System information

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE DIRECTORY SERVER 7.0 - PLUG-IN

Part Number 817-5216 Page 1 of 32

Sun Java

™

System Directory Server Release

Notes

Version 5.2 2004Q2

Part Number 817-5216

These Release Notes contain important information available at the time of release of Sun Java

™

System Directory Server 5 2004Q2. New features and enhancements, known issues and limitations,

and other information are addressed here. Read this document before you begin using Directory

Server 5 2004Q2.

The most up-to-date version of these release notes can be found at:

http://docs.sun.com/coll/DirectoryServer_04q2

Check the web site prior to installing and setting

up your software and then periodically thereafter to view the most up-to-date release notes and

manuals.

These release notes contain the following sections:

• Release Notes Revision History

• About Sun Java System Directory Server 5 2004Q2

• Bugs Fixed in This Release

• Important Information

• Known Issues and Limitations

• Redistributable Files

• How to Report Problems and Provide Feedback

• Additional Sun Resources

Third-party URLs are referenced in this document and provide additional, related information.

NOTE Sun is not responsible for the availability of third-party Web sites mentioned in this

document. Sun does not endorse and is not responsible or liable for any content,

advertising, products, or other materials that are available on or through such sites

or resources. Sun will not be responsible or liable for any actual or alleged damage

or loss caused by or in connection with the use of or reliance on any such content,

goods, or services that are available on or through such sites or resources.

Summary of content (32 pages)

PAGE 1
Sun Java™ System Directory Server Release Notes Version 5.2 2004Q2 Part Number 817-5216 These Release Notes contain important information available at the time of release of Sun Java™ System Directory Server 5 2004Q2. New features and enhancements, known issues and limitations, and other information are addressed here. Read this document before you begin using Directory Server 5 2004Q2. The most up-to-date version of these release notes can be found at: http://docs.sun.
PAGE 2
Release Notes Revision History Release Notes Revision History Revision History Table 1 Date Description of Changes May, 2004 • Initial release of these Directory Server only release notes (Administration Server items have been moved into a separate set of Administration Server Release Notes • Major Updates to Bugs Fixed in This Release and Known Issues and Limitations sections.
PAGE 3
About Sun Java System Directory Server 5 2004Q2 • Additional password policy functionality allowing you to track when the entry’s password was last changed • Support for Sun Cluster on Solaris 9 x86 • Improved product documentation The 5.
PAGE 4
About Sun Java System Directory Server 5 2004Q2 Table 2 Solaris SPARC Software Requirements Component Platform Requirement Operating System Solaris 8 Ultra SPARC® Platform Edition with patches required for Java Enterprise System (Sun Cluster 3.1 Release 04/04 has been qualified to run on Solaris 8 02/02 (with the recommended patches installed) a nd Solaris 8 HW 05/03 (PSR 2)) Solaris 9 Ultra SPARC® Platform Edition with patches required for Java Enterprise System (Sun Cluster 3.
PAGE 5
Bugs Fixed in This Release Linux Software Requirements Table 4 Component Platform Requirement Patches or service packs None Additional software None NOTE Sun Java System Directory Server 5.2 has been validated with Sun Cluster 3.1. Specific operating system patches may need to be installed before Directory Server 5.2 can be installed. For further information, refer to the Directory Server Installation and Tuning Guide issued with the initial release of Directory Server 5.2.
PAGE 6
Bugs Fixed in This Release Table 5 Installation, Uninstallation, and Migration Related Bugs Fixed in Directory Server 5. 2 Bug Number Description 4944732 The unconfigure subcommand of the directoryserver command hung due to a shared ServerRoot directory. Table 6 Replication Related Bugs Fixed in Directory Server 5. 2 Bug Number Description 4719793 ACIs on cn=schema branch of the cn=config tree were not replicated.
PAGE 7
Bugs Fixed in This Release Table 6 Replication Related Bugs Fixed in Directory Server 5.2 (Continued) Bug Number Description 4987825 In a multi-master replication topology comprising either two masters or one master and one hub replica and with password expiration enabled, one of the masters generated incorrect error messages concerning all of the data being replicated. Sometimes additional replication session difficulties were also encountered.
PAGE 8
Bugs Fixed in This Release Table 9 Security Related Bugs Fixed in Directory Server 5.2 (Continued) Bug Number Description 4908443 Password expiration did not always completely prevent users from binding. 4899320 Incorrect ACI syntax errors occurred after migration from Netscape Directory Server 4.x to Directory Server 5.x. 4918912 The DENY macro ACI applied to entries that were not supposed to be impacted.
PAGE 9
Bugs Fixed in This Release Table 12 Conformance Related Bugs Fixed in Directory Server 5.2 Bug Number Description 4819710 There were issues when both LDAPv2 and LDAPv3 applications were using certificate related attributes. See “Issues arose when both LDAP v2 and LDAPv3 applications use certificate related attributes (#4819710)” on page22 for further detail regarding this bug fix. Table 13 Java Related Bugs Fixed in Directory Server 5.
PAGE 10
Important Information Table 14 Miscellaneous Bugs Fixed in Directory Server 5.2 (Continued) Bug Number Description 4909592 An erroneous reverse-DNS request was issued at server startup. 4924002 The location of J2SE as used by the Java Enterprise System and its components was not the same as the J2SE location used by Directory Server. 4928129 The nsslapd-accesslog-logminfreediskspace attribute did not function as expected.
PAGE 11
Important Information Patch Requirement Information If you have Directory Server 5.2 installed from Solaris packages and wish to bring it in line with Directory Server as delivered in Java Enterprise System 2004Q2, install the following patches with at least the given version number or more, available at http://sunsolve.sun.com CAUTION To avoid breaking product dependencies, it is mandatory to install the patches in the order provided in the following tables. Table 15 Directory Server 5.
PAGE 12
Important Information Table 17 Directory Server 5.2 Java Enterprise System 2004Q2 Alignment Patches Required For Solaris 9 (x86) Patch Number Patch Description 114678-06 SunOS 5.9_x86: International Components for Unicode Patch 114050-04 SunOS 5.9_x86: Netscape Portable Runtime(4.1.4)/Network Security System(3.3.4) 115927-08 SunOS 5.9_x86: NSPR4.1.6 / NSS 3.3.6 / JSS 3.1.2.5 115611-09 SunOS 5.9_x86 : Sun ONE AdminServer 5.2 patch 115615-10 SunOS 5.9_x86: Sun ONE Directory Server 5.
PAGE 13
Important Information ❍ ❍ ❍ ❍ ❍ ❍ The list of allowed attributes of the ipHost objectclass no longer includes o $ ou $ owner $ seeAlso $ serialNumber. The list of mandatory attributes for the ieee802Device objectclass no longer includes cn. The list of allowed attributes for the ieee802Device objectclass no longer includes description $ l $ o $ ou $ owner $ seeAlso $ serialNumber. The list of mandatory attributes for the bootableDevice objectclass no longer includes cn.
PAGE 14
Known Issues and Limitations Compatibility Notes • Note that the LDAP utility manpages on Sun Solaris platforms do not document the Sun Java System version of the LDAP utilities ldapsearch, ldapmodify, ldapdelete and ldapadd. For information regarding these utilities, refer to the Directory Server Resource Kit Tools Reference. Documentation Notes • In some parts of the documentation and on the Directory Server Console, the version number of the product is referred to as 5.2.
PAGE 15
Known Issues and Limitations • Directory Server Console • Core Server • Directory Server Plug-ins • Miscellaneous Installation, Uninstallation, and Migration Multibyte characters at installation cause configuration problems (#4882927) At installation, using multibyte characters for anything other than the suffix name causes Directory Server and Administration Server configuration to fail. Workaround Use monobyte characters for all fields other than the suffix name.
PAGE 16
Known Issues and Limitations 2. Click Edit and modify the suffix in the User directory subtree field. 3. Click OK to save the change. Error message with migrateInstance5 (#4529552) When running the migrateInstance5 script with error logging disabled, a message is displayed indicating that the migration procedure is attempting to restart the server while the server is already running. If error logging is disabled, you can ignore this error message.
PAGE 17
Known Issues and Limitations Only use the restart-admin command on the active node in a cluster-enabled environment (#4862968) Cannot remove patch ID 115614-08 (Directory Server patch) from all nodes on a cluster (#5035139) The patchrm command for patch ID 115614-08 on a cluster will only work correctly when removing the patch from the first node.
PAGE 18
Known Issues and Limitations Cannot restart the Administration Server from the Console on a Solaris 9 x86 in a cluster enabled environment (#4974780) During an initial installation of Directory Server, if a base DN value contains a blank space, for example o=example east, the directoryURL entry will be incorrectly parsed for the user directory global preferences.
PAGE 19
Known Issues and Limitations [03/Dec/2003:11:32:54 -0500]ERROR<5897> - Schema - conn=-1 op=-1 msgId =-1 - User error: Entry "cn=Password Policy,cn=config", attribute "passwordisglobalpolicy" is not allowed [03/Dec/2003:11:32:54 -0500] - Sun-ONE-Directory/5.2 B2003.143.0020 (64-bit) starting up Workaround Ignore the incorrect error message.
PAGE 20
Known Issues and Limitations plugin postoperation on "referential integrity postoperation" 4. Modify this line by changing the argument that appears just before the list of attributes from 0 to 1. For example, change: plugin postoperation on "referential integrity postoperation" "ServerRoot/lib/referint-plugin.
PAGE 21
Known Issues and Limitations Local schema modifications may be overwritten when a consumer database is created (#4537230) Note The replication monitoring tools rely on read access to cn=config to obtain the replication status. This should be taken into account particularly when replication is configured over SSL. Note In Directory Server 5.2, the schema file 11rfc2307.ldif has been altered to conform to rfc2307. If replication is enabled between 5.2 servers and 5.
PAGE 22
Known Issues and Limitations For replication to function after the set of attributes to be replicated by fractional replication has been modified, the consumer needs to be re-initialized twice (#4977320) If you modify the set of attributes to be replicated by fractional replication, then replication will not work unless you re-initialize the consumer twice.
PAGE 23
Known Issues and Limitations Previously the LDAPv2 protocol specified that the attribute should be xxxxx (where xxxxx is one of: UserCertificate, CACertificate, CertificateRevocationList, AuthorityRevocationList, or CrossCertificatePair.) whereas the LDAPv3 protocol specifies that the attribute should be xxxxx;binary. Directory Server considered the values associated with xxxxx;binary and xxxxx as two different values. In practice, this was not always what was required.
PAGE 24
Known Issues and Limitations Trailing spaces are not preserved during a remote console import operation (#4529532) Trailing spaces are preserved during both local console and ldif2db import operations.
PAGE 25
Known Issues and Limitations French and German Online Help content sometimes displays html tags instead of rendered characters (#5046714) Missing symbolic links for Online Help in EMEA languages other than English (#5045854) When you try to open the help content in Spanish, French, or German via the Directory Server Console menu it opens in English.
PAGE 26
Known Issues and Limitations Core Server Stopping the server during export, backup, restore, or index creation may cause it to crash (#4678334) Database becomes unavailable if the LDIF file is inaccessible during import (#4884530) If a non-existent file is specified for an online import, the server still deletes the existing database. Chained suffixes return mixed case DNs in lower case (#4917152) A mixed case DN retrieved using getDN will be returned exactly as originally specified.
PAGE 27
Known Issues and Limitations Searches based on a substring filter for the telephonenumber attribute fail if the filter contains a blank space directly after the ‘*’ substring (#4866642) db2ldif produces unexpected errors when sub-suffixes are given in the -s option (#4889077) When indexes are configured with nsMatchingRule, db2ldif and ldif2db issue an “unknown index rule” warning which means that the index created does not include the matching rule (#4995127) Workaround Use db2ldif.pl and ldif2db.
PAGE 28
Known Issues and Limitations Miscellaneous Statistics for SNMP subagents (#4529542) On UNIX platforms, statistics are generated only for the last SNMP subagent that is started. This implies that you can monitor only one Directory Server instance at a time with SNMP. Changing the maximum size of the transaction log file has no effect if log files already exist in the database directory (#4523783) Workaround Stop the server, modify the nsslapd-db-logfile-size attribute in the dse.
PAGE 29
Redistributable Files If you want to use these scripts after a port modification you will need to edit them manually. Note that the script names given here are the standalone tool names and that the check-slapd command is not documented as it is not part of the publicly exposed API. For more information see Chapter 1 “Command-Line Tools Reference” of the Directory Server Administration Reference.
PAGE 30
How to Report Problems and Provide Feedback How to Report Problems and Provide Feedback If you have problems with Sun Java System Directory Server, contact Sun customer support using one of the following mechanisms: • Sun Software Support services online at http://www.sun.com/service/sunone/software This site has links to the Online Support Center, and ProductTracker, as well as to maintenance programs and support contact numbers. • The SunSolve support website at http://sunsolve.sun.
PAGE 31
Additional Sun Resources Please provide the full document title and part number in the appropriate fields. The part number can be found on the title page of the book or at the top of the document, and is usually a seven or nine digit number. For example, the part number of these Directory Server 5.2 Release Notes is 817-5216. Additional Sun Resources Useful Sun Java System information can be found at the following Internet locations: • Sun Java System Documentation http://docs.sun.com/db/prod/entsys.
PAGE 32
Additional Sun Resources Copyright © 2004 Sun Microsystems, Inc. All rights reserved. Sun Microsystems, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.sun.com/patents and one or more additional patents or pending patent applications in the U.S. and in other countries. SUN PROPRIETARY/CONFIDENTIAL.