Sun Java(TM) System Directory Proxy Server 5.2 2005Q4 Release Notes |
Sun Java System Directory Proxy Server Release Notes
Version 5.2 2005Q4
Part Number 819-2406-10
These Release Notes contain important information available at the time of release of Sun Java System Directory Proxy Server 5.2 2005Q4. New features and enhancements, known issues and limitations, and other information are addressed here. Read this document before you begin using Directory Proxy Server 5.2.
The most up-to-date version of these release notes can be found at the Sun Java System documentation web site: http://docs.sun.com/app/docs/prod/entsys.05q4. Check the web site prior to installing and setting up your software. Then check the web site periodically thereafter to view the most up-to-date release notes and product documentation.
These release notes contain the following sections:
Third-party URLs are referenced in this document and provide additional, related information.
Release Notes Revision History
Table 1 Revision History
Date
Description of Changes
June 24, 2005
Beta release
September 2005
Revenue release
About Directory Proxy Server 5.2 2005Q4In some parts of the Directory Proxy Server documentation and console, the version number of the product is referred to as 5.2. Directory Proxy Server 5.2 2005Q4 is a maintenance release of Directory Proxy Server 5.2.
This section includes:
What's New in This Release
In versions of Directory Proxy Server prior to Directory Proxy Server 5 2005Q4, requests from unauthenticated clients cannot change network group. In Directory Proxy Server 5 2005Q4, requests from unauthenticated clients can change network group.
An authenticated client is not the same as an anonymous client. The first operation from an anonymous client is a bind operation with a zero-length name string. The first operation from an unauthenticated client is not a bind, it is another LDAP operation such as a search operation. Requests from unauthenticated clients are classified into a special network group.
In Directory Proxy Server 5 2005Q4, requests from unauthenticated clients can be reclassified into a different network group. This feature is available through the following object class and attributes:
If the value of an attribute is set to TRUE, requests from unauthenticated clients, of the type specified by the attribute, change network group.
To configure this feature, run the following script provided with the patch release: shared/bin/enableRFE5042027.tcl.
Hardware and Software Requirements
The following hardware and software are required for this release of Directory Proxy Server.
Bugs Fixed in This ReleaseThe following table describes bugs fixed in Directory Proxy Server 5.2 2005Q4.
Important InformationThis section contains the latest information that is not contained in the core product documentation. This section covers the following topics:
Accessibility Features for People With Disabilities
To obtain accessibility features that have been released since the publishing of this media, consult Section 508 product assessments available from Sun upon request to determine which versions are best suited for deploying accessible solutions. Updated versions of applications can be found at: http://sun.com/software/javaenterprisesystem/get.html.
For information on Sun's commitment to accessibility, visit http://sun.com/access.
Installation Notes
This section provides notes for installing or migrating to Directory Proxy Server 5.2 2005Q4.
Note that upgrade is not supported for the beta release of this product. Patch versions will be provided with the revenue release of the product.
Patch Requirements
The following tables give the numbers and minimum versions for the alignment patches.
All patches referred to in this section are the minimum version number required for upgrade. It is possible that a new version of the patch has been issued since this document was published. A newer version is indicated by a different version number at the end of the patch. For example: 123456-04 is a newer version of 123456-02 but they are the same patch ID. Refer to the README file for each patch listed for special instructions.
To access the patches, go to http://sunsolve.sun.com.
Caution
To avoid breaking product dependencies, it is mandatory to install the patches in the order provided in the following tables.
On Linux systems, the alignment patches include the Directory Proxy Server patch available on http://sunsolve.sun.com and shared component patches, which are provided on the distribution CD. See "Applying Linux Shared Component RPMs" in the Sun Java Enterprise System 2005Q4 Upgrade and Migration Guide for information about locating and installing the RPMs.
For more information about the Sun Java Enterprise System, see http://www.sun.com/service/sunjavasystem/javaenterprisesystem.
Configuring Directory Proxy Server For SSL/Certificates
For information about how to configure Directory Proxy Server 5.2 2005Q4 for SSL-enabled communication, see the Sun Java System Directory Proxy Server 5 2005Q1 Administration Guide.
Finding the Installation Log Files
For information about the log files generated during installation, see the following table:
Compatibility Issues
Sun Java System Administration Server and the Java Swing-based Console used today for remote graphical administration of Directory Server and other software may be replaced. A new implementation might be implemented to allow full browser-based service management, with easier configuration for access through firewalls.
As a result, the following commands might not be included in a future release:
In addition, everything in o=NetscapeRoot, might change. In particular, o=NetscapeRoot might no longer be present and the serverroot architecture might be replaced by a different one.
Documentation Notes
- In some parts of the Directory Proxy Server documentation and console, the version number of the product is referred to as 5.2. Directory Proxy Server 5 2005Q4 is a maintenance release of Directory Proxy Server 5.2.
- Localized documentation is posted to http://docs.sun.com/ as it becomes available.
Known Issues and LimitationsThis section contains a list of the known issues and limitations with Directory Proxy Server 5.2 2005Q4.
After Startup Directory Proxy Server Does Not Automatically Listen on the Network (4818122)
When Directory Proxy Server is started by the command line, it does not automatically listen on the network. If SSL mode is activated, you must provide a token and password to start SSL. When the token request has been satisfied, Directory Proxy Server can listen on the network.
Workaround
NoneCannot Rename an Object With a Previously Used Name (4863003)
An object cannot be renamed with a previously used name. For example, an object cannot be named and renamed as follows:
This limitation applies to all named properties of the object, including the configuration name.
Workaround
To avoid the problem, use a new name to rename an object. To resolve the problem, quit and restart the console.Using the Log Property Panel on Directory Proxy Server Console Can Corrupt Configuration (4864081 and #4942337)
Changing the log properties by using the log property panel on the Directory Proxy Server console can corrupt the configuration in the configuration directory server. This issue is caused because the console does not generate an ids-proxy-con-include-logproperty entry in the configuration.
Workaround
Manually generate a new configuration by performing the following procedure:
- Export the configuration in the configuration directory server by using the dpsconfig2ldif command.
- In the LDIF file, comment out the line that contains the ids-proxy-con-include-logproperty. For example:
#ids-proxy-con-include-logproperty in the entry dn: ids-proxy-con-config-name=myhost , ou=system, ou=dar-config, o=NetscapeRoot
- Delete the old system configuration. For example:
ldapdelete -D "cn=Directory Manager" -w password -h dshost -p 389 "ids-proxy-con-config-name=myhost,ou=system, ou=dar-config, o=NetscapeRoot"
Where myhost is the Directory Proxy Server host.
- Import the configuration to the configuration directory server by using the dpsldif2config command. For example:
./dpsldif2config -C dps-myhost -h dshost -p 389 -D "cn=Directory Manager" -w password -v ./conf.ldif
- Try again to change the log properties by using the log property panel on the Directory Proxy Server console.
On-Line Help Can Fail if Several Directory Proxy Server Instances Are Registered (4869580)
To display on-line help, the Directory Proxy Server Console contacts any Directory Proxy Server instance registered in the configuration directory. If there is more than one Directory Proxy Server instance registered in the configuration directory, is not possible to specify which Directory Proxy Server instance is used.
If the instance of Directory Proxy Server that answers the request for on-line help is not available, the request fails. The Directory Proxy Server Console does not know that there is no return value and no thrown exception.
Workaround
NoneDuplicate Configurations Caused by Renaming Configurations With the Console (4923242)
If you use the Directory Proxy Server Console to rename a Directory Proxy Server configuration a duplicate configuration name is created.
Workaround
To clone a configuration, create a new configuration and copy all of the values from the original configuration to the new configuration.BIND/UNBIND Is Performed for Each Referral (4943985)
Instead of reusing existing connections to the backend LDAP servers, Directory Proxy Server performs a BIND/UNBIND for each referral. This issue causes a reduction in performance if the backend server is on a Wide Area Network.
Workaround
NoneCannot Follow Referrals in BIND Requests (4951403)
When a bind request is made by the Directory Proxy Server to another server, a DN is returned. However, the Directory Proxy Server does not use the returned DN to connect to the server. Instead, the Directory Proxy Server uses the original DN. The bind request does not work.
Workaround
This feature is a limitation for bind requests only. This feature is not a limitation for search requests, modify requests, and other requests.Remote Instance Fails to Start From the Console When SSL Is Enabled (4961059)
When SSL is enabled in a remote instance of Directory Proxy Server, you cannot use the console to start or restart the instance. The console displays a message that there is no PIN file present.
Workaround
Install a PIN file on the console side, using the same path that is used server side.Backout Fails if Administration Server Is Backed Out Before Directory Proxy Server (5015762)
Backout fails if Administration Server is backed out before Directory Proxy Server.
Workaround
Back out of Directory Proxy Server before backing out of Administration Server. For more information about updating and backing out of Directory Proxy Server, see the Java Enterprise System 2005Q4 Installation Guide.Must Use Utility Scripts in the Server Root Directory Only (5033742)
Versions of the utility scripts, dpsconfig2ldif, dpsldif2config, and migratefromidar50 can exist in directories other than the server root directory. However, these versions of the utility scripts might not be correct.
Workaround
Use the utility scripts from this directory only: <serverroot>/bin/dps_utilities.Migration Fails From IDAR 5.0 or 5.0 SP1 to Directory Proxy Server 5.2 2004Q2 and Later Versions (5037424)
The migratefromidar50 script fails when migrating from Directory Access Router 5.0 or 5.0 SP1 to Directory Proxy Server 5.2 2004Q2 and later versions. The failure occurs because the password is encrypted in the tailor.txt file for instances of Directory Proxy Server 5 2004Q2 and later versions.
Workaround
1) Replace the encrypted password by the non-encrypted password in the tailor.txt file for the the instance of Directory Proxy Server 5.2 2004Q2 or later version.2) Launch the migration script.
Cannot Start Directory Proxy Server Console (5041840)
If the Administration Server is started before the Configuration Directory Server after installation, the Directory Proxy Server cannot access the Administration Server. In this scenario, the Directory Proxy Server console cannot be started correctly.
Workaround
Start the Configuration Directory Server before starting the Administration Server.The Console Blocks When a New Instance Is Created (5042362)
When you create a new instance of Directory Proxy Server, the console blocks and produces this error message: "An error occurred while loading data for this view".
Workaround
Exit from the console or restart the console when you create a new instance.Slow Response of Directory Proxy Server Causes Exceptions in Web Server (6245438)
When there are many connections from a remote node to Directory Proxy Server, the Directory Proxy Server response is slow and results in exceptions.
Incorrect Error Messages During Upgrade and Uninstall (6293491)
When the Directory Proxy Server 5 2005Q4 patch is applied, the following error message is produced:
When the Directory Proxy Server 5 2005Q4 patch is removed, the following error message is produced:
These error messages are incorrect, ignore them.
Console Hangs When Directory Proxy Server Configuration Is Renamed (6295155)
The console hangs if the configuration name is changed by using the console.
Error When Removing Directory Proxy Server 5 2005Q4 Patch on SunOS_x86 (6307084)
Backout is not supported for Directory Proxy Server 5 2005Q4 Patch on SunOS_x86.
Redistributable FilesSun Java System Directory Proxy Server 5.2 2005Q4 does not contain any files which you can redistribute.
How to Report Problems and Provide FeedbackIf you have problems with Sun Java System Directory Proxy Server, contact Sun customer support using one of the following mechanisms:
- Sun Software Support services online at
http://www.sun.com/service/sunone/software
- The SunSolve support website at
http://sunsolve.sun.comSo that we can best assist you in resolving problems, please have the following information available when you contact support:
- Description of the problem, including the situation where the problem occurs and its impact on your operation
- Machine type, operating system version, and product version, including any patches and other software that might be affecting the problem
- Detailed steps on the methods you have used to reproduce the problem
- Any error logs or core dumps
You might also find it useful to subscribe to the following interest groups, where Sun Java System Directory Proxy Server topics are discussed:
Sun Welcomes Your Comments
Sun is interested in improving its documentation and welcomes your comments and suggestions. Use the web-based form to provide feedback to Sun:
Please provide the full document title and part number in the appropriate fields. The part number can be found on the title page of the book or at the top of the document, and is usually a seven or nine digit number. For example, the part number of these Directory Proxy Server 5.2 Release Notes is 819-2406-10.
Additional Sun ResourcesUseful Sun Java System information can be found at the following Internet locations:
- Sun Java System Documentation
http://docs.sun.com/db/prod/entsys.05q4- Java Enterprise System Software Services
http://www.sun.com/service/products/software/javaenterprisesystem- Sun Java System Software Products and Service
http://www.sun.com/software- Sun Java System Support and Knowledge Base
http://sunsolve.sun.com- Sun Java System Consulting and Professional Services
http://www.sun.com/service/products/software/javaenterprisesystem- Sun Developer Information
http://developers.sun.com- Sun Developer Support Services
http://www.sun.com/developers/support- have Sun Software Data Sheets
http://wwws.sun.com/software- Directory Proxy Server Certified Engineer Training Program
http://training.sun.com/US/certification/enterprise
Copyright © 2005 Sun Microsystems, Inc. All rights reserved.
Sun Microsystems, Inc. has intellectual property rights relating to technology embodied in the product that is described in this document. In particular, and without limitation, these intellectual property rights may include one or more of the U.S. patents listed at http://www.sun.com/patents and one or more additional patents or pending patent applications in the U.S. and in other countries.
SUN PROPRIETARY/CONFIDENTIAL.
U.S. Government Rights - Commercial software. Government users are subject to the Sun Microsystems, Inc. standard license agreement and applicable provisions of the FAR and its supplements.
Use is subject to license terms.
This distribution may include materials developed by third parties.
Portions may be derived from Berkeley BSD systems, licensed from U. of CA.
Sun, Sun Microsystems, the Sun logo, Java and Solaris are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the U.S. and other countries.
Copyright © 2005 Sun Microsystems, Inc. Tous droits réservés.
Sun Microsystems, Inc. détient les droits de propriété intellectuels relatifs à la technologie incorporée dans le produit qui est décrit dans ce document. En particulier, et ce sans limitation, ces droits de propriété intellectuelle peuvent inclure un ou plus des brevets américains listés à l'adresse http://www.sun.com/patents et un ou les brevets supplémentaires ou les applications de brevet en attente aux Etats - Unis et dans les autres pays.
Propriété de SUN/CONFIDENTIEL.
L'utilisation est soumise aux termes du contrat de licence.
Cette distribution peut comprendre des composants développés par des tierces parties.
Des parties de ce produit pourront être dérivées des systèmes Berkeley BSD licenciés par l'Université de Californie.
Sun, Sun Microsystems, le logo Sun, Java et Solaris sont des marques de fabrique ou des marques déposées de Sun Microsystems, Inc. aux Etats-Unis et dans d'autres pays.
Toutes les marques SPARC sont utilisées sous licence et sont des marques de fabrique ou des marques déposées de SPARC International, Inc. aux Etats-Unis et dans d'autres pays.