|By Trey Drake, with contributions from Marina Sum, September 27, 2007|
OpenDS, an open-source software (OSS) project, was launched in 2005 by a small team of Sun engineers. Their goalto build a directory service with the ease of use that developers desire and the scalability required in carrier-grade deployments. Their success thus farOpenDS stands out from other directory servers by virtue of its full-stack roadmap, intuitiveness, platform portability, and a large, experienced, full-time community of developers, QA engineers, and documenters. Meanwhile, over the past two years, OpenDS has evolved into a community of over 160 committers, contributors, and users.
The OpenDS core is a directory server written entirely in the Java programming language and fully compliant with Lightweight Directory Access Protocol (LDAP) version 3. The key benefits for developers are as follows:
This article elaborates on the advances OpenDS has made in the directory-server arena and summarizes the highlights of upcoming milestones.
The directory server has long played a key role as a consolidator of users and devices for enterprise and service providers. Deployers have benefited from the standardization of the protocol and subsequent vendor support for servers, clients, software development kits, and the like. Just as LDAP now owns the enterprise user database, so the many value-added capabilities of OpenDS have triggered opportunities for OpenDS to own directory services. For example, the fast read-write performance, built-in scalability, and fault tolerance of OpenDS have piqued the interest of telecommunication carriers who, until recently, have relied on relational databases. Numerous ISVs and OSS project teams have also incorporated OpenDS into their reference architecture and test suites, in part because of its small footprint and ease of deployment.
Separately, helper APIs have simplified the process of embedding OpenDS in both stand-alone and Web applications. OpenDS is making strides as an embedded directory service in such diverse roles as a fault-tolerant database for user sessions, user-policy stores, and general-purpose databases.
Shortly after launching OpenDS, Sun donated its source code to the open-source community. The entire effort from design to QA is now in the community's hands, and artifacts are available through the Common Development and Distribution License (CDDL). The project is governed as a "doacracy," that is, government by the doers. Since inception, OpenDS has greatly benefited from transparent processes and source code, a key contributor to high quality. Why? Thanks to a simple rule of human nature: One pays more attention to detail when others are looking.
In addition, the high quality of OpenDS isn't just on paper: Its quality is backed up by thousands of unit tests. As a fully internationalized project with anticipated adoption outside the English-speaking world, OpenDS opens the door for easy localization in other languagesa cost-prohibitive step for proprietary software. Lastly, exposing the source of mission-critical and security-sensitive infrastructure simplifies life for those deployers who require security audits.
The following diagram illustrates the complete stack of directory service.
Milestone 1the core capabilitiesare just around the corner. The rest of the stack will follow suit in upcoming milestones, including the following:
While most of the preceding capabilities exist today in other OSS projects and in Sun Java System Directory Server Enterprise Edition, none of them benefit from a common code base, cohesive architecture, and focused usability engineering, as does OpenDS. With its solid core, extensible framework, and robust enterprise-centric capabilities, OpenDS is poised to become a key tool for developers and deployers alike.
OpenDS will soon offer a free, production-ready directory server for a wide range of deploymentsfrom telcos to desktops. Do check out the project and join the community. Installation takes only six clicks!
I welcome questions, comments, and suggestions on OpenDS. Contact me at