February 25, 2016
I have stopped making regular updates to this blog (see here), but not ceased altogether. Stop by occasionally to see new posts.
M. Scott Roth
September 12, 2016 Leave a comment
In case you missed it today, OpenText announced that it will purchase Dell-EMC’s Enterprise Content Division (ECD — including Documentum and LEAP among other products). See the text of the announcement I received from Dell-EMC below (actual letter here).
Today, we are excited to announce that we have reached a definitive agreement with OpenText, a global leader in Enterprise Information Management, to combine the Dell EMC Enterprise Content Division (ECD) and its portfolio (including the Documentum, InfoArchive and LEAP families of products) with OpenText’s existing portfolio of products. We are pleased that this will open up new opportunities for ECD customers, partners and team members. The transaction is expected to close in 90 to 120 days. Terms of the agreement can be viewed in the press release.
In determining the best long-term future for ECD, we wanted to create a business with a leading position in Enterprise Information Management. We looked for a partner that shares our vision for the transformation to digital business, our passion for the role of information in the digital world, and the breadth of capabilities to help our customers like you realize that vision. We also sought a partner that shares our commitment to deliver a world-class total customer experience. And, we wanted a partner that values the industry knowledge, innovative mindset and unique talents of our team. I am very pleased to say that we found all of that in OpenText, an industry leader with 9,200 professionals worldwide.
After the transaction closes, we expect that you will continue to realize value from your ECD investments and gain additional value from OpenText’s enriched portfolio, whose complementary strengths will produce a leader in both ECM and EIM: an organization with the financial strength, talent base, and global go-to-market scale to best serve your organization and its needs.
Additionally, Dell EMC and OpenText will work closely together after the transaction closes for the benefit of our mutual customers. To underscore our joint commitment, OpenText and Dell EMC also announced today our intent to enter into a strategic commercial partnership to expand customer offerings and better serve customer needs.
We are fully committed to providing you with world-class support to ensure your ongoing success during this transition. We believe today’s announcement is great news for you and all of our stakeholders, and we hope you are pleased about the opportunity ahead.
There will be a be a webcast on Sept 14 to discuss the purchase, and presumably what it means for customers and partners. Register here.
UPDATE: Blog post form Rohit Ghai.
UPDATE: Really great analysis from my friends at TSG.
September 9, 2016 2 Comments
I received a letter from Dell-EMC yesterday that I found quite interesting for several reasons. First, they sent it to my personal email address and not my business one. Some how they think I am a customer? Second, I have not received this — or any other communication — from them on my business email where I am registered with them as a partner. Third, no where in this letter, nor the link to the Dell-EMC Technologies website, is Documentum mentioned*. It could very well be that Documentum is considered to be part of EMC proper and not a subsidiary like VMware or Pivotal, I get that, but the skeptic in me wonders if this is an omen of the future.
August 31, 2016 Leave a comment
Short and sweet: By exploiting this vulnerability, remote unauthenticated users may download any document from the Docbase by knowing only the
r_object_id of that document.
Resolution: Upgrade to D2 v4.5 patch 15, or D2 v4.6 patch 03.
Here is the link: ESA-2016-108: EMC Documentum D2 Authentication Bypass Vulnerability
August 19, 2016 2 Comments
EMC has posted an ESA for Webtop: ESA-2016-088: EMC Documentum Webtop Unsafe Deserialization Vulnerability. Here is the text of the ESA:
Documentum Webtop has a java deserialization code which may not validate if the input stream contains any malicious code. This code may be leveraged to exploit the system using malicious payloads with the help of the vulnerable versions of Apache libraries used in WebTop.
The following EMC Documentum Webtop release contains resolutions to these vulnerabilities:
- EMC Documentum Webtop 6.8.1 P04 and later
- EMC Documentum Webtop 6.8 P16 and later
- EMC Documentum Capital Projects 1.9 P25 and later
- EMC Documentum Capital Projects 1.10 P12 and later
EMC recommends all customers upgrade at the earliest opportunity. In addition, Documentum Engineering is working to validate a code fix for the following product families. This code fix will be available in upcoming maintenance releases:
- EMC Documentum Administrator 7.2
- EMC Documentum TaskSpace 6.7
This ESA will be updated as code fixes become available.
This is an interesting ESA in that the vulnerability seems to be with Apache libraries, not Webtop directly, and no resolution or corrective action is given. Usually, EMC announces ESAs after the issues have been corrected in a patch.
August 1, 2016 Leave a comment
I recently read in the ECD Product and Solutions Bulletin:
“The Enterprise Content Division continuously improves products to fit your needs and we’re glad to announce that Captiva 7.1 is now certified for Microsoft Windows 10 x64. More information can be found in the release notes, or contact support if you have any questions.”
That’s good news for many I’m sure.
June 30, 2016 Leave a comment
I recently ran across this knowledgebase article and thought I would share it, since it is similar to some research I did back in 2007. The difference (besides 9 years), is that my article was written for developers, where the knowledgebase article addresses production systems. Obviously a lot has changed in the 9 years between articles. Read both and determine for yourself which frequency works best in your environments.
June 15, 2016 Leave a comment
It’s been a while since I’ve posted anything here, so I thought I would pass along the announcement and link to the Momentum 2016 Hands-On Labs. For those that were unable to attend EMC World 2016 or unable to attend the Hands-On labs due to scheduling, they are provided here. Enjoy.