Oracle Identity Manager Advanced Workshop

I spent the past three days at Oracle’s office in downtown Chicago working on the Oracle Identity Manager Advanced Workshop. Ananth Kini and Sid Choudhury from Oracle did a fine job explaining the product and it’s various use cases to us. Most of the time was allocated to working though extensive and applicable lab exercises … Continue reading “Oracle Identity Manager Advanced Workshop”

I spent the past three days at Oracle’s office in downtown Chicago working on the Oracle Identity Manager Advanced Workshop. Ananth Kini and Sid Choudhury from Oracle did a fine job explaining the product and it’s various use cases to us. Most of the time was allocated to working though extensive and applicable lab exercises where we were guided through tasks like putting new logos on the login page, customizing look and feel, configure prepopulate adapters, configuring and customizing notifications, extending an existing connector (provisioning), and developing, implementing, and testing a complete connector from scratch.

The class was offered to Oracle Partners for free and is the second workshop in the series. The basic workshop happened several months before (I wasn’t able to attend). Unfortunately, I won’t be able to post the contents of the workshop (you have to be a partner to get access to the content). If you’re an Oracle employee, you can download the lab exercises and virtual machines from an internal Oracle website (you’ll have to contact the IdM PM team to find out the site if you don’t already know it).

Overall, what I took away from the class are these thoughts:

  • Almost no one really uses OIM in the “standard” or “out-of-the-box” configuration. Every implementation will require extensive configuration and very likely, some customizations for look and feel.
  • A background in Java development or at least a strong understanding of programming and OO principles will be very helpful when navigating and using the OIM Design Console.
  • The hot deploy feature in OC4J is completely underrated. Our test environment used JBoss (which doesn’t have a hot deployment option), so we frequently had to restart it. Restarting took anywhere from 30-60 seconds to handle initialization.
  • There are plenty of people interested in OIM. Our class was about 13 people. This workshop is being held 3 times in the US (based on the last schedule I saw) and many people came from near and far to attend this session.
  • The OIM product has impressive capabilities, but it takes more work than expected to take advantage of those capabilities. For a non-programmer-type like me, understanding why 3 properties files all contain the same or similar information still doesn’t make sense, but apparently that’s the way many Java deployments are handled when deployed with i18n.
  • Connectors include not just provisioning parts (add, modify,  delete), but also reconciliation parts.

If you’re a partner and have a chance to attend this event, I’d recommend it. There’s another one happening in November in Reston, VA. Ask your friendly sales rep about it and they should be able to get you the invitation information. Make sure you and your system meet the prerequisites. The workshop uses VMWare images, so having 2Gb of RAM available will be important.

Another Oracle Certification Exam

Tonight I took another Oracle certification beta exam, Oracle Application Server 10g: Administration II (1Z1-312). Since it was a beta, the fee was only $50 and I knew some of the topics to be covered, so I figured I’d wing it and see how I did. I doubt I passed as I wasn’t well-prepared–especially for … Continue reading “Another Oracle Certification Exam”

Tonight I took another Oracle certification beta exam, Oracle Application Server 10g: Administration II (1Z1-312). Since it was a beta, the fee was only $50 and I knew some of the topics to be covered, so I figured I’d wing it and see how I did. I doubt I passed as I wasn’t well-prepared–especially for the questions related to Application Server Guard and some of the questions on Cold Failover Clusters. We’ll see in a few months if I managed to squeak by it or not (they don’t announce scores for the beta exams for about 10 weeks after the beta period ends). The good part about beta exams is the price, but the bad part is that they have you answer all the questions in the test pool. For this exam, there were over 215 questions in 180 minutes (3 hours). I should know better than to schedule such a span through dinner time, but that was all I could fit in to my schedule this time!

Another reason it was challenging for me was due to a thought that occurred to me as I got about half way through the exam. That is, why are Oracle ACE Directors (for Middleware, Database, or otherwise) not required to have completed some certification. I’ll be the first to agree that having a certification doesn’t necessarily mean you know what you’re talking about. I also know from friends that have already been given the ACE Director honor, the process can be a long one and, at least for them, there were several technical interviews that were required as well. I guess if I were in Oracle’s Certification Program Office, I’d sure like the ACE Directors to take and pass my exams as a sign that the exams were worth taking and that they actually stood for something meaningful. After all, if the ACE Directors are required to take them, it would add at least a little legitimacy to the certification program, wouldn’t it?

I’m not looking to start a flame war or drag the ACE Director program over the coals. I am wondering what others may think of certifications. Note that I’ve already posted my thoughts on certifications, so you’ll see I’m not proposing that certifications be the sole measure of anything. However, they are an interesting tool and provide at least one relatively objective metric as a starting point for evaluating a candidate (for a job or for an elite honorary title like ACE Director).

Let’s see if anyone’s reading…comment away! 🙂

I’m a diver

In a departure from the usual technical grind, I spent this past weekend scuba diving in a local quarry (Haigh Quarry, to be precise) and obtained my PADI Open Water certification! It was a great weekend to be in the water (though the water was murky…about 5-10 ft vis in most places). My classmates were … Continue reading “I’m a diver”

In a departure from the usual technical grind, I spent this past weekend scuba diving in a local quarry (Haigh Quarry, to be precise) and obtained my PADI Open Water certification! It was a great weekend to be in the water (though the water was murky…about 5-10 ft vis in most places). My classmates were great too and we had fun playing catch with the bowling balls scattered around the bottom. Eunice is an awesome instructor–be sure to request her when you sign up at Below H2O.

I logged 6 dives (two as a full-fledged OW diver) and did the first of my 5 required dives for PADI Advanced Open Water certification. I’m hoping to finish the others either next month or next spring if next month gets too cold.

So, since I’m the only diver in my family, if anyone in Chicagoland is looking for a dive buddy, let me know as I’ll be looking on a regular basis.

Monday (on a Tuesday) morning finds

I was catching up on my reading this fine Chicagoland morning and found some interesting articles that are definitely worth a short post. First, there’s a strong endorsement for Rich Niemiec’s new book Oracle 10g Performance Tuning Tips and Techniques. I’m still waiting for my copy, but Mary Ann Davidson doesn’t dish out endorsements every … Continue reading “Monday (on a Tuesday) morning finds”

I was catching up on my reading this fine Chicagoland morning and found some interesting articles that are definitely worth a short post.

First, there’s a strong endorsement for Rich Niemiec’s new book Oracle 10g Performance Tuning Tips and Techniques. I’m still waiting for my copy, but Mary Ann Davidson doesn’t dish out endorsements every day, so now I’m getting anxious to dig in.

Next in my “interesting reading” list is the aritcle on integrating reCAPTCHA with Oracle SSO by Paul Gallagher. This posting provides the code necessary to perform all the steps necessary to put a captcha on your Oracle SSO login page. Very cool stuff indeed. Bex Huff indicated in one of the comments that he wouldn’t recommend reCAPTCHA right now because while it is free, it seems to be filling his inbox with a lot of spam. Of course, it’s probably hard to determine if this is due to Bex’s general fame or reCAPTCHA! 🙂

Tanel Poder posted an article about a nice feature in Windows to allow you to color sections in the Windows Command Prompt.  It isn’t that hard to implement and could be a great help for those that teach classes or even doing a presentation. It also makes screenshots more meaningful by highlighting the interesting parts of your screen. I’m definitely keeping this posting handy!

Now if I can just keep the days of the week straight this week, I’ll be doing well. I’m working on building the RAC VMs for www.OracleVMs.com and also some other installs for some of the Oracle Identity Management products inside of VMs too. So, watch for more articles about what I’ve learned here over the next week or two.

Cloning a VM on ESX Server 3.0.1

I’ve had time this week to get familiar with our test server environment which is a rather old Dell server running VMWare ESX Server 3.0.1. After creating a new VM and getting a base linux OS configured, I wanted to clone it for later use. I’ve used VMWare Workstation and VMWare Server before and the … Continue reading “Cloning a VM on ESX Server 3.0.1”

I’ve had time this week to get familiar with our test server environment which is a rather old Dell server running VMWare ESX Server 3.0.1. After creating a new VM and getting a base linux OS configured, I wanted to clone it for later use. I’ve used VMWare Workstation and VMWare Server before and the cloning process there is very simple–just copy. On ESX Server, there are a couple more steps required and then some other steps that are optional, but make life easier in the long run.

Here is the process I followed to perform a clone. It worked well and I was successful in getting my cloned VM running. I didn’t find a process describing exactly what I did, so I thought I’d post it (mostly so I can find it later when I forget what I did). I did find a similar process for a slightly older version and most of this post comes from that process with a few exceptions. Continue reading “Cloning a VM on ESX Server 3.0.1”

Paying the bills

As some of you already know, I’ve recently changed jobs. I now work at Piocon in Chicagoland. Our office is currently in Naperville (pretty close to my house). I’m a Practice Manager and will be working with a couple of other fine technologists (read some of their good stuff at SingleQuery) leading efforts in the … Continue reading “Paying the bills”

As some of you already know, I’ve recently changed jobs. I now work at Piocon in Chicagoland. Our office is currently in Naperville (pretty close to my house). I’m a Practice Manager and will be working with a couple of other fine technologists (read some of their good stuff at SingleQuery) leading efforts in the Enterprise Solutions Architecture (ESA) practice.

I’d like to keep most things here technical, so pardon this interruption. I’m still available for consulting, so contact me at dannorris(at)dannorris(dot)com if you would like to engage me or one of my team members. Please update your address books if you have my old contact information in there. As you’ve read, I’ll be at OOW (shaping up to be a busy week already!) and I’m also going to be participating heavily in pre-conference activities for Collaborate 08 as one of the IOUG DBA track managers, so you can count on seeing me there as well.

Call for speakers: Collab 08 and Hotsos Symposium

The spring (in the US) conferences on my hot list are always Collaborate and the Hotsos Symposium. While I’ve never been to the Hotsos Symposium (due to budget constraints), I’ve always wanted to attend. All in the past couple of weeks, both events have opened their respective calls for speakers. See the links: IOUG call … Continue reading “Call for speakers: Collab 08 and Hotsos Symposium”

The spring (in the US) conferences on my hot list are always Collaborate and the Hotsos Symposium. While I’ve never been to the Hotsos Symposium (due to budget constraints), I’ve always wanted to attend. All in the past couple of weeks, both events have opened their respective calls for speakers. See the links: IOUG call for speakers (Collaborate08), OAUG call for speakers (Collaborate08), and Hotsos Symposium call for speakers.

<soapbox><!–warning–>

I would highly encourage you to consider presenting. As anyone who’s heard me present recently, I close almost all of my sessions with a plug for becoming a presenter (if I haven’t run short on time). Presenting a technical topic or case study can be a lot of work, but it is also very rewarding both professionally and economically (free conference pass!). While some employers aren’t keen on sending their staffers to conferences all-expenses-paid, the negotiation gets a lot easier when you cut 50% off the total budget by snagging a free pass.

Besides the fun and rewarding experience of presenting your knowledge to others, you also become recognized as the authority on something and many times, follow up questions trickle in for weeks or months later (as people download your session materials). These follow ups can often lead to friendships and (if you’re in consulting) additional business. There’s also the great opportunity to meet or reunite with many people you know from the Oracleosphere online from places like Oracle-L, OracleBlogs, OraNA.Info, and OTN Forums. I learn as much or more from talking with individual conference attendees as I do from attending technical sessions.

Anyhoo, it’s a great time and you meet lots of great people (like me!). Not to mention, there’s usually a pretty nice “appreciation event” (read party) at the major conferences too.

</soapbox>

I’ll look forward to seeing you…at the lectern with a microphone!

Oracle 11g dbhome broken…oh, wait, nevermind.

I’ve been doing a lot of testing with Oracle Database 11g lately and I’m a big fan of using oraenv to set the environment. For many releases, it seemed that Oracle had completely ignored oraenv and dbhome, but they’ve made some changes in 11g that aren’t quite so helpful it seems. I’ll probably file an … Continue reading “Oracle 11g dbhome broken…oh, wait, nevermind.”

I’ve been doing a lot of testing with Oracle Database 11g lately and I’m a big fan of using oraenv to set the environment. For many releases, it seemed that Oracle had completely ignored oraenv and dbhome, but they’ve made some changes in 11g that aren’t quite so helpful it seems. I’ll probably file an SR on this stuff soon, but it’s easy to fix.

The issue I encountered was that the dbhome script (which is called by oraenv to determine the ORACLE_HOME for a given ORACLE_SID) failed to return the proper ORACLE_HOME in some cases. After reading dbhome (it’s less than 100 lines long), I realized that the issue was…

Oh, nevermind. I started writing this from memory of one of the beta versions and when I went to check (right where I left off typing in the previous paragraph), I found that the issue had been fixed in the production release. So, apparently that bug did get fixed.

To summarize, the bug in dbhome in beta 5 was particularly interesting since it only came up when the first character in your ORACLE_SID name became a special metacharacter when preceded by a backslash (\). So, everything was going along fine until I created an instance named “rac11g1” and then dbhome failed to work, which also caused in oraenv becoming ineffective. All fixed now, nevermind. Kudos to Oracle for improving the oraenv and dbhome scripts in 11g to now also look for the ORACLE_BASE setting. As many of you have noted or will find out, ORACLE_BASE is becoming increasingly important to Oracle installations.

OpenWorld 2007 News: The Big Party & Session Listings

I wasn’t sure how to top last year’s Elton John show. (By the way, I was also partial to AC/DShe at last year’s show.) However, for my tastes, I think they may have topped it with this year’s lineup. On top of the news about the appreciation event, there’s also news on the session list … Continue reading “OpenWorld 2007 News: The Big Party & Session Listings”

OOW2007 logoI wasn’t sure how to top last year’s Elton John show. (By the way, I was also partial to AC/DShe at last year’s show.) However, for my tastes, I think they may have topped it with this year’s lineup.

On top of the news about the appreciation event, there’s also news on the session list for OOW. I’ve got session S291026 during the regular conference and also two more sessions during IOUG’s Forum program on Sunday as well (these will likely be added to session planner later).

Please do plan to attend the Sunday program. As I’ve been more involved in this year’s Sunday program, I think it will be one of the best yet. I’d love to have a chat about anything related to Oracle Database Identity Management, or SCUBA diving, so let me know if you’re going to be there on Sunday (or post a comment here) and we’ll try to meet up onsite in SF!

I’ll post more on Sunday’s schedule as soon as it is made public.

Passwords, or just semi-secret passphrase?

As my friend Matt Topper posted (only because he begged me to let him post first–I can’t stand seeing grown men cry), we’ve both experienced a number of cases lately where we’ve been disappointed by security practices we’ve observed. My personal pet peeve is when I call my cell phone provider and they attempt to … Continue reading “Passwords, or just semi-secret passphrase?”

As my friend Matt Topper posted (only because he begged me to let him post first–I can’t stand seeing grown men cry), we’ve both experienced a number of cases lately where we’ve been disappointed by security practices we’ve observed. My personal pet peeve is when I call my cell phone provider and they attempt to verify my identity by asking for the password on the account. Now, I know what they’re asking for and I do have an online password that I use when visiting the website, but I instead tell them that I don’t know the password. They are just as happy to verify me by the last four numbers in my SSN (which is another rant for another day). Anyway, I comply and as soon as I’ve been “verified” by this method, they read me the password on the account.

My primary gripe is not so much that they read me the password (which is stupid and wrong), but that they *could* read me the password. Why oh why is the password stored in any way that is retrievable? As Matt pointed out, there are almost countless, very well-documented ways to store passwords such that they are safe and non-retrievable (by the customer service reps or anyone else). I am not completely insensitive to the company’s issue when someone like my mother calls up because she forgot her password and just wants them to reminder her what it is. However, I think it is silly that she had to call them–the “forgot password” link should verify identity and allow her to reset the password on the spot or email a validation link to her unique email address.

So, my point is that there are many, many ways to protect me and my information, but it’s extremely frustrating to have to deal with vendors that just haven’t caught up with the last 30+ years of low-hanging fruit. If anyone from Sprint PCS IT is listening, please, oh my God please, fix this.