Solaris 9 12/03 Release Notes

Sun ONE Directory Server (Formerly iPlanet Directory Server) Issues

Setup Issue

When typing a Distinguished Name (DN) during installation, use the UTF-8 character set encoding. Other encodings are not supported. Installation operations do not convert data from local character set encoding to UTF-8 character set encoding. Lightweight Directory Interchange Format (LDIF) files that are used to import data must also use UTF-8 character set encoding. Import operations do not convert data from local character set encoding to UTF-8 character set encoding.

Schema Issues

The schema provided with the Sun Open Net Environment (Sun ONE) Directory Server (formerly iPlanet Directory Server) 5.1 differs from the schema that is specified in RFC 2256 for the groupOfNames and groupOfUniquenames object classes. In the schema provided, the member and uniquemember attribute types are optional. RFC 2256 specifies at least one value for these types must be present in the respective object class.

The aci attribute is an operational attribute that is not returned in a search, unless you explicitly request the attribute.

Replication Issue

Multimaster replication over a wide area network (WAN) is currently not supported.

Server Plug-In Issues

Sun ONE Directory Server 5.1 provides the user identification number (UID) Uniqueness plug-in. By default, the plug-in is not activated. To ensure attribute uniqueness for specific attributes, create a new instance of the Attribute Uniqueness plug-in for each attribute. For more information on the Attribute Uniqueness plug-in, refer to the iPlanet Directory Server 5.1 Administrator's Guide at

The Referential Integrity plug-in is now off by default. To avoid conflict resolution loops, the Referential Integrity plug-in should only be enabled on one master replica in a multimaster replication environment. Before enabling the Referential Integrity plug-in on servers that issue chaining requests, analyze your performance resource, time, and integrity needs. Integrity checks can consume significant memory and CPU resources.

Roles and Class of Service Issue

The nsRoleDN attribute is used to define a role. This attribute should not be used for evaluating role membership in a user's entry. When evaluating role membership, look at the nsrole attribute.

Indexing Issue

If virtual list view (VLV) indexes encompass more than one database, the VLV indexes do not work correctly.