What's New in This Guide?

This preface introduces the new and changed features of Oracle Unified Directory and Oracle Unified Directory Services Manager (OUDSM) since the previous release, and provides pointers to additional information. The information includes the following section:

• New and Changed Features for Oracle Unified Directory 12c (12.2.1.3.180322)

• New and Changed Features for Oracle Unified Directory 12c (12.2.1.3.0)

Follow the pointers into this guide to get more information about the features and how to use them. This document is the new edition of the formerly titled Oracle Fusion Middleware Administrator's Guide for Oracle Unified Directory.

New and Changed Features for Oracle Unified Directory 12c (12.2.1.3.180322)

Oracle Unified Directory 12c (12.2.1.3.180322) includes the following new and changed features:

• Support for ForkJoin workflow element that allows you to aggregate data from two remote data sources at real time. See Understanding ForkJoin Workflow Element.

• Support for Union workflow element that allows you to aggregate several DITs into a virtual unified DIT. See Understanding Union Workflow Element.

• Support for SAML XASP workflow element that allows you to retrieve attributes from a SAML Identity Provider using the SAML X.509 Attribute Sharing Profile. See Understanding How to Retrieve Attributes from a SAML Identity Provider Using SAML XASP.

• Support for Map Object Class Transformation Type. This transformation creates mapping that can make one objectClass appear like another objectClass. For example a source objectClass inetOrgPerson can appear like a client objectClass user. This ability is useful when an application expects a particular objectClass/attributes, but the directory does not support that.

  See Map Object Class Transformation Type.

• Support for DynamicGroups workflow element allows you to process LDAP objectclasses that are groupOfURLs and converting it into a groupOfUniqueNames equivalent. See Understanding DynamicGroups Workflow Element

New and Changed Features for Oracle Unified Directory 12c (12.2.1.3.0)

Oracle Unified Directory 12c (12.2.1.3.0) includes the following new and changed features:

• Oracle Unified Directory now supports Password-Based Key Derivation Function 2 (PBKDF2) as an additional password storage scheme. The PBKDF2 based password storage schemes supported are PBKDF2 HMAC SHA-1, PBKDF2 HMAC SHA-256, PBKDF2 HMAC SHA-512, and EUS PBKDF2 SHA512. See password storage scheme.

• Oracle Unified Directory now supports retrieval of multi-valued attributes in the order in which they are created. To retrieve the values in the same order, you need to disable the compact encoding flag. See Retrieving Multi-Valued Attributes in the Order of Creation.

• Oracle Unified Directory now supports Subject Alternative Name to User Attribute certificate mapper to setup a mapping between Oracle Unified Directory and certificate by retrieving the Principal Name (or other names) existing under subject alternative name extension of the given certificate. Using dsconfig, you can set subject-alternative-name-attribute-mapping and user-base-dn properties for this certificate mapper. See Using Subject Alternative Name to User Attribute Certificate Mapper.

• Oracle Unified Directory supports TLS version 1.1 and TLS version 1.2 protocols by default. See Supported TLS Protocols and Cipher Suites by Oracle Unified Directory.

• Oracle Unified Directory now supports overriding system default protocols and cipher suites for TLS Communication. Using the procedure given in Overriding System Default Protocols and Cipher Suites for TLS Communication, you can set the configuration to override default settings. Now, when you run any CLI tool, such as, ldapsearch, the overridden configuration is honoured during any TLS communication with the OUD server.

• Oracle Unified Directory now supports governing of SSL/TLS Protocol and Cipher Suites with the help of newly created properties: ssl-protocol and ssl-cipher-suite. See About the Configurable LDAP Extension Properties Relevant to Security to know more about their usage and possible values.

• Oracle Unified Directory now supports configuringssl-protocol and ssl-cipher-suite properties of the connection handler to override system default SSL/TLS protocols and cipher suites. See Specifying Protocol Version and Cipher suites in a Connection Handler.

• Oracle Unified Directory now supports overriding system default protocols and cipher suites by configuring ssl-protocol and ssl-cipher-suite properties of Crypto Manager. See Configuring SSL Protocol and Cipher Suites in Crypto Manager for Replication.

• Oracle Unified Directory now supports RDBMS extensions to use a secured connection to access the remote database that is configured to accept secured connections. An RDBMS extension can be configured by using dsconfig command to use a secure connection to access the database. See Creating an RDBMS Extension to Use Secure Connection.

• Oracle Unified Directory now supports different types of log publishers. See Viewing Existing Log Publishers.

• Oracle Unified Directory, now, supports starting and stopping of instances that are created within the domain. You can use Command Line Interface and WebLogic Scripting Tool (WLST) commands to start and stop an instance. See Starting and Stopping Oracle Unified Directory Instance Created Within the Domain.

• OUDSM now can be configured to use SSL protocol and cipher suites that the OUD server supports for TLS communication. See Configuring TLS Protocol and Cipher Suites for OUDSM to OUD Communication.