Manualshelf

System information

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE DIRECTORY SERVER 7.0 - PLUG-IN
11121314151617181920
Known Issues and Limitations
Page 18 of 3 2Directory Server 5. 22004Q 2 •Release Notes
Cannot restart the Administration Server from the Console on a Solaris 9 x86 in a cluster enabled
environment (#4974780)
During an initial installation of Directory Server, if a base DN value contains a blank space, for example
o=example east, the directoryURL entry will be incorrectly parsed for the user directory global
preferences. As a result entries will not be found in the Users and Groups tab of Server Console
(#5040621)
Workaround
Modify the base DN value either by correcting the
nsDirectoryURL
attribute in the console to reflect
the correct base DN or by performing an
ldapmodify
on the
nsDirectoryURL
attribute and an
ldapdelete
on the
nsDirectoryFailoverList
attribute via the command line.
When migrating from a 5.1 Directory Server to a 2004Q2 Directory Server any modifications you made
to the set of default indexes will not be migrated (#5037580)
The SUNWasha and SUNWsdha files should not be relocated (#5035882)
Duplicate value error is logged in the Configuration Directory Server when ACI is added to the server
group entry during a new server installation (#4841576)
During Directory Server configuration an ACI on the server group entry for each new server
installation is added. If the entry already exists and this ACI value already exists on the entry
(which is the case when Administration Server is installed after Directory Server), then the
following benign duplicate value error is logged in the Configuration Directory Server:
[07/May/2004:16:52:29 +0200] - ERROR<5398> - Entry - conn=-1 op=-1msgId=-1 - Duplicate
value addition in attribute "aci" of entry "cn=Server Groups, cn=sorgho.france.sun.com,
ou=france.sun.com,o=NetscapeRoot"
Security
DNS keyword in ACIs (#4725671)
If the
DNS
keyword is used in an ACI, any DNS administrator can access the directory by modifying
a PTR record, and can thereby provide the privileges granted by the ACI.
Workaround
Use the
IP
keyword in the ACI, to include all IP addresses in the domain.
Incorrect error message in error logs, when passwordisglobalpolicy attribute is enabled (#4964523)
When the
passwordisglobalpolicy
attribute is enabled on both masters in a 2-master multi-master
replication topology it works correctly but may generate the following incorrect error message: