovation only available as a proprietary product when clearly it is its Open Source foundation that made it so successful and continues to do so[...]


Excellent to hear!


[...]Mark didn't take my idea of offering a "premium" UC (closed) version of Asterisk, that I felt would give Digium a potentially strong revenue source, I found it very fascinating that Mark continues to hold the "open source" mantra flag high. This only re-confirms Mark's (& Digium's) strong commitment to keeping Asterisk 100% open source that Mark stressed to me[...]


Of course, as it should.

I have to commend Digium for sticking to their 100% open source guns, but honestly, I don't think anyone would begrudge them if they copied the SugarCRM/MySQL/Movable Type model where they offered an open source version and a premium (closed) version. Ok, maybe some open source zealots would.


Suretec would, as would everyone else. Keep it 100% Open Source.

Flexi Time Manager Shortlisted for National Business Award

CatalystLinuxOpen SourcePerlPostgreSQLSuretec Flexi Time Manager "in the pink" after shortlisting for National Business Award

Entrepreneur Louise Wreathall has been shortlisted for the ‘Best Mumpreneur’ award at the National mother@work awards 2008. Louise, creator of Flexi Time Manager, which offers an online flexi time recording service, launched her business last year and has seen it go from strength to strength. She will attend a reception at 11 Downing Street on 18th June, where the winners will be announced.

Louise says, “Being shortlisted for this award means so much to me. Of course I’d be thrilled to win, but reaching the final stage itself shows that my work in getting the business where it is today has paid off.”

As a working mother who returned to work after a career break, Louise knows how important flexi time can be. Working in the HR department of a charitable organisation, she was responsible for administering a time consuming flexi time system for 30 staff, using scraps of paper and mental arithmetic to calculate hours worked. When staff numbers doubled, she knew something had to change, and set about creating an electronic timesheet system. By 2005, Louise had set up the business and set about trialling her own online time management system. With the help of Enterprise North East Trust, and local networks Women Into Business and Aberdeen Entrepreneurs, she learned the fundamentals of business management, finally launching the fully tested web application in November 2007.


Suretec designed and implemented the Flexi Time Manager Solution.

Solutions for creating a Samba4 OpenLDAP backend

OpenLDAPOpen SourceSamba Things are looking better for the future of Samba and OpenLDAP working together:


If we get this much done, then I think Samba4 and OpenLDAP can continue
the forward march. I look forward to having Samba4 'powered by
OpenLDAP', because without it (or a Fedora DS backend, with whom I'm
having a similar discussion) Samba4 does not have a replicated
deployment modal.

[asterisk-biz] Open letter to digium, asterisk developers and consultants

AsteriskOpen Source There an interesting thread going on just now over on the Asterisk Business List:

I am writing this letter to Digium and all those that use or develop
software for Asterisk. Asterisk is released under a dual license, the
one I will focus on is the GPL license.

Digium maintains a trademark on the word Asterisk, along with other
words. The trademark policy they have forbids marketing a product with
the asterisk word if it is not "Genuine Digium Software". If you modify
software, apply a patch, add 3rd party modules, this trademark policy
prevents you from distributing that software saying that its based on
asterisk, or even using the name asterisk within the program.


The most interesting part is that there is an unofficial response from Digium's john Todd and an official one coming:

I would agree that we have failed to make this as obvious as we
should, and that will be a topic of discussion and possibly
clarification in the document. Our intention has never been to lock
the word "Asterisk" so that it is impossible to use - that is not our
goal, nor is it possible legally. If you are a consultant who works
with Asterisk, by all means please put that on your website and in
your CV! We encourage that type of use; it broadens the Asterisk
ecosystem. Using the word "Asterisk" in a statement of factual use
is not prohibited - you can say "My company works on developing code
and systems which utilize Asterisk." However, when it becomes used
as a descriptive term such as "Asterisk Enabled" then that does seem
like it is an infringing use. More on this in the follow-up reply to
this soon to come.


We'll keep you posted on just how you can use the word Asterisk® ;-)

OpenLDAP 2.4.10 Released

OpenLDAP Grab 2.4.10 whilst it's hot!

A must upgrade for Syncrepl and Multi-Master users (new docs too!):

OpenLDAP 2.4.10 Release (2008/06/08)
Fixed libldap file descriptor leak with SELinux (ITS#5507)
Fixed libldap ld_defconn cleanup if it was freed (ITS#5518, ITS#5525)
Fixed libldap msgid handling (ITS#5318)
Fixed libldap t61 infinite loop (ITS#5542)
Fixed libldap_r missing stubs (ITS#5519)
Fixed slapd initialization of sr_msgid, rs->sr_tag (ITS#5461)
Fixed slapd missing termination of integerFilter keys (ITS#5503)
Fixed slapd multiple attrs in URI (ITS#5516)
Fixed slapd sasl_ssf retrieval (ITS#5403)
Fixed slapd socket assert (ITS#5489)
Fixed slapd syncrepl cookie (ITS#5536)
Fixed slapd-bdb/hdb MAXPATHLEN (ITS#5531)
Fixed slapd-bdb indexing in single ADD/MOD (ITS#5521)
Fixed slapd-ldap[?] entry_get() op-dependent behavior (ITS#5513)
Fixed slapd-meta quarantine crasher (ITS#5522)
Fixed slapo-refint to allow setting modifiers name (ITS#5505)
Fixed slapo-syncprov contextCSN[?] passing on syncprov consumers (ITS#5488)
Fixed slapo-syncprov csn update with delta-syncrepl (ITS#5493)
Fixed slapo-syncprov op2.o_extra reset (ITS#5501, #5506)
Fixed slapo-syncprov searching wrong backend (ITS#5487)
Fixed slapo-syncprov sending ops without queued CSNs (ITS#5465)
Fixed slapo-syncprov max csn search on startup (ITS#5537)
Fixed slapo-unique config structs (ITS#5526)
Fixed slapo-unique filter terminator (ITS#5511)
Documentation
Add search privileges documentation (ITS#5512)
admin24 security document updates (ITS#5524)

LDAP Roundup

OpenLDAPOpen Source Some interesting reading in the LDAP[?] Sector tonight that is worth noting:

- Excel LDAP Search 0.56

This is actually pretty cool. Does OpenOffice.org have one? Almost.



- Windows Server 2008 - Active Directory certified for the BC-LDAP-USR Directory Interface for User Management

I find this post funny, as SAP already say "SAP's directory interface lets you consolidate user data from SAP systems with data from directories that implement the Lightweight Directory Access Protocol (LDAP)."

Active Directory, implement LDAP? They don't even get it right with ADAM[?].

So why is it certified when any Directory Server will do?



- OpenLDAP Configuration Automation

Why is this interesting? Well it's already on an OpenLDAP TODO list.



- Six Questions on building Identity Enabled Applications...

Here some quick answers, I'm sure others will have deeper replies:

- Protocols:Nowadays, the folks over at the Burton Group such as Bob Blakely, Dan Blum and Gerry Gebel have put together the most wonderful XACML interoperability events. The question that isn't addressed is if I am building an enterprise application from scratch, should I XACML-enabled, think about integrating with STS, stick to traditional LDAP invocation or something else?


I would ask what problem is the application addressing? What protocols are actually needed for it to provide a solution and what does the customer want?

Anyway, I'm not sure how industry wide XACML has been adopted (that's mainly due to my lack of exposure to it and doesn't imply that it's not), but LDAP isn't going anywhere.


- Virtual Directories: What role should a virtual directory play in an Identity metasystem? Should virtual directory be a standalone product in the new world and simply be a feature of an STS? If an enterprise were savage in consolidating all directory information into Active Directory, why would I still need virtualization?


Point by point: Virtual Directories help with data consolidation, that is their role. I think yes, standalone where it is needed. I don't think any enterprise should be that dumb.

- Entitlements: One missing component of the discussion is authorization and their is somewhat too much focus on identity. Consider the scenario where if you were to ask my boss if I am still an employee, he would say yes as he hasn't fired me yet. Likewise, if you ask him what are all of the wonderful things I can access within the enterprise, he would say that he has no freakin clue, but as soon as you figure it out, please let him know. Honestly, even in my role, there are probably things that I can do but shouldn't otherwise have access to. So, the question becomes how come the identity conversation hasn't talked about any constructs around attestation and authorization?


I think because it always comes down to what the application is trying to do and the fact that these applications tend to do it all internally. There's more discussion over at SAML and Federated Identity Part 2 - Identity Management


- Workflow: Have you ever attempted to leave a comment on Kim Cameron blog? You will be annoyed with the registration/workflow aspects. The question this raises in my mind is what identity standards should exist for workflow? There are merits in this scenario for integrating with the OASIS SPML standard, but I can equally see value in considering BPEL as well.


I think there are too many XXXL all seem similar BPEL and SPML. Trying to keep up with these let alone write applications that use them would be a nightmare.

- Education: Right now the conversation regarding identity is in the land of geeks and those who are motivated to read specifications. There is a crowd of folks who need things distilled, the readers digest version if you will. Traditionally, this role is served by industry analysts such as Gartner and Forrester. What would it take for this guys to get off their butts and start publishing more thoughtful information in this space?


Time, Money? Won't it still be the geeks that read them anyway? The people that make the decisions don't have time ;-)

- Conferences: When do folks think that the conversation about identity will occur at other than identity/security conferences? For example, wouldn't it have been wonderful if Billy Cripe, Craig Randall and Laurence Hart where all talking about the identity metasystem in context of ECM?


Sometimes it's hard to talk in the short time conferences last. What do you suggest? Maybe worth trying to get the ball rolling.


That's all I have time for tonight, not much but something for a quick read.

Gavin.

Warning: Use of undefined constant CHARSET_NATIVE - assumed 'CHARSET_NATIVE' (this will throw an Error in a future version of PHP) in /home/suretecsystems/www/blog/serendipity_config.inc.php on line 182
tweetbackcheck