Chapter 5. Red Hat Directory Server 11.6
Learn about new system requirements, highlighted updates and new features, known issues, and deprecated functionality implemented in Directory Server 11.6.
5.1. Highlighted updates and new features
This section documents new features and important updates in Directory Server 11.6.
Directory Server rebased to version 1.4.3.31
The 389-ds-base packages have been upgraded to upstream version 1.4.3.31.
LDAP browser is now fully supported
With this enhancement, you can manage LDAP entries from the LDAP Browser tab in the web console. For example, you can:
- Browse the directory using Tree or Table view.
- Manage entries, such as users, groups, roles, organizational units (OUs), and custom entries.
- Manage Access Control Instructions (ACIs).
- Manage classes of service definition (CoS).
- Search for entries.
Highlighted updates and new features in the 389-ds-base packages
Features in Red Hat Directory Server, that are included in the 389-ds-base packages, are documented in the Red Hat Enterprise Linux 8.7 Release Notes:
- Directory Server now supports canceling the Auto Membership plug-in task
-
Directory Server now supports recursive delete operations when using
ldapdelete - You can now set basic replication options during the Directory Server installation
- Replication changelog trimming is now enabled by default in Directory Server
5.2. Known issues
This section documents known problems and, if applicable, workarounds in Directory Server 11.6.
Directory Server settings that are changed outside the web console’s window are not automatically visible
Because of the design of the Directory Server module in the Red Hat Enterprise Linux 8 web console, the web console does not automatically display the latest settings if a user changes the configuration outside of the console’s window. For example, if you change the configuration using the command line while the web console is open, the new settings are not automatically updated in the web console. This applies also if you change the configuration using the web console on a different computer. To work around the problem, manually refresh the web console in the browser if the configuration has been changed outside the console’s window.
(BZ#1654281)
Configuring a referral for a suffix fails in Directory Server
If you set a back-end referral in Directory Server, setting the state of the backend using the dsconf <instance_name> backend suffix set --state referral command fails with the following error:
Error: 103 - 9 - 53 - Server is unwilling to perform - [] - need to set nsslapd-referral before moving to referral state
As a consequence, configuring a referral for suffixes fail. To work around the problem:
Set the
nsslapd-referralparameter manually:# ldapmodify -D "cn=Directory Manager" -W -H ldap://server.example.com dn: cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config changetype: modify add: nsslapd-referral nsslapd-referral: ldap://remote_server:389/dc=example,dc=com
Set the back-end state:
# dsconf <instance_name> backend suffix set --state referral
As a result, with the workaround, you can configure a referral for a suffix.
(BZ#2063140)
Directory Server replication fails after changing password of the replication manager account
After a password change, Directory Server does not properly update the password cache for the replication agreement. As a consequence, when you change the password for the replication manager account, the replication breaks. To work around this problem, restart the Directory Server instance. As a result, the cache is rebuilt at start-up, and the replication connection binds with the new password instead of the old one.
(BZ#2101473)
Known issues in the 389-ds-base packages
Known issues in Red Hat Directory Server, that are included in the 389-ds-base packages, are documented in the Red Hat Enterprise Linux 8.7 Release Notes:
