iPlanet Directory Server Bugs

Cannot Inactivate Users Through Console (4521017)

If you launch the iPlanet Directory Server 5.1 Console and create a new user or role as inactive, the newly created user or role is not inactivated. Users and roles cannot be created through the Console as inactive.

Workaround: To create an inactive user or role, follow these steps:

1. Create a new user or role.

2. Double-click the newly created user or role (or select it and click the Properties item from the Object menu).

3. Click the Account tab.

4. Click the Inactivate button.

5. Click OK.

The newly created user or role is Inactivated.

Cannot Configure Directory With Root Suffix That Contains Spaces (4526501)

If the user specifies a base DN containing a space, for example, o=U.S. Government,C=US at iPlanet Directory Server configuration time, the resulting DN is truncated to Government,C=US. At configuration time, the DN should be entered as o=U.S.%20Government,C=US.

Workaround: To correct the base DN entry, follow these steps.

1. Select the top directory entry in the left-hand navigation pane of the Servers and Applications tab on the Console.

2. Edit the suffix in the User directory subtree field.

3. Click OK.

Password Policy Information Is Not Synchronized Between Servers (4527608)

If you update a non-master directory server with password policy information, that information will not be replicated to all other servers. This includes account lockouts.

Workaround: Manage password policy information manually on each server.

Account Lockout Remains in Effect After User Password Is Changed (4527623)

If Account Lockout is in effect and the user password is changed, Account Lockout remains in effect.

Workaround: Reset the accountUnlockTime, passwordRetryCount, and retryCountResetTime lockout attributes to unlock the account.

Console Backup Immediately After Install Fails (4531022)

If you install the iPlanet Directory Server, start the console, initialize the directory with an LDIF file and then backup the server, the Console reports the backup was successful, but it has actually failed.

Workaround: Perform the following tasks from the Console after you initialize the database:

1. Stop the server.

2. Restart the server.

3. Perform the backup.

Server Ignores Case Sensitive Syntax When Normalizing DN Attributes (4630941)

If you are using LDAP naming services, creating automount path names which are the same except for case will result in non-unique path names. The directory server does not allow creation of entries where the naming attribute is defined with a case-sensitive syntax and an entry already exists with the same name, but different case. For example, if entry attr=foo,dc=mycompany,dc=com exists, the server will not allow creation of attr=Foo,dc=mycompany,dc=com. A side effect of this problem is when LDAP naming services are used, automount path names have to be unique regardless of their case.

It is not possible to have /home/foo and /home/Foo paths.

Workaround: None.

Stopping Server During Export, Backup, Restore or Index Creation Crashes Server (4678334)

If the server is stopped during export, backup, restore or index creation, the server will crash.

Workaround: Do not stop the server during these types of operations.

Replication Unable to Use Self-Signed Certificate (4679442)

If the user attempts to configure replication over SSL with certificate-based authentication and the supplier's certificate is self-signed or the supplier's certificate is only capable of behaving as an SSL server certificate that is unable to "play" the role of the client during an SSL handshake, replication will not work.

Workaround: None.