Chapter 1. General information
This chapter contains general information about Red Hat Directory Server 11, independent of the minor version.
1.1. Directory Server support policy and life cycle
For details, see the Red Hat Directory Server Errata Support Policy document.
1.2. System Requirements
1.2.1. General hardware requirements
The hardware requirements are based on tests run with the following prerequisites:
- The server uses default indexes.
- Each LDAP entry has a size of 1.5 KB and 30 or more attributes.
1.2.1.1. Disk space
The following table provides guidelines for the recommended disk space for Directory Server based on the number of entries.
| Number of entries | Database size | Database cache | Server and logs | Total disk space |
|---|---|---|---|---|
| 10,000 - 500,000 | 2 GB | 2 GB | 4 GB | 8 GB |
| 500,000 - 1,000,000 | 5 GB | 2 GB | 4 GB | 11 GB |
| 1,000,000 - 5,000,000 | 21 GB | 2 GB | 4 GB | 27 GB |
| 5,000,000 - 10,000,000 | 42 GB | 2 GB | 4 GB | 48 GB |
The total disk space does not include space for backups and replication metadata. With enabled replication, its metadata can require up to 10% more of the total disk space.
A replication changelog with 1 million changes can add at least 315 MB to the total disk space requirement.
The temporary file system (tmpfs) mounted in /dev/shm/ should have at least 4 GB of available space to store RHDS temporary files.
1.2.1.2. Required RAM
Make sure your system has enough RAM available to keep the entire database in cache. The required RAM size can be higher than the recommended one depending on server configuration and usage patterns.
| Number of entries | Entry cache | Entry cache with replication [a] | Database cache | DN cache | NDN cache | Total RAM size [b] |
|---|---|---|---|---|---|---|
| 10,000 - 500,000 | 4 GB | 5 GB | 1.5 GB | 45 MB | 160 MB | 7 GB |
| 500,000 - 1,000,000 | 8 GB | 10 GB | 1.5 GB | 90 MB | 320 MB | 12 GB |
| 1,000,000 - 5,000,000 | 40 GB | 50 GB | 1.5 GB | 450 MB | 1.6 GB | 54 GB |
| 5,000,000 - 10,000,000 | 80 GB | 100 GB | 1.5 GB | 900 MB | 3.2 GB | 106 GB |
[a]
Entry cache with replication includes the entry’s replication state and metadata.
[b]
Total RAM size assumes you enabled replication.
| ||||||
1.2.2. Software requirements
Lean about required platforms for Directory Server packages, the web console, and windows synchronization.
1.2.2.1. Supported platforms for Directory Server
Red Hat supports Directory Server if it runs on the following platforms:
- Directory Server 11.9 runs on Red Hat Enterprise Linux 8.10.
- Directory Server 11.8 runs on Red Hat Enterprise Linux 8.9.
- Directory Server 11.7 runs on Red Hat Enterprise Linux 8.8.
- Directory Server 11.6 runs on Red Hat Enterprise Linux 8.7.
- Directory Server 11.5 runs on Red Hat Enterprise Linux 8.6.
- Directory Server 11.4 runs on Red Hat Enterprise Linux 8.5.
- Directory Server 11.3 runs on Red Hat Enterprise Linux 8.4.
- Directory Server 11.2 runs on Red Hat Enterprise Linux 8.3.
- Directory Server 11.1 runs on Red Hat Enterprise Linux 8.2.
- Directory Server 11.0 runs on Red Hat Enterprise Linux 8.1.
- A Red Hat Enterprise Linux is built for AMD and Intel 64-bit architectures.
- A Red Hat Enterprise Linux virtual guest on a certified hypervisor. For details, see the Which hypervisors are certified to run Red Hat Enterprise Linux? solution article.
1.2.2.2. Supported platforms for the Directory Server user interface in the web console
Red Hat supports the browser-based Directory Server user interface in the web console in the following environments:
| Operating system | Browser |
|---|---|
| Red Hat Enterprise Linux 9.X |
|
| Windows Server 2016 and 2019 |
|
| Windows 10 and 11 |
|
1.2.2.3. Supported platforms for the Windows Synchronization utility
Red Hat supports the Windows Synchronization utility for Active Directory running on:
- Microsoft Windows Server 2019
- Microsoft Windows Server 2016
1.3. Software conflicts
Directory Server cannot be installed on any system that has a Red Hat Enterprise Linux Identity Management (IdM) server installed. Likewise, no Red Hat Enterprise Linux IdM server can be installed on a system with a Directory Server instance.
1.4. Notes about migrating to Directory Server 11
Consider the following information if you want to migrate an existing Directory Server 10 environment to Directory Server 11.
New command-line utilities in Directory Server 11
Directory Server 11 provides new command line utilities to manage server instances and users. These utilities replace the Perl scripts used for management tasks in Directory Server 10 and earlier versions.
For a list of commands in previous versions and their replacements in Directory Server 11, see the Command-line utilities replaced in Red Hat Directory Server 11 appendix in the Red Hat Directory Server Installation Guide.
The Perl scripts used for management tasks in Directory Server 10 and earlier versions are still available in the 389-ds-base-legacy-tools package. However, Red Hat only supports the new dsconf, dsctl, dscreate, and dsidm command-line utilities.
The Directory Server 11 default password storage scheme was changed to PBKDF2-SHA512
Directory Server 11 now uses the PBKDF2-SHA512 scheme as a default password storage scheme, which is more secure than SSHA, SSHA512, and other schemes. Therefore, if some of your applications, such as freeradius, do not support the PBKDF2-SHA512 scheme, and you must set a weaker password storage scheme back, note that Directory Server updates user passwords not only when an application adds or modifies the user entry, but also during a successful bind operation. However, you can disable an update on bind operations by setting the nsslapd-enable-upgrade-hash parameter in the cn=config entry to off.
Migration procedure
For a procedure about migrating Directory Server 10 to Directory Server 11, see the corresponding chapter in the Red Hat Directory Server Installation Guide.
