pwalsh1
1 Nickel

Re: Ask the Expert: What's New in EMC Documentum 7.1?

From installation to workflow, docbasic is still prolific within Documentum.  It may never be completely removed.  Many customer solutions and workflows still depend on dmbasic where it would be difficult, and time consuming, to replace.  So it's safe to assume the current scripts and processing will remain throughout the lifetime of the D7.x codeline.

In the future, we may adopt a new EBS interpreter or add support for other scripting languages as core components evolve. 

0 Kudos
pwalsh1
1 Nickel

Re: Ask the Expert: What's New in EMC Documentum 7.1?

It is exciting to see the interest in the upcoming Documentum 7.1 Developer Edition.  An announcement on availability will be made soon.  I'll repost it here when it breaks.

aldago-zF7Lc
4 Germanium

Re: Ask the Expert: What's New in EMC Documentum 7.1?

Thanks for the answers Patrick, some more questions:

Server Certificate Authentication was not available as an Out-of-the-Box configuration before 7.1.  This mode provides enhanced trust when identifying Documentum servers using DFC client

Was it something available with previous TCS versions or is it something new developed for 7.1?

We're interested in your feedback and experiences with this new release, including supporting material like the documentation.  Let me know if you have additional suggestions that would make the process more straightforward.

(Happening in both windows and linux 7.1 setups): If you configure the docbroker to work in secure mode only it will use port 1489 even when the log indicates it is using 1490. Launching the docbroker with -port 1490 will make the docbroker listen to 1490 while the log indicates it is using 1491. Either fix this behaviour or note it in the installation guide because as now it is... confusing.

Besides, the whitepaper @PanfilovAB linked before, should be included as a full section in the documentation. Even when the installer allows you to configure the certificate-based secure mode, the troubleshooting section of that WP is quite useful.

In the future, we may adopt a new EBS interpreter or add support for other scripting languages as core components evolve.

At least is being considered an update...

0 Kudos
pwalsh1
1 Nickel

Re: Ask the Expert: What's New in EMC Documentum 7.1?

Anonymous SSL mode secures the communication between the DFC client and the Content Server.  The new SSL mode also establishes the identity of the Content Server.  As you pointed out earlier, this secures the system from malicious internal masquerade attacks that try to spoof the identity of the Content Server.

0 Kudos
PanfilovAB
4 Germanium

Re: Ask the Expert: What's New in EMC Documentum 7.1?

In that case it's not clear why such setup is strongly recommended (see initial Alvaro's question), why not restrict docbase registration on docbroker side? Actually such setup would more useful especially for DEV/TEST environments.

Another question about SSL implementation: now CS has four(?) certificates stores: netscape for LDAP, dm_public_key_certificate, dm_private_key_certificate and pkcs for SSL connections, in my opinion it is absolutely inconsistent - every new feature has its own cryptostore implementation (also need to add D2's lockbox). Why do not remove all redundant stuff and store all cryptography settings inside docbase?

pwalsh1
1 Nickel

Re: Ask the Expert: What's New in EMC Documentum 7.1?

The *p views are public views and can be used by clients/applications.

The *v are Content Server internal views which are subject to different optimizations and not meant to be used by clients/applications.

0 Kudos
aldago-zF7Lc
4 Germanium

Re: Ask the Expert: What's New in EMC Documentum 7.1?

I'm answering myself:

(Happening in both windows and linux 7.1 setups): If you configure the docbroker to work in secure mode only it will use port 1489 even when the log indicates it is using 1490. Launching the docbroker with -port 1490 will make the docbroker listen to 1490 while the log indicates it is using 1491. Either fix this behaviour or note it in the installation guide because as now it is... confusing.

I've been playing again with one of the two machines I've used to setup the SSL configuration, and I must say that what I said is completly wrong. Setting the docbroker in secure mode only, uses port 1490 by default. I messed with a lot of files/database entries so I probably broke something while I was testing it...

0 Kudos
Julien_Fontaine
4 Germanium

Re: Ask the Expert: What's New in EMC Documentum 7.1?

Really interesting question and answer about security !

Alvaro de Andres did you get all the expected answers ?

0 Kudos
fainemr
4 Germanium

Re: Ask the Expert: What's New in EMC Documentum 7.1?

I've been attempting to configure a new development environment using the new certificate based SSL mode and the Documentation and White paper are both very hard to follow and missing important information.  This is the biggest challenge facing Documentum administrators and developers.  I've never seen complete, thorough, error-free documentation for any Documentum product.  I understand it is hard work but that is what we pay you for.  We expect accurate and complete documentation.  The business of configuring this software is hard enough already without wasting an entire day only to discover a crucial step was left out of the Documentation. 

This could all be solved if EMC would provide a wiki formatted documentation site.  If we had a wiki we could correct the documentation ourselves and not need to wait months and submit multiple needless SRs just to get a correction to the documentation.  If we can't depend on your to give us accurate documentation then you should at least let us fix it ourselves.

Is this something we could see with 7.1?

0 Kudos
fainemr
4 Germanium

Re: Ask the Expert: What's New in EMC Documentum 7.1?

I noticed that also, it seems to just be getting worse all the time, how many different store types is too many for EMC?   I was thinking about suggesting they use a single type of store but I like your suggestion better.

0 Kudos