These release notes provide current information on the date they are published. However, if the English version of the release notes has a more recent publication date, it might be updated with more current information that is not provided in other versions. Consult the English version of the release notes for the most current information.
This section contains the following information:
To reduce the database entry size, the existing database entry format is changed. The internal representation of an entry changed from an ASCII LDIF format to a tagged binary format. The data stored in the database does not have the characteristic starting of dn: anymore, the first byte of an entry being a value bigger than 0xE0 (hence all values 0xE0 to 0xFF are to be considered reserved for internal use).
For compatibility reasons entries can be a mix of LDIF and binary representations, but any modification will write the entry in binary format.
Suffix entries data can be compressed when written to disk to minimize their disk footprint. Compression is enabled according to the settings of the compression-mode and compression-entries properties,
For additional information, refer to the Chapter 8, Writing Entry Store and Entry Fetch Plug-Ins, in Sun Directory Server Enterprise Edition 7.0 Developer’s Guide.
To save disk space, you can restore a server by moving files in place of copying them. You can perform the copyless restore by setting a flag with the restore command.
For more information, see Binary Restore in Sun Directory Server Enterprise Edition 7.0 Administration Guide
Instances installed on Windows systems now support Internet Protocol version 6.
Likewise, server instances on other operating systems also support IPv6.
The dsutil command now performs the functions formerly provided by the ns-activate, ns-inactivate, and ns-accountstatus commands.
Backup operations perform a database verify on archived data when the --flags verify-db option is specified.
The index filter analyzer identifies index lists where the number of entries exceeds the maximum number of indexable entries (the ALLID threshold) and monitors user searches using such index lists. The index filter analyzer is enabled using the dsconf enable-index-filter-analyzer command.
Entry aggregation results in the following:
Optimizes queries to secondary data view
Searches for secondary data view first when required
Handles large result sets (VLV control) better
Requests Grouping to secondary source
JDBC data view now supports Date and Blob.
Directory Proxy Server now uses a new logging engine implementation that performs more efficiently on multi-core systems.
New criteria based on LDAP groups
Management of the maximum throughput
New type of data view to address more use cases, for example, company mergers.
An enhanced regex distribution algorithm is added, as described in Configuring Pattern Matching Distribution Algorithm in Sun Directory Server Enterprise Edition 7.0 Administration Guide.
To optimize the performance of searches of a join data view, Directory Proxy Server makes use of Virtual List View (vlv) indexes. It helps you to avoid the scenario where search hits the size limits due to the lots of entries from one data source and very few from the others. To use VLV indexes, see Browsing Index in Sun Directory Server Enterprise Edition 7.0 Reference.
This section includes all the behavioral changes that are made in this release.
The Directory Server Enterprise Edition product layout is changed as mentioned below:
All commands are available in install-path/dsee7/bin.
The plug-ins are available in install-path/dsee7/lib.
For a complete list of file locations, see Software Layout for Directory Server Enterprise Edition in Sun Directory Server Enterprise Edition 7.0 Reference.
Starting with Directory Server Enterprise Edition 7.0, the export process (dsadm export) always puts the Replica Update Vector (RUV) as last entry in the exported LDIF file.
Directory Server Enterprise Edition loads the libraries for Sun Microsystems plug-ins from the path where the software is installed. The libraries are no more loaded from the path mentioned in the LDIF.
A new threading model improves import performance on multi-core machines.
If an import is multi-pass, merging of the indexes happens in parallel if there is enough memory for holding the index and its temporary files. The parallel merging of indexes results in improved performance.
When a search operation returns attributes whose syntax requires binary transfer, it appends the ;binary qualifier to the attribute name. To disable compliance with RFC 4522, set the compat-flag property to no-rfc4522.
This sections describes changes in the behavior of administrative commands.
The dsadm and dpadm commands provide the new list-running-instances and stop-running-instances options for listing and stopping locally running servers.
The dsadm command also provides additional options for managing certificates, --sigalg, --phone, --email, and --dns described in dsadm(1M) .
The dpadm set-flags command supports two new flags,jvm-path and server-umask, described in dpadm(1M).
Several commands were available in previous versions of Directory Server Enterprise Edition but whose functions are now provided by other commands, as described in Command Line Changes in Sun Directory Server Enterprise Edition 7.0 Upgrade and Migration Guide
Some commands were removed from Directory Server Enterprise Edition, as described in Command Line Changes in Sun Directory Server Enterprise Edition 7.0 Upgrade and Migration Guide.
A binary backup modifies the backup files by running a database recovery, thus flushing backup transaction logs to the backup databases. To leave the backup as it is, use the --flags no-recovery option.
Re-indexing is performed more efficiently, reusing some recent import techniques and speed improvements.
The dsconf info command reports which attributes need to be re-indexed (for example, after a configuration change).
The root DSE contains the list of supported ciphers as reported by the security library. In release 7.0, the root DSE also contains the ciphers that are available for SSL negotiation under the enabledSSLCiphers attribute, and it is by default a subset of all the supported ciphers.