Red Hat SummitChapter 4. Red Hat Directory Server 12.6
Learn about important updates and new features, known issues, and bug fixes implemented in Directory Server 12.6.
4.1. Important updates and new features
Learn about new features and important updates in Red Hat Directory Server 12.6 that are included in the 389-ds-base package and documented in Red Hat Enterprise Linux 9.6 Release Notes:
-
389-ds-baserebased to version 2.6.1 -
The new
memberOfDeferredUpdate: on/offconfiguration attribute is now available in Directory Server - Directory Server now provides buffering of the error, audit, and audit fail logs
- Directory Server now can update passwords with the CRYPT or CLEAR hashing algorithm after a successful bind
4.2. Bug fixes
Learn about bugs fixed in Red Hat Directory Server 12.6 that have a significant impact on users.
Various Directory Server web console fixed issues
In Directory Server 12.6, various web console issues and typos were fixed, including:
- The web console now supports instances with LMDB.
- The MemberOf plug-in configuration works as expected when deleting Shared Config Entry.
-
The web console no longer becomes unresponsive when you create an
ouentry by using the LDAP Browser. - A database name and suffix are validated as expected.
- More clear confirmation, alert messages.
-
Adding the
personobject class no longer fails. - The Subtrees field is no longer mandatory when configuring the Attribute Uniqueness plug-in over object classes.
- Updating the NDN cache size no longer fails.
Directory Server 12.6 bugs fixed in the 389-ds-base package are documented in Red Hat Enterprise Linux 9.6 Release Notes:
- When starting an instance with a sub suffix, an incorrect error is no longer logged
- A race condition with paged result searches no longer closes the connection with a T3 error code
- Directory Server no longer fails when reindexing a VLV index with the sort attribute indexed with an extended matching rule
- High connection load no longer overloads a single thread in Directory Server
- VLV index cache now matches the VLV index as expected when using LMDB
- The online backup no longer fails
-
cleanAllRUVno longer blocks itself - Reindexing no longer fails when an entry RDN has the same value as the suffix DN
- The Account Policy plug-in now uses a proper flag for an update in a replication topology
-
On a supplier with LMDB, an offline import no longer generates duplicates of
nsuniqueid - TLS 1.3 can now be used to connect to an LDAP server running in FIPS mode
- Directory Server backup no longer fails after the previous unsuccessful attempt
- Failed replication between suppliers when using certificate-based authentication now has a more descriptive error message
-
dsconf config replacecan now handle multivalued attributes as expected - Directory Server now returns the correct set of entries when compound filters with OR (|) and NOT (!) operators are used
- Consumer status in a replication agreement on a supplier is displayed correctly after the Directory Server restart
4.3. Deprecated functionality
Learn about a functionality that has been deprecated in Red Hat Directory Server 12.6.
Winsync and PassSync have been deprecated
The Winsync plug-in and the PassSync package that were used for synchronization with Windows have been deprecated in Red Hat Directory Server 12.6 and will be removed in future releases because PassSync is not maintained upstream. Consider using Identity Management (IdM) and cross-forest trust for Active Directory as an alternative.
(Jira-DIRSRV-329)
4.4. Known issues
Learn about known problems and, if applicable, workarounds in Directory Server 12.6.
Directory Server web console does not automatically update settings that are changed outside the web console
Because of the design of the Directory Server module in the Red Hat Enterprise Linux 8 web console, the web console does not automatically display the latest settings if you change the configuration outside of the console window. For example, if you change the configuration using the command line while the web console is open, the new settings are not automatically updated in the web console. This applies also if you change the configuration by using the web console on a different computer.
Workaround: Manually refresh the web console in the browser.
(BZ#1654281) (BZ#1751047)
Directory Server can import LDIF files only from /var/lib/dirsrv/slapd-<instance_name>/ldif/
Since RHEL 8.3, Red Hat Directory Server (RHDS) uses its own private directories, and the PrivateTmp systemd directive is enabled by default for the LDAP services. As a result, RHDS can only import LDIF files from the /var/lib/dirsrv/slapd-<instance_name>/ldif/ directory. If the LDIF file is stored in a different directory, such as /var/tmp, /tmp, or /root, the import fails with an error similar to the following:
Could not open LDIF file "/tmp/example.ldif", errno 2 (No such file or directory)
Could not open LDIF file "/tmp/example.ldif", errno 2 (No such file or directory)Workaround: Complete the following steps:
Move the LDIF file to the
/var/lib/dirsrv/slapd-<instance_name>/ldif/directory:mv /tmp/example.ldif /var/lib/dirsrv/slapd-<instance_name>/ldif/
# mv /tmp/example.ldif /var/lib/dirsrv/slapd-<instance_name>/ldif/Copy to Clipboard Copied! Set permissions that allow the
dirsrvuser to read the file:chown dirsrv /var/lib/dirsrv/slapd-<instance_name>/ldif/example.ldif
# chown dirsrv /var/lib/dirsrv/slapd-<instance_name>/ldif/example.ldifCopy to Clipboard Copied! Restore the SELinux context:
restorecon -Rv /var/lib/dirsrv/slapd-<instance_name>/ldif/
# restorecon -Rv /var/lib/dirsrv/slapd-<instance_name>/ldif/Copy to Clipboard Copied!
For more information, see the Red Hat Knowledgebase solution LDAP Service cannot access files under the host’s /tmp and /var/tmp directories.
(BZ#2075525)
Known issues in the 389-ds-base package
Red Hat Directory Server 12.6 known issues that affect 389-ds-base package are documented in Red Hat Enterprise Linux 9.6 Release Notes:
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}