HP-UX Directory Server Version 8.1 (B.08.10.07) Release Notes (766146-001, March 2014)
The following enhancements were introduced with the release (B.08.10.02):
• Support in the Administration Server for Apache 2.2 in addition to Apache 2.0. For use of
Apache 2.2, Apache B.2.2.8.06 or higher is required.
• Additional support for migrating from Sun Java System Directory Server.
• Support for configuration of the HP-UX Directory Server 8.1 in an HP Serviceguard package.
The primary means of providing high availability continues to be the HP-UX Directory Server
multi-master replication feature. For information about configuring HP-UX Directory Server in
a Serviceguard package, see the HP Serviceguard documentation, available at the following
location:
http://www.hp.com/go/hpux-serviceguard-docs
The following new and changed features were introduced with HP-UX Directory Server 8.1
(B.08.10.00):
• Support for LDAP via UNIX sockets—While RHDS only used TCP sockets for communication
with LDAP clients, HPDS now also supports using UNIX sockets by allowing LDAP via IPC
(LDAPI). This is intended for applications that run on the same host as the Directory Server.
• DNA plug-in provides automatic numeric attribute assignment—A new plug-in automates the
assignment of numeric IDs, such as the values for uidNumber and gidNumber for POSIX
account entries. The plug-in supports assignment with no risk of collisions in multi-master
replication topologies.
• memberOf plug-in provides a list of group memberships held by each user—Provides a list of
groups in multiple memberOf attributes in each user entry. The new plug-in simplifies
determining what groups a user belongs to. The memberOf attribute can greatly simplify
access control in applications by simplifying verification of a user's group membership.
• Additional options for secure communication between servers—Server to server connections,
such as those used in replication, are enhanced to support SASL/Digest-MD5 and SASL/GSSAPI
(Kerberos) authentication, and encryption with Start TLS.
• More flexibility in schema management: Schema can be deployed or modified on-disk and
then reloaded using a new task-based mechanism. Previously, dynamic schema changes could
only be performed via LDAP which offered less control over the organization of the schema
in its persistent on-disk storage.
• Improved Get Effective Rights operation—Whereas the GER operation in RHDS only showed
effective rights for attributes that already existed in an entry, with HPDS, the operation can
now display any effective rights for potential attributes as well (operational attributes, and
those that currently do not exist in the entry but are allowed by schema).
• More tuning for Windows synchronization—In previous releases, the interval at which the
Directory Server checked the Active Directory Server for updates was fixed at five minutes.
This interval is now configurable.
• Option to disallow unauthenticated bind operations—A new configuration attribute allows the
administrator to deny access to LDAP clients that do not provide a password. This allows
improved compatibility with server applications that might misinterpret a Directory Server's
success response to bind operations that lack a password.
• Account policy plug-in provides control over inactive accounts—The new account policy plug-in
tracks login time stamps and provides the administrator with the option to lock accounts based
on the duration of inactivity since the last login time.
• Replication agreements can be prioritized—The multi-master replication plug-in has been
enhanced to allow prioritization of replication agreements. This allows the administrator to
control the order in which multiple replicas are updated. This may be useful, for example,
when you require that a backup master replica be updated completely before updating one
or more read-only replicas accessible by client applications.
10 What is new in HP-UX Directory Server 8.1?