Chapter 7. Red Hat Directory Server 11.4
7.1. Highlighted updates and new features
This section documents new features and important updates in Directory Server 11.4.
Directory Server rebased to version 1.4.3.27
The 389-ds-base
packages have been upgraded to upstream version 1.4.3.27, which provides a number of bug fixes and enhancements over the previous version. For a complete list of notable changes, read the upstream release notes before updating:
- https://directory.fedoraproject.org/docs/389ds/releases/release-1-4-3-24.html
- https://directory.fedoraproject.org/docs/389ds/releases/release-1-4-3-23.html
- https://directory.fedoraproject.org/docs/389ds/releases/release-1-4-3-22.html
- https://directory.fedoraproject.org/docs/389ds/releases/release-1-4-3-21.html
- https://directory.fedoraproject.org/docs/389ds/releases/release-1-4-3-20.html
- https://directory.fedoraproject.org/docs/389ds/releases/release-1-4-3-19.html
- https://directory.fedoraproject.org/docs/389ds/releases/release-1-4-3-18.html
- https://directory.fedoraproject.org/docs/389ds/releases/release-1-4-3-17.html
Highlighted updates and new features in the 389-ds-base
packages
Features in Red Hat Directory Server, that are included in the 389-ds-base
packages, are documented in the Red Hat Enterprise Linux 8.5 Release Notes:
- Directory Server now supports temporary passwords
-
Directory Server supports the
entryUUID
attribute -
The
dnaInterval
configuration attribute is now supported - Directory Server can exclude attributes and suffixes from the retro changelog database
- Directory Server provides monitoring settings that can prevent database corruption caused by lock exhaustion
-
Added a new message to help set up
nsSSLPersonalitySSL
7.2. Bug fixes
This section describes bugs fixed in Directory Server 11.4 that have a significant impact on users.
The dsconf
utility no longer fails when using LDAPS URLs
Previously, the dsconf
utility did not correctly resolve TLS settings for remote connections. As a consequence, even if the certificate configuration was correct, using dsconf
with a remote LDAPS URL failed with an certificate verify failed
error. The dsconf
connection code has been fixed. As a result, using remote LDAPS URLs with dsconf
now works as expected.
Bug fixes in the 389-ds-base
packages
Bug fixes in Red Hat Directory Server, that are included in the 389-ds-base
packages, are documented in the Red Hat Enterprise Linux 8.5 Release Notes:
7.3. Known issues
This section documents known problems and, if applicable, workarounds in Directory Server 11.4.
Directory Server settings that are changed outside the web console’s window are not automatically visible
Because of the design of the Directory Server module in the Red Hat Enterprise Linux 8 web console, the web console does not automatically display the latest settings if a user changes the configuration outside of the console’s window. For example, if you change the configuration using the command line while the web console is open, the new settings are not automatically updated in the web console. This applies also if you change the configuration using the web console on a different computer. To work around the problem, manually refresh the web console in the browser if the configuration has been changed outside the console’s window.
The Directory Server Web Console does not provide an LDAP browser
The web console enables administrators to manage and configure Directory Server 11 instances. However, it does not provide an integrated LDAP browser. To manage users and groups in Directory Server, use the dsidm
utility. To display and modify directory entries, use a third-party LDAP browser or the OpenLDAP client utilities provided by the openldap-clients
package.
Known issues in the 389-ds-base
packages
Known issues in Red Hat Directory Server, that are included in the 389-ds-base
packages, are documented in the Red Hat Enterprise Linux 8.5 Release Notes: