A little new toy for you claims-based identity aficionados to play with! Available here.

Tokens are the currency on the identity market. Any identity solution you develop will require you to acquire & consume tokens (& associated claims) at some point.
ADFS2 is super-easy to install, but does require Active Directory and as a result it is not always readily available at development time, especially if you are not targeting a departmental application or a classic federation scenario. And even in that case, you don’t always have a test endpoint set up. When you test a payment service you don’t move real money right away, there’s no reason to do the same with identities: do you have a test account for all the role values you want to test?
The standard solution, one that has been used big time also in out training kit and other examples, is creating a custom STS. Almost three years have passed since the very first preview we gave in Barcelona of what became WIF, and I still remember Barry in the first row facepalming at the sight of one STS built in under 10 minutes. Well, with the WIF SDK tooling now that happens in seconds (or less, if your machine has an SSD ;-)) hence it’s incredibly easy to set up a test STS. However, after you’ve done that hundreds of times (and believe me, I did) even that can start to wear you off; writing new fed metadata every time you change something takes time; and above all, creating many custom STSes can litter your IIS and certificates stores if you are not disciplined in keeping things clean (I’m not). Also, if you are packing your solution for others (in my case for making labs and sample code available to you, more commonly you need to do that when something is not working and you want the help of others) you need to include some setup, which has requirements (IIS, certificate stores, etc) and impact on the target machine.

Well, enter SelfSTS.

SelfSTS is a little winform app which will not deny a token to anyone. It’s an EXE which exposes one endpoint for a passive STS, and one endpoint with the corresponding fed metadata document. The claim types and values are taken from a config section, which can be edited directly in the SelfSTS UI. The tokens are signed with simple self-signed certificates from PFX files, the certificates tore remains untouched. You can even create new self-signed certs with a simple UI, instead of risking to conjure mystical beasts by mistake if you write the wrong makecert parameter.

With SelfSTS you can produce test input for your apps very easily: you start it, point the Add STS Wizard to to the metadata endpoint, and hit F5. If you want the token to have a different claim type or value, you just go to the claims editing UI and change things accordingly. If you need more than one STS at once, you just copy the exe, the config and the PFX certificate you want to another folder, you change the port on which the STS is listening and you fire it up; here you go, you can now do all the home realm discovery experiments you want. I already heard people considering to use this for testing SharePoint even in situations in which you don’t have the WIF SDK installed: that’s right, it just requires the WIF runtime! I am sure you’ll come out with your own creative ways to use that. I am even considering using it instead of many of the custom STSes in the next drops of the training kit…

I feel silly even at having to say that, but for due diligence… SelfSTS is obviously ABSOLUTELY INSECURE. It is just a test toy, and as such it should be used. It gives tokens without even checking who the caller is, and it does that on plain HTTP. It signs tokens with self-signed certificates, and it stores the associated passwords in the clean in the web config. It is the very essence of insecurity itself. Do not use it for anything else than testing applications at development time, on non production systems.

Below there’s an online version of the readme we packed in the sample. Have fun!

Overview

Securing web applications with Windows Identity Foundation require the use of an identity provider, which may not always be available at development or test time. The standard solution to the issue is creating a test STS. The WIF SDK templates make it very easy to create a minimal STS; however it requires you to write code for customizing the claims it emits and, if you want to be able to use the WIF tooling to its fullest, customize the metadata generation code. What’s worse, you need to repeat the process for every new application.

SelfSTS is a quick & dirty utility which provides a minimal WS-Federation STS endpoint and its associated federation metadata document. You can use SelfSTS for testing your web applications by simply pointing WIF’s Add STS Wizard to its metadata endpoint.

 
Figure 1
The main SelfSTS screen

SelfSTS is a simple .EXE file, which does not require IIS and never touches the certificates store. There is no installation required, you just need the .EXE file itself, its configuration file and the PFX file of the certificate you want to use for signing tokens. Its only requirements are .NET 4.0, the WIF runtime and (if you want to generate extra certificates) the Windows SDK.

SelfSTS provides a simple UI for easily editing the types and values of the claims it will emit: the metadata document will be dynamically updated accordingly.

SelfSTS offers a UI for simplified creation of self-signed X.509 certificates, which you can use if you need to use a signing certificate with a specific subject or if for some reason you cannot use the certificate provided out of the box.

WARNING: SelfSTS is not, and is not meant to be, secure by any measure. All traffic takes place in the clear, on HTTP; requests are automatically accepted regardless of who the caller is; certificates are handled from the file system, without specific passwords protections. This is all by design, SelfSTS is just meant to help you to test web applications by providing you with an easy way of obtaining tokens via WS-Federation.

 

Using SelfSTS

The simplest way of using SelfSTS is launching the .EXE, hitting the start button (marked as (a) in figure 2), using the (e) button for copying to the clipboard the metadata address, and pasting that address in the Add STS Reference wizard in your web application. Just hit F5 and you’ll get your token right away: SelfSTS does not attempt any form of authentication.

 
Figure 2
The elements of the main SelfSTS UI and their function

The button Hide (f) will minimize SelfSTS to the system tray, but the endpoint will remain active until you don’t hit the button Stop again.

If you want to configure things by hand, you can get the endpoint address in the clipboard via (d). The details of the signing certificate are shown on the UI, but remember that the certificate itself is not present in the store.

 

Editing Claims

You can easily change the claim types and values issued by SelfSTS.

 
Figure 3
The Edit Claims Dialog

Clicking on (b) from Figure 2 opens the dialog shown in Figure 3.

You can edit existing claims in place through (a), (b) and (c). (a) is a dropdown populated with all the claim types which come out of the box with WIF; however you can explicitly type in (a) an arbitrary URI if you need to define a custom claim.

If you want to delete a claim entry you can just press on the corresponding X button (d).

You can add a new entry using the button add (e): of course you can have as many instances of the same time as you want (for example, you will often have multiple entries with the Group claim type).

If you hit Save the current configuration will be committed to the config file of SelfSTS. Please consider that SelfSTS does not make a lot of validation checks, hence if you leave things in messed state you may have to go to the config and fix things manually afterwards.

If you hit Cancel you’ll be back to the main UI, and all the changes will be lost.

 

Generating a New Certificate

SelfSTS comes with its own default certificate file. However there will be times in which you will want to use a different certificate, for example if there is a specific subject you want to assign to the issuer or if you need to simulate multiple issuers.

SelfSTS offers you a wrapper on top of MakeCert and similar utilities, allowing you to easily create a new self-signed certificate.

 
Figure 4
The New Certificate Generation Dialog

One interesting side effect of generating a PFX is that the underlying utilities will prompt you for the certificate password multiple times, as shown in Figure 5. Make sure you always use the same password!

 
Figure 5
Creating a new certificate will result in multiple password prompts

Once the certificate generation is done, SelfSTS changes its config accordingly and will use the new certificate for signing form now on. The certificate password is saved in clear in the config.

WARNING: Needless to say, this is all astonishingly insecure. SelfSTS is not meant to provide a token securely, or to have access to certificates actually in use for business functions. NEVER use a certificate that has actual business uses with SelfSTS.

 

SelfSTS Configuration Section

The SelfSTS UI is largely an editor for the SelfSTS custom config section. There are things you can do only by touching the config directly.

<SelfSTSSettings port="8000" signingcertificate="SelfSTS.pfx" signingcertificatepassword="Passw0rd!" issuername="SelfSTS"> <claims> <clear /> <add type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" displayname="Email Address" value="test@company.com" /> <add type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" displayname="Given name" value="Joe" /> <add type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" displayname="Surname" value="Doe" /> <add type=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/otherphone displayname="Other Phone" value="555-5555-5555" /> <add type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" displayname="Name" value="joe" /> <add type="http://schemas.xmlsoap.org/claims/Group" displayname="Group" value="Sales" /> </claims> </SelfSTSSettings>

The config format is very straightforward.
You might want to edit the config directly if you want more than one instance of SelfSTS to run at the same time (in which case you can just copy the exe and the config in a new folder, and edit the port value to avoid collisions). You might also want to edit the config for pointing to a certificate you already have as opposed to the default or newly generated ones (NEVER use a certificate you are using in production or that has any business value).

Finally, sometimes you may end up in a messed state when using the UI (say if the certificate generation fails at mid-operation) and you may come here to fix the values before being able to restart SelfSTS.

 

Summary

SelfSTS can help you to test your web application by providing a WS-Federation endpoint readily available and with little/no infrastructure requirements. Please use it only in test and dev environments and exclusively with self-issued certificates.
SelfSTS will help you to experiment with WIF and claims-based identity without worrying about finding a token source to test against. Have fun!

A little new toy for you claims-based identity aficionados to play with! Available here. Tokens are the currency on the identity market. Any identity solution you develop will require you to acquire & consume tokens (& associated claims) at some point. ADFS2 is super-easy to install, but does require Active Directory and as a result it is not always readily available at development time, especially if you are not targeting a departmental application or a classic federation scenario. And even in that case, you don’t always have a test endpoint set up. When you test a payment service you don’t move real money right away, there’s no reason to do the same with identities: do you have a test account for all the role values you want to test? The standard solution, one that has been used big time also in out training kit and other examples, is creating a custom STS. Almost three years have passed since the very first preview we gave in Barcelona of what became WIF, and I still remember Barry in the first row facepalming at the sight of one STS built in under 10 minutes. Well, with the WIF SDK tooling now that happens in seconds (or less, if your machine has an SSD ;-)) hence it’s incredibly easy to set up a test STS. However, after you’ve done that hundreds of times (and believe me, I did) even that can start to wear you off; writing new fed metadata every time you change something takes time; and above all, creating many custom STSes can litter your IIS and certificates stores if you are not disciplined in keeping things clean (I’m not). Also, if you are packing your solution for others (in my case for making labs and sample code available to you, more commonly you need to do that when something is not working and you want the help of others) you need to include some setup, which has requirements (IIS, certificate stores, etc) and impact on the target machine. Well, enter SelfSTS. SelfSTS is a little winform app which will not deny a token to...

Please click on the title of the post to continue reading the article. (You will be referred to the article author's website)

My, how quickly things change. It wasn’t much more than a year ago that Apple and Google were happy partners — at least from the public’s perspective — working in tandem to push technology forward at a clipping pace. Google’s search and various apps complemented the iPhone perfectly, and the existing Android phones merely affirmed how much better the iPhone was than everything else on the market. And then everything went to hell.

Late last July, we broke the news that Apple blocked Google’s official Voice application and removed any third-party applications that supported the service, sparking an FCC inquiry into why Google Voice was banned from the iPhone.

Today marks the one year anniversary of Apple’s response to the FCC, in which it gave a remarkably disingenuous explanation as to why Google Voice wasn’t on the iPhone: Apple was still “pondering” the matter. A year later, it apparently still is.

Google Voice is nowhere to be found on the App Store, and while Google has developed an impressive web version for the iPhone, it can’t provide the same performance or ‘native feel’ of a native app and it can’t access the phone’s local contacts directory (at least, not yet). In light of today’s milestone I reached out to both Apple and Google to see if there’s been any progress. Both declined to comment.

Of course, Google Voice itself was never the key issue at play — the service was only available in a private beta when it was blocked from the iPhone. Indeed, most of the outcry stemmed from the fact that Apple was blatantly using its control over the App Store’s walled garden for anti-competitive reasons. Before the Voice fiasco Apple had drawn plenty of heat over its inconsistent App Store approval policies, but most of these removals could be ascribed to the notion that Apple was censoring apps to help maintain the quality and safety of the App Store. That clearly wasn’t the case here: Apple saw Google’s increasing presence on the iPhone as a threat, so it killed it.

Soon after the Google Voice fiasco, I abandoned my iPhone for Android (TechCrunch founder Michael Arrington quit his iPhone too). My rationale had little to do with wanting to use Google Voice more frequently. Rather, it had a lot to do with the knot I got in the pit of my stomach as I imagined just how important Apple’s stranglehold over the iOS platform will become in the next five years and beyond.

The runaway success of the iPhone and the iPad have made it clear that the App Store and iOS are only going to become more ubiquitous. The new Apple TV will soon feature them. In all likelihood Apple will find ways to integrate iOS into form factors that are more competitive with desktop and laptops. Simply put, iOS will be synonymous with computing for a lot of people.

Tim O’Reilly believes that Apple is trying to build a fundamental challenge to the web. A web controlled by a single company. Apple may have intended to use the App Store’s approval system to protect customers and the user experience, but it has the convenient side effect of enabling it to stifle anything that could compete with its own products on the iOS platform. Remember, we are still very early in this game, and the App Store had existed for just one year before Apple gave Google the boot. Is there any doubt it will do the same the next time someone tries to encroach on its turf?

Most of Apple’s ardent defenders will simply tell people like me to go use another, more open platform if they have a problem with the App Store and Apple’s policies. Fair enough. But the time and uncertainty involved in having to switch to a new computer platform are far from trivial, and eventually we may have kids who are raised on iOS — getting them to switch platforms so they can use an innovative new browser or FaceTime competitor or whatever else Apple is quietly blocking from the App Store will be no easy task.  It is this inertia, which is only going to become more difficult to overcome as iOS becomes more successful, that troubles me most. Apple will be able to get away with even more egregious behavior, because its users will want to stick with what they know.

Disclosure: Months after the Google Voice/Apple story broke I had my number ported over to the service (just as Michael did). All users will be getting access to this feature soon.

Image by Brian Hillegas
CrunchBase InformationAppleGoogle VoiceInformation provided by CrunchBase

My, how quickly things change. It wasn’t much more than a year ago that Apple and Google were happy partners — at least from the public’s perspective — working in tandem to push technology forward at a clipping pace. Google’s search and various apps complemented the iPhone perfectly, and the existing Android phones merely affirmed how much better the iPhone was than everything else on the market. And then everything went to hell. Late last July, we broke the news that Apple blocked Google’s official Voice application and removed any third-party applications that supported the service, sparking an FCC inquiry into why Google Voice was banned from the iPhone. Today marks the one year anniversary of Apple’s response to the FCC, in which it gave a remarkably disingenuous explanation as to why Google Voice wasn’t on the iPhone: Apple was still “pondering” the matter. A year later, it apparently still is. Google Voice is nowhere to be found on the App Store, and while Google has developed an impressive web version for the iPhone, it can’t provide the same performance or ‘native feel’ of a native app and it can’t access the phone’s local contacts directory (at least, not yet). In light of today’s milestone I reached out to both Apple and Google to see if there’s been any progress. Both declined to comment. Of course, Google Voice itself was never the key issue at play — the service was only available in a private beta when it was blocked from the iPhone. Indeed, most of the outcry stemmed from the fact that Apple was blatantly using its control over the App Store’s walled garden for anti-competitive reasons. Before the Voice fiasco Apple had drawn plenty of heat over its inconsistent App Store approval policies, but most of these removals could be ascribed to the notion that Apple was censoring apps to help maintain the quality and safety of the App Store. That clearly wasn’t the case here: Apple saw Google’s increasing presence on the iPhone as a threat, so it...

Please click on the title of the post to continue reading the article. (You will be referred to the article author's website)

In prior posts we have discussed conflicts that can happen when a contact and a user share the same e-mail address.  Traditionally, if the same email exists on a user and a contact record, it could cause problems when activities like e-mails were tracked in CRM.  Sometimes these issues were minor, such as the activity being connected to the contact record instead of the user, but other issues were more major—the most troubling one was when you tracked a meeting request that included the email address that was duplicated in CRM, sometimes when it synched back to outlook from CRM, it would resolve to the contact instead of the user, which would cause the appointment to be removed from the user’s outlook calendar—not good when it is an important meeting getting removed from your calendar so you forget about it. As mentioned in an earlier post, Update Rollup 12 for Dynamics CRM fixes this issue.  The way that the duplicate e-mail synch conflicts are resolved is by giving the user record top priority.  When resolving a tracked activity using the email address, CRM now first matches against the User records.  If it finds a match, it stops. This is a great improvement and should make life easier in those cases where you need to have people as both contacts and users.   del.icio.us Tags: Users,contacts,Microsoft CRM,Dynamics CRM

Please click on the title of the post to continue reading the article. (You will be referred to the article author's website)

In prior posts we have discussed conflicts that can happen when a contact and a user share the same e-mail address.  Traditionally, if the same email exists on a user and a contact record, it could cause problems when activities like e-mails were tracked in CRM.  Sometimes these issues were minor, such as the activity being connected to the contact record instead of the user, but other issues were more major—the most troubling one was when you tracked a meeting request that included the email address that was duplicated in CRM, sometimes when it synched back to outlook from CRM, it would resolve to the contact instead of the user, which would cause the appointment to be removed from the user’s outlook calendar—not good when it is an important meeting getting removed from your calendar so you forget about it.

As mentioned in an earlier post, Update Rollup 12 for Dynamics CRM fixes this issue. 

The way that the duplicate e-mail synch conflicts are resolved is by giving the user record top priority.  When resolving a tracked activity using the email address, CRM now first matches against the User records.  If it finds a match, it stops.

This is a great improvement and should make life easier in those cases where you need to have people as both contacts and users.

 

del.icio.us Tags: Users,contacts,Microsoft CRM,Dynamics CRM

In prior posts we have discussed conflicts that can happen when a contact and a user share the same e-mail address.  Traditionally, if the same email exists on a user and a contact record, it could cause problems when activities like e-mails were tracked in CRM.  Sometimes these issues were minor, such as the activity being connected to the contact record instead of the user, but other issues were more major—the most troubling one was when you tracked a meeting request that included the email address that was duplicated in CRM, sometimes when it synched back to outlook from CRM, it would resolve to the contact instead of the user, which would cause the appointment to be removed from the user’s outlook calendar—not good when it is an important meeting getting removed from your calendar so you forget about it.

As mentioned in an earlier post, Update Rollup 12 for Dynamics CRM fixes this issue. 

The way that the duplicate e-mail synch conflicts are resolved is by giving the user record top priority.  When resolving a tracked activity using the email address, CRM now first matches against the User records.  If it finds a match, it stops.

This is a great improvement and should make life easier in those cases where you need to have people as both contacts and users.

 

del.icio.us Tags: Users,contacts,Microsoft CRM,Dynamics CRM

For the first time, Microsoft Dynamics CRM Premier Field Engineering team has released a podcast regarding Update Rollups, specifically Update Rollup 12 . In it I describe how CRM Update Rollups are produced, how they work, popular methods of client rollup...(read more)Jim Glass02938686095179502833

For the first time, Microsoft Dynamics CRM Premier Field Engineering team has released a podcast regarding Update Rollups, specifically Update Rollup 12 . In it I describe how CRM Update Rollups are produced, how they work, popular methods of client rollup...(read more)

Please click on the title of the post to continue reading the article. (You will be referred to the article author's website)

Recently there was a panel discussion regarding "The State of Enterprise Architecture: Vast Promise or Lost Opportunity?". It was actually a very interesting panel discussion. Take a peek when you have a moment.Here are a few excerpts that I really agree with: In a lot of cases, we make a big deal about the technical expertise of architects, but in a lot of architectural engagements that I have been involved in, I didn’t actually know anything at all about the subject matter that I was being asked to architect. What I did know how to do was ask the right questions, find the people who knew the answers to those, and help the people who actually had the information orchestrate, arrange, and understand it in a way that allowed them to solve the problem that they really had.This is very true. It is all about asking the right people the right questions and even more often it's about asking those same people the next two or three questions that are the real answers you are looking for. This also isn't something that is easy for anyone to pick up. While the occasional cheat sheet/checklist is good as a refresher to make sure you tied everything off it should be used as the end all be all. Questions alone with out the right people asking them are not effective. In terms of its maturity as a profession, it may be 100 or 200 years back, compared to law or medicine, but on the other hand, the quality of the practice is much more like where medicine and law were 50 year, 25 years ago.I have to agree on a lot of fronts. It is somewhat the EA Wild West out here. There are so many competing frameworks, certifications and methods that it is difficult for the EA community to have a common vocabulary or measurement. The fundamental with leadership in EA is that architects don’t own things. They are not responsible for the business processes. They are not responsible for the sales results. They are responsible for leading a group of people to that transformation, to that happy...

Please click on the title of the post to continue reading the article. (You will be referred to the article author's website)

The Microsoft Dynamics CRM Sustained Engineering (SE) team released Microsoft Dynamics CRM 4.0 Update Rollup 12 on Thursday, July 29, 2010. The links below will take you to the necessary information about Update Rollup 12. Microsoft Download Center: http...(read more)CRM Team Blog

The Microsoft Dynamics CRM Sustained Engineering (SE) team released Microsoft Dynamics CRM 4.0 Update Rollup 12 on Thursday, July 29, 2010. The links below will take you to the necessary information about Update Rollup 12. Microsoft Download Center: http...(read more)

Please click on the title of the post to continue reading the article. (You will be referred to the article author's website)

After testing Apple's iPhone 4 against competing HTC and Nokia models in a remote area on the edge of Norwegian carrier Telenor's mobile coverage, the county's largest paper has concluded that its antenna design is "just as good and bad as competitors," rather than suffering any defect.


(author unknown)18161681971207621300129994662211816502631580463300681816867714234177972902736202135430329299520403050780745394734639687900114650730030435074162812749699910841130293868609517950283305960644650353223853132257149151036076971681042459316573608409206322224144520870012592865928587576411271666792770306094212200419379796443078151720289653855757200782474927826791919106540962061184341716035459646666949204861252829950263881167602409306698745182845016315347969752327720140984609343131929202413567902665267853169469178122424603000352685816205386765214904241550709336209146781603807138304210465188483555169597706618786192857547432126359650421326733800020307783114344764401248570329797864644167044603494532536520687228326882986271203982895705798213319037473845537907111600192445278157531014707711025360983490952074236442322003265020429766142584926671212415642206525415288

After testing Apple's iPhone 4 against competing HTC and Nokia models in a remote area on the edge of Norwegian carrier Telenor's mobile coverage, the county's largest paper has concluded that its antenna design is "just as good and bad as competitors," rather than suffering any defect.

Please click on the title of the post to continue reading the article. (You will be referred to the article author's website)

Tonight (Tuesday, July 27) on NBC TV stations, Tony Robbins debuts his first-ever TV series, Breakthrough with Tony Robbins. In the six-episode series, Robbins works with six people facing an extreme life challenge, inspiring them to become more resilient and find the inner resources to build better lives and relationships. Find more information on the Breakthrough mini-site, or watch the trailer above for a sample — or watch Tony Robbins’ TEDTalk to get a sense of his energetic, empowering style.

Please click on the title of the post to continue reading the article. (You will be referred to the article author's website)

Tonight (Tuesday, July 27) on NBC TV stations, Tony Robbins debuts his first-ever TV series, Breakthrough with Tony Robbins. In the six-episode series, Robbins works with six people facing an extreme life challenge, inspiring them to become more resilient and find the inner resources to build better lives and relationships. Find more information on the Breakthrough mini-site, or watch the trailer above for a sample — or watch Tony Robbins’ TEDTalk to get a sense of his energetic, empowering style.

Tonight (Tuesday, July 27) on NBC TV stations, Tony Robbins debuts his first-ever TV series, Breakthrough with Tony Robbins. In the six-episode series, Robbins works with six people facing an extreme life challenge, inspiring them to become more resilient and find the inner resources to build better lives and relationships. Find more information on the Breakthrough mini-site, or watch the trailer above for a sample — or watch Tony Robbins’ TEDTalk to get a sense of his energetic, empowering style.

Recently there was a panel discussion regarding "The State of Enterprise Architecture: Vast Promise or Lost Opportunity?". It was actually a very interesting panel discussion. Take a peek when you have a moment.

Here are a few excerpts that I really agree with:

In a lot of cases, we make a big deal about the technical expertise of architects, but in a lot of architectural engagements that I have been involved in, I didn’t actually know anything at all about the subject matter that I was being asked to architect.

What I did know how to do was ask the right questions, find the people who knew the answers to those, and help the people who actually had the information orchestrate, arrange, and understand it in a way that allowed them to solve the problem that they really had.

This is very true. It is all about asking the right people the right questions and even more often it's about asking those same people the next two or three questions that are the real answers you are looking for. This also isn't something that is easy for anyone to pick up. While the occasional cheat sheet/checklist is good as a refresher to make sure you tied everything off it should be used as the end all be all. Questions alone with out the right people asking them are not effective.

In terms of its maturity as a profession, it may be 100 or 200 years back, compared to law or medicine, but on the other hand, the quality of the practice is much more like where medicine and law were 50 year, 25 years ago.

I have to agree on a lot of fronts. It is somewhat the EA Wild West out here. There are so many competing frameworks, certifications and methods that it is difficult for the EA community to have a common vocabulary or measurement.

The fundamental with leadership in EA is that architects don’t own things. They are not responsible for the business processes. They are not responsible for the sales results. They are responsible for leading a group of people to that transformation, to that happy place, or to the end-state that you're trying to achieve.

Enterprise Architects only have influence to the organization where it needs to be. This is both good and bad. I think that the previous comment made about the quality of the EA practice being equivalent to 25 to 50 years ago wouldn't be the case if EA's didn't have to "earn there keep" as influencers. They have to earn there stripes to be effective in the industry. This is the true test of a good EA.

If you do not lead and do not take the risk to lead, the transformation won’t occur.

As an EA it's all about putting yourself out there and taking calculated risks for yourself, not necessarily for the company.

Again, very good panel with Dana Gardner,Jeanne Ross, Dave Hornford and Len Fehskens.

For more information and the full article:

• Transcript (Download)
• iTunes/iPod and Podcast.com

Recently there was a panel discussion regarding "The State of Enterprise Architecture: Vast Promise or Lost Opportunity?". It was actually a very interesting panel discussion. Take a peek when you have a moment.

Here are a few excerpts that I really agree with:

In a lot of cases, we make a big deal about the technical expertise of architects, but in a lot of architectural engagements that I have been involved in, I didn’t actually know anything at all about the subject matter that I was being asked to architect.

What I did know how to do was ask the right questions, find the people who knew the answers to those, and help the people who actually had the information orchestrate, arrange, and understand it in a way that allowed them to solve the problem that they really had.

This is very true. It is all about asking the right people the right questions and even more often it's about asking those same people the next two or three questions that are the real answers you are looking for. This also isn't something that is easy for anyone to pick up. While the occasional cheat sheet/checklist is good as a refresher to make sure you tied everything off it should be used as the end all be all. Questions alone with out the right people asking them are not effective.

In terms of its maturity as a profession, it may be 100 or 200 years back, compared to law or medicine, but on the other hand, the quality of the practice is much more like where medicine and law were 50 year, 25 years ago.

I have to agree on a lot of fronts. It is somewhat the EA Wild West out here. There are so many competing frameworks, certifications and methods that it is difficult for the EA community to have a common vocabulary or measurement.

The fundamental with leadership in EA is that architects don’t own things. They are not responsible for the business processes. They are not responsible for the sales results. They are responsible for leading a group of people to that transformation, to that happy place, or to the end-state that you're trying to achieve.

Enterprise Architects only have influence to the organization where it needs to be. This is both good and bad. I think that the previous comment made about the quality of the EA practice being equivalent to 25 to 50 years ago wouldn't be the case if EA's didn't have to "earn there keep" as influencers. They have to earn there stripes to be effective in the industry. This is the true test of a good EA.

If you do not lead and do not take the risk to lead, the transformation won’t occur.

As an EA it's all about putting yourself out there and taking calculated risks for yourself, not necessarily for the company.

Again, very good panel with Dana Gardner,Jeanne Ross, Dave Hornford and Len Fehskens.

For more information and the full article:

• Transcript (Download)
• iTunes/iPod and Podcast.com

[UPDATE]

Direct link to audio podcast: https://www.opengroup.org/events/podcasts/BriefingsDirect-State%20of%20Enterprise%20Architecture%20With%20The%20Open%20Group.mp3 

Analysis: Apple has already locked up access to manufacturing materials for tablets, along with our hearts and minds.



Apple - IPad - Macintosh - IPhone - Apple II(author unknown)0293868609517950283316902435461277346739