Old Release Notes

From 389 Directory Server

[edit]

389 Directory Server 1.2.6.rc7 (Release Candidate 7) - August 10, 2010

WARNING: If you are upgrading from a previous 1.2.6 release candidate, you will need to run fixfiles to fix some SELinux AVCs, or directory server will not start. See bug https://bugzilla.redhat.com/show_bug.cgi?id=622882

To fix, run this: 

fixfiles -R 389-ds-base restore

WARNING: If you are upgrading from a 1.2.6 alpha or release candidate, you will need to manually fix your entryrdn index files. See Subtree Rename Warning for more information. If you are upgrading from 1.2.5 or earlier, there is no problem.

This has been released for testing. The packages are available from the testing repositories. This is Release Candidate 7 for the 1.2.6 release. The new packages available for testing are:

  • 389-ds-base-1.2.6.rc7 - 389-ds-base

Instructions for installing these from the testing repositories - different for Fedora and EPEL - difference is name of testing repo - on Fedora is updates-testing and for EPEL is epel-testing

  • Fedora new install 
yum install --enablerepo=updates-testing 389-ds
  • Fedora upgrade 
yum upgrade --enablerepo=updates-testing 389-ds-base
  • EPEL new install 
yum install --enablerepo=epel-testing 389-ds
  • EPEL upgrade 
yum upgrade --enablerepo=epel-testing 389-ds-base

See Download for more information about setting up yum access.

[edit]

Your Feedback is Important!

The best way to provide feedback is via the Fedora Update system. Each update is broken down by package and platform. For example, if you are using Fedora 12, and you have successfully installed or upgraded all of the packages, and the console and etc. works, then go to the links below for Fedora 12 and provide feedback.

scroll down to the bottom of the page, and click on the Add a comment >> link

  • select one of the Works for me or Does not work radio buttons, add text, and click on the Add Comment button

If you are using a build on another platform, just send us an email to 389-users@lists.fedoraproject.org

If you find a bug, or would like to see a new feature, you can enter it here - https://bugzilla.redhat.com/enter_bug.cgi?product=389

[edit]

Notes

NOTE: Now using EPEL for Enterprise Linux packages. See Download for more information.

NOTE: Fedora versions below 12 are no longer supported. If you are running Fedora 11 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 11 and later have Java 1.6 OpenJDK.

NOTE: If you are using the console, after installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. 1.2.3 fixed some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. For more information, see the 1.2.3 release notes below.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

NOTE: If you are upgrading from 389 1.2.6 rcN (N < 6), simple upgrade won't work due to the entryrdn format change (See also Bug 616608 - SIGBUS in RDN index reads on platforms with strict alignments ). Please follow the steps described in this section.

[edit]

New features

  • Upgrade_to_New_DN_Format
    • in order to make sure DN valued attributes can be searched correctly, an upgrade will automatically fix these values in the database
  • Managed Entries
    • Used, for example, to automatically create the user's group entry when adding a user entry
  • Matching rules
    • support for all RFC 4517 matching rules (except the FirstComponent ones)
[edit]

Bugs Fixed

This release contains one bug fix. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Directory Server 1.2.6.rc6 (Release Candidate 6) - August 5, 2010

WARNING: If you are upgrading from a previous 1.2.6 release candidate, you will need to run fixfiles to fix some SELinux AVCs, or directory server will not start. See bug https://bugzilla.redhat.com/show_bug.cgi?id=622882

To fix, run this: 

fixfiles -R 389-ds-base restore

WARNING: If you are upgrading from a 1.2.6 alpha or release candidate, you will need to manually fix your entryrdn index files. See Subtree Rename Warning for more information. If you are upgrading from 1.2.5 or earlier, there is no problem.

Note: RC4 and RC5 were never released.

This has been released for testing. The packages are available from the testing repositories. This is Release Candidate 6 for the 1.2.6 release. The new packages available for testing are:

  • 389-ds-base-1.2.6.rc6 - 389-ds-base
  • 389-admin-1.1.11.rc2 - 389-admin

Instructions for installing these from the testing repositories - different for Fedora and EPEL - difference is name of testing repo - on Fedora is updates-testing and for EPEL is epel-testing

  • Fedora new install 
yum install --enablerepo=updates-testing 389-ds
  • Fedora upgrade 
yum upgrade --enablerepo=updates-testing 389-ds-base 389-admin
  • EPEL new install 
yum install --enablerepo=epel-testing 389-ds
  • EPEL upgrade 
yum upgrade --enablerepo=epel-testing 389-ds-base 389-admin

See Download for more information about setting up yum access.

[edit]

Your Feedback is Important!

The best way to provide feedback is via the Fedora Update system. Each update is broken down by package and platform. For example, if you are using Fedora 12, and you have successfully installed or upgraded all of the packages, and the console and etc. works, then go to the links below for Fedora 12 and provide feedback.

scroll down to the bottom of the page, and click on the Add a comment >> link

  • select one of the Works for me or Does not work radio buttons, add text, and click on the Add Comment button

If you are using a build on another platform, just send us an email to 389-users@lists.fedoraproject.org

If you find a bug, or would like to see a new feature, you can enter it here - https://bugzilla.redhat.com/enter_bug.cgi?product=389

[edit]

Notes

NOTE: Now using EPEL for Enterprise Linux packages. See Download for more information.

NOTE: Fedora versions below 12 are no longer supported. If you are running Fedora 11 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 11 and later have Java 1.6 OpenJDK.

NOTE: If you are using the console, after installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. 1.2.3 fixed some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. For more information, see the 1.2.3 release notes below.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

NOTE: If you are upgrading from 389 1.2.6 rcN (N < 6), simple upgrade won't work due to the entryrdn format change (See also Bug 616608 - SIGBUS in RDN index reads on platforms with strict alignments ). Please follow the steps described in this section.

[edit]

New features

  • Upgrade_to_New_DN_Format
    • in order to make sure DN valued attributes can be searched correctly, an upgrade will automatically fix these values in the database
  • Managed Entries
    • Used, for example, to automatically create the user's group entry when adding a user entry
  • Matching rules
    • support for all RFC 4517 matching rules (except the FirstComponent ones)
[edit]

Bugs Fixed

This release contains several bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

  • Tracking bug for 1.2.6 release - https://bugzilla.redhat.com/showdependencytree.cgi?id=543590&hide_resolved=0
    • Bug 617013 - repl-monitor.pl use cpu upto 90%
    • Bug 616618 - 389 v1.2.5 accepts 2 identical entries with different DN format
    • Bug 547503 - replication broken again, with 389 MMR replication and TCP errors
    • Bug 613833 - Allow dirsrv_t to bind to rpc ports
    • Bug 612242 - membership change on DS does not show on AD
    • Bug 617629 - Missing aliases in new schema files
    • Bug 619595 - Upgrading sub suffix under non-normalized suffix disappears
    • Bug 616608 - SIGBUS in RDN index reads on platforms with strict alignments
    • Bug 617862 - Replication: Unable to delete tombstone errors
    • Bug 594745 - Get rid of dirsrv_lib_t label
[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Directory Server 1.2.6.rc3 (Release Candidate 3) - July 6, 2010

This has been released for testing. The packages are available from the testing repositories. This is Release Candidate 3 for the 1.2.6 release. The new packages available for testing are:

  • 389-ds-base-1.2.6.rc3 - 389-ds-base

Instructions for installing these from the testing repositories - different for Fedora and EPEL - difference is name of testing repo - on Fedora is updates-testing and for EPEL is epel-testing

  • Fedora new install 
yum install --enablerepo=updates-testing 389-ds
  • Fedora upgrade 
yum upgrade --enablerepo=updates-testing 389-ds-base
  • EPEL new install 
yum install --enablerepo=epel-testing 389-ds
  • EPEL upgrade 
yum upgrade --enablerepo=epel-testing 389-ds-base

See Download for more information about setting up yum access.

[edit]

Your Feedback is Important!

The best way to provide feedback is via the Fedora Update system. Each update is broken down by package and platform. For example, if you are using Fedora 12, and you have successfully installed or upgraded all of the packages, and the console and etc. works, then go to the links below for Fedora 12 for 389-ds-base-1.2.6-0.8.rc3.fc12, 389-admin-1.1.11-0.4.rc1.fc12 and provide feedback.

scroll down to the bottom of the page, and click on the Add a comment >> link

  • select one of the Works for me or Does not work radio buttons, add text, and click on the Add Comment button

If you are using a build on another platform, just send us an email to 389-users@lists.fedoraproject.org

If you find a bug, or would like to see a new feature, you can enter it here - https://bugzilla.redhat.com/enter_bug.cgi?product=389

[edit]

Notes

NOTE: Now using EPEL for Enterprise Linux packages. See Download for more information.

NOTE: Fedora versions below 11 are no longer supported. If you are running Fedora 10 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 11 and later have Java 1.6 OpenJDK.

NOTE: If you are using the console, after installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. 1.2.3 fixed some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. For more information, see the 1.2.3 release notes below.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

[edit]

New features

  • Upgrade_to_New_DN_Format
    • in order to make sure DN valued attributes can be searched correctly, an upgrade will automatically fix these values in the database
  • Managed Entries
    • Used, for example, to automatically create the user's group entry when adding a user entry
  • Matching rules
    • support for all RFC 4517 matching rules (except the FirstComponent ones)
[edit]

Bugs Fixed

This release contains a few bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

  • Tracking bug for 1.2.6 release - https://bugzilla.redhat.com/showdependencytree.cgi?id=543590&hide_resolved=0
    • Bug 606920 - anonymous resource limit - nstimelimit - also applied to "cn=directory manager"
    • Bug 604453 - SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll
    • Bug 605827 - In-place upgrade: upgrade dn format should not run in setup-ds-admin.pl
    • Bug 578296 - Attribute type entrydn needs to be added when subtree rename switch is on
    • Bug 609256 - Selinux: pwdhash fails if called via Admin Server CGI
    • Bug 603942 - null deref in _ger_parse_control() for subjectdn
[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Directory Server 1.2.6.rc2 (Release Candidate 2) - June 23, 2010

This has been released for testing. The packages are available from the testing repositories. This is Release Candidate 2 for the 1.2.6 release. The new packages available for testing are:

  • 389-ds-base-1.2.6.rc2 - 389-ds-base

Instructions for installing these from the testing repositories - different for Fedora and EPEL - difference is name of testing repo - on Fedora is updates-testing and for EPEL is epel-testing

  • Fedora new install 
yum install --enablerepo=updates-testing 389-ds
  • Fedora upgrade 
yum upgrade --enablerepo=updates-testing 389-ds-base
  • EPEL new install 
yum install --enablerepo=epel-testing 389-ds
  • EPEL upgrade 
yum upgrade --enablerepo=epel-testing 389-ds-base

See Download for more information about setting up yum access.

[edit]

Your Feedback is Important!

The best way to provide feedback is via the Fedora Update system. Each update is broken down by package and platform. For example, if you are using Fedora 12, and you have successfully installed or upgraded all of the packages, and the console and etc. works, then go to the links below for Fedora 12 for 389-ds-base-1.2.6-0.7.rc2.fc12, 389-admin-1.1.11-0.4.rc1.fc12 and provide feedback.

scroll down to the bottom of the page, and click on the Add a comment >> link

  • select one of the Works for me or Does not work radio buttons, add text, and click on the Add Comment button

If you are using a build on another platform, just send us an email to 389-users@lists.fedoraproject.org

If you find a bug, or would like to see a new feature, you can enter it here - https://bugzilla.redhat.com/enter_bug.cgi?product=389

[edit]

Notes

NOTE: Now using EPEL for Enterprise Linux packages. See Download for more information.

NOTE: Fedora versions below 11 are no longer supported. If you are running Fedora 10 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 11 and later have Java 1.6 OpenJDK.

NOTE: If you are using the console, after installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. 1.2.3 fixed some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. For more information, see the 1.2.3 release notes below.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

[edit]

New features

  • Upgrade_to_New_DN_Format
    • in order to make sure DN valued attributes can be searched correctly, an upgrade will automatically fix these values in the database
  • Managed Entries
    • Used, for example, to automatically create the user's group entry when adding a user entry
  • Matching rules
    • support for all RFC 4517 matching rules (except the FirstComponent ones)
[edit]

Bugs Fixed

This release contains a couple of bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Directory Server 1.2.6.rc1 (Release Candidate 1) - June 16, 2010

This has been released for testing. The packages are available from the testing repositories. This is Release Candidate 1 for the 1.2.6 release. The new packages available for testing are:

  • 389-ds-base-1.2.6.rc1 - 389-ds-base
  • 389-admin-1.1.11.rc1 - 389-admin

Instructions for installing these from the testing repositories - different for Fedora and EPEL - difference is name of testing repo - on Fedora is updates-testing and for EPEL is epel-testing

  • Fedora new install 
yum install --enablerepo=updates-testing 389-ds
  • Fedora upgrade 
yum upgrade --enablerepo=updates-testing 389-ds-base 389-admin
  • EPEL new install 
yum install --enablerepo=epel-testing 389-ds
  • EPEL upgrade 
yum upgrade --enablerepo=epel-testing 389-ds-base 389-admin

See Download for more information about setting up yum access.

[edit]

Your Feedback is Important!

The best way to provide feedback is via the Fedora Update system. Each update is broken down by package and platform. For example, if you are using Fedora 12, and you have successfully installed or upgraded all of the packages, and the console and etc. works, then go to the links below for Fedora 12 for 389-ds-base-1.2.6-0.4.rc1.fc12, 389-admin-1.1.11-0.4.rc1.fc12 and provide feedback.

scroll down to the bottom of the page, and click on the Add a comment >> link

  • select one of the Works for me or Does not work radio buttons, add text, and click on the Add Comment button

If you are using a build on another platform, just send us an email to 389-users@lists.fedoraproject.org

If you find a bug, or would like to see a new feature, you can enter it here - https://bugzilla.redhat.com/enter_bug.cgi?product=389

[edit]

Notes

NOTE: Now using EPEL for Enterprise Linux packages. See Download for more information.

NOTE: Fedora versions below 11 are no longer supported. If you are running Fedora 10 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 11 and later have Java 1.6 OpenJDK.

NOTE: If you are using the console, after installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. 1.2.3 fixed some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. For more information, see the 1.2.3 release notes below.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

[edit]

New features

  • Upgrade_to_New_DN_Format
    • in order to make sure DN valued attributes can be searched correctly, an upgrade will automatically fix these values in the database
  • Managed Entries
    • Used, for example, to automatically create the user's group entry when adding a user entry
  • Matching rules
    • support for all RFC 4517 matching rules (except the FirstComponent ones)
[edit]

Bugs Fixed

This release contains a couple of bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Directory Server 1.2.6.a4 (Alpha 4) - June 2, 2010

This has been released for testing. The packages are available from the testing repositories. This is Alpha 3 for the 1.2.6 release. The new packages available for testing are:

  • 389-ds-base-1.2.6.a4 - 389-ds-base
  • 389-admin-1.1.11.a4 - 389-admin

Instructions for installing these from the testing repositories - different for Fedora and EPEL - difference is name of testing repo - on Fedora is updates-testing and for EPEL is epel-testing

  • Fedora new install 
yum install --enablerepo=updates-testing 389-ds
  • Fedora upgrade 
yum upgrade --enablerepo=updates-testing 389-ds 389-ds-base 389-admin
  • EPEL new install 
yum install --enablerepo=epel-testing 389-ds
  • EPEL upgrade 
yum upgrade --enablerepo=epel-testing 389-ds 389-ds-base 389-admin

See Download for more information about setting up yum access.

[edit]

Your Feedback is Important!

The best way to provide feedback is via the Fedora Update system. Each update is broken down by package and platform. For example, if you are using Fedora 12, and you have successfully installed or upgraded all of the packages, and the console and etc. works, then go to the links below for Fedora 12 for 389-ds-base-1.2.6-0.4.a4.fc12, 389-admin-1.1.11-0.4.a4.fc12 and provide feedback.

scroll down to the bottom of the page, and click on the Add a comment >> link

  • select one of the Works for me or Does not work radio buttons, add text, and click on the Add Comment button

If you are using a build on another platform, just send us an email to 389-users@lists.fedoraproject.org

If you find a bug, or would like to see a new feature, you can enter it here - https://bugzilla.redhat.com/enter_bug.cgi?product=389

[edit]

Notes

NOTE: Now using EPEL for Enterprise Linux packages. See Download for more information.

NOTE: Fedora versions below 11 are no longer supported. If you are running Fedora 10 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 11 and later have Java 1.6 OpenJDK.

NOTE: If you are using the console, after installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. 1.2.3 fixed some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. For more information, see the 1.2.3 release notes below.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

[edit]

New features

  • Upgrade_to_New_DN_Format
    • in order to make sure DN valued attributes can be searched correctly, an upgrade will automatically fix these values in the database
  • Managed Entries
    • Used, for example, to automatically create the user's group entry when adding a user entry
  • Matching rules
    • support for all RFC 4517 matching rules (except the FirstComponent ones)
[edit]

Bugs Fixed

This release contains many bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Directory Server 1.2.6.a3 (Alpha 3) - April 19, 2010

This has been released for testing. The packages are available from the testing repositories. This is Alpha 3 for the 1.2.6 release. The new packages available for testing are:

  • 389-ds-base-1.2.6.a3 - 389-ds-base
  • 389-admin-1.1.11.a3 - 389-admin
  • 389-ds-1.2.1 - 389-ds
  • idm-console-framework-1.1.4 - idm-console-framework
  • 389-console-1.1.4 - 389-console
  • 389-ds-console-1.1.4 - 389-ds-console

Previous versions had a separate -selinux package for 389-ds-base and 389-admin - these are now gone - the selinux policy for the package is now provided by the package itself. Upgrading from a previous version should obsolete these packages.

Instructions for installing these from the testing repositories - different for Fedora and EPEL - difference is name of testing repo on Fedora is updates-testing and for EPEL is epel-testing

  • Fedora new install 
yum install --enablerepo=updates-testing 389-ds
  • Fedora upgrade 
yum upgrade --enablerepo=updates-testing 389-ds 389-ds-base 389-admin idm-console-framework 389-console 389-ds-console
  • EPEL new install 
yum install --enablerepo=epel-testing 389-ds
  • EPEL upgrade 
yum upgrade --enablerepo=epel-testing 389-ds 389-ds-base 389-admin idm-console-framework 389-console 389-ds-console

See Download for more information about setting up yum access.

[edit]

Your Feedback is Important!

The best way to provide feedback is via the Fedora Update system. Each update is broken down by package and platform. For example, if you are using Fedora 12, and you have successfully installed or upgraded all of the packages, and the console and etc. works, then go to the links below for Fedora 12 for 389-ds-base-1.2.6-0.3.a3.fc12, 389-admin-1.1.11-0.3.a3.fc12 and provide feedback.

scroll down to the bottom of the page, and click on the Add a comment >> link

  • select one of the Works for me or Does not work radio buttons, add text, and click on the Add Comment button

If you are using a build on another platform, just send us an email to 389-users@lists.fedoraproject.org

If you find a bug, or would like to see a new feature, you can enter it here - https://bugzilla.redhat.com/enter_bug.cgi?product=389

[edit]

Notes

NOTE: Now using EPEL for Enterprise Linux packages. See Download for more information.

NOTE: Fedora versions below 11 are no longer supported. If you are running Fedora 10 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 11 and later have Java 1.6 OpenJDK.

NOTE: If you are using the console, after installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. 1.2.3 fixed some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. For more information, see the 1.2.3 release notes below.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

[edit]

New features

  • Managed Entries
    • Used, for example, to automatically create the user's group entry when adding a user entry
  • Matching rules
    • support for all RFC 4517 matching rules (except the FirstComponent ones)
[edit]

Bugs Fixed

This release contains many bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Directory Server 1.2.6.a2 (Alpha 2) - March 4, 2010

This has been released for testing. The packages are available from the testing repositories. This is Alpha 2 for the 1.2.6 release. The new packages available for testing are:

  • 389-ds-base-1.2.6.a2 - 389-ds-base and 389-ds-base-selinux
  • 389-admin-1.1.11.a2 - 389-admin and 389-admin-selinux
  • 389-adminutil-1.1.10 - 389-adminutil
  • 389-ds-1.2.0 - 389-ds

Instructions for installing these from the testing repositories - different for Fedora and EPEL - difference is name of testing repo on Fedora is updates-testing and for EPEL is epel-testing

  • Fedora new install 
yum install --enablerepo=updates-testing 389-ds
  • Fedora upgrade 
yum upgrade --enablerepo=updates-testing 389-ds 389-ds-base 389-ds-base-selinux 389-admin 389-admin-selinux 389-adminutil
  • EPEL new install 
yum install --enablerepo=epel-testing 389-ds
  • EPEL upgrade 
yum upgrade --enablerepo=epel-testing 389-ds 389-ds-base 389-ds-base-selinux 389-admin 389-admin-selinux 389-adminutil

See Download for more information about setting up yum access.

[edit]

Your Feedback is Important!

The best way to provide feedback is via the Fedora Update system. Each update is broken down by package and platform. For example, if you are using Fedora 12, and you have successfully installed or upgraded all of the packages, and the console and etc. works, then go to the links below for Fedora 12 for 389-ds-base-1.2.6-0.2.a2.fc12, 389-admin-1.1.11-0.2.a2.fc12, and 389-adminutil-1.1.10.fc12 and provide feedback.

scroll down to the bottom of the page, and click on the Add a comment >> link

  • select one of the Works for me or Does not work radio buttons, add text, and click on the Add Comment button

If you are using a build on another platform, just send us an email to 389-users@lists.fedoraproject.org

If you find a bug, or would like to see a new feature, you can enter it here - https://bugzilla.redhat.com/enter_bug.cgi?product=389

[edit]

Notes

NOTE: Now using EPEL for Enterprise Linux packages. See Download for more information.

NOTE: Fedora versions below 11 are no longer supported. If you are running Fedora 10 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 11 and later have Java 1.6 OpenJDK.

NOTE: If you are using the console, after installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. 1.2.3 fixed some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. For more information, see the 1.2.3 release notes below.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

[edit]

New features

  • Matching rules
    • support for all RFC 4517 matching rules (except the FirstComponent ones)
[edit]

Bugs Fixed

This release contains many bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

  • Tracking bug for 1.2.6 release - https://bugzilla.redhat.com/showdependencytree.cgi?id=543590&hide_resolved=0
    • 171338 Enhancement: winsync modrdn not synced
    • 434735 SASL ANONYMOUS is broken in x86_64
    • 460162 FedoraDS "with-FHS" installs init.d StartupScript in wrong location on non-RHEL/Fedora OS
    • 460168 FedoraDS' adminutil requires non-existent "icu.pc" on non-RH/Fedora OS
    • 460209 adminserver "./configure --help" error @ --with-apr-config
    • 498103 [RFE] SELinux policy for the Directory Server
    • 506206 problems linking with -z defs
    • 509201 rhds81 hub with 71 master - err=32 on replica base search during replication
    • 516611 389 DS segfaults on libsyntax-plugin.so
    • 518084 Out of order retro change log records
    • 519459 Semi-hardcoded include and lib directories in db.m4
    • 531929 rhds8.1 seg fault on null bvals in syntax plug-in
    • 536703 Red Hat Direct Directory Migration 7.1 -> 8.1 problems
    • 537466 nsslapd-distribution-plugin should not require plugin name to begin with "lib"
    • 543080 Bitwise plugin fails to return the exact matched entries for Bitwise search filter
    • 544089 Referential Integrity Plugin does not take into account the attribute subtypes
    • 548115 memory leak in schema reload
    • 548535 memory leak in attrcrypt
    • 552419 389-admin-1.1.10-0.2.a2.el5 fails to start
    • 552421 Cannot log into admin server after upgrade (fedora-ds-admin-1.1.6 -> 389-admin-1.1.9
    • 553027 Support for nsUniqueId and alias for additional retro changelog attributes
    • 554841 Unitialized mutex in Retro Changelog Plugin.
    • 554887 Net::LDAP password modify extop breaks; msgid in response is 0xFF
    • 555970 seg fault maybe on cos or nsview changes and replication?
    • 558518 several spelling errors
    • 559315 Searching some attributes are now case sensitive when they were previously case-insensitive
    • 560827 Admin Server: DistinguishName validation fails
    • 564876 FTBFS 389-ds-base-1.2.6-0.1.a1.fc13: ImplicitDSOLinking
    • 568196 Install DS8.2 on Solaris fails
[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Directory Server 1.2.5 - January 13, 2010

Version 1.2.5 contains one new feature as well as several bug fixes. This release is essentially the same as 1.2.5 RC4.

[edit]

Notes

NOTE: Packages for Enterprise Linux are available from Fedora EPEL. We will no longer have a separate yum repo hosted on this site.

NOTE: Fedora versions below 11 are no longer supported. If you are running Fedora 10 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. Fedora has Java 1.6 OpenJDK.

NOTE: If you are using the console, after installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. 1.2.3 fixed some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. For more information, see the 1.2.3 release notes below.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

[edit]

New features

  • Named Pipe Log Script - this script allows you to replace the access/errors/audit log file with a named pipe attached to a script - this allows you to do things like
    • enable full debug error log level in production environments without suffering too much performance degradation
    • log only certain events e.g. failed bind attempts only, or only messages that contain a specified pattern
    • send data to a remote server, send email, anything that can be scripted
    • Named_Pipe_Log_Script
[edit]

Bugs Fixed

  • Tracking bug for 1.2.5 release - https://bugzilla.redhat.com/showdependencytree.cgi?id=533025&hide_resolved=0
  • 537956 Password replication from 389DS to AD2008(64bit) fails, all other replication continues
  • 548537 Fix memory leaks in DNA plugin
  • 518084 Fix out of order retro changelog entries
  • 497556 LDAPI connections cause TCP performance degradation
  • 195302 local pwp can't set storage scheme
  • 387681 "windows_process_dirsync_entry: failed to map tombstone dn." with , in DisplayName
  • 486171 [RFE] Access log - Failed binds
  • 497199 'failed to send dirsync search request 2' error
  • 504817 Double quoted distinguished names not working in fedora-ds 1.2.0
  • 515329 Multiple mods in one operation can result in an inconsistent replica
  • 540559 selinux policy needs to allow log pipe
[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Directory Server 1.2.5.rc4 (Release Candidate) - January 6, 2010

This has been released for testing. The packages are available from the testing repositories. This is Release Candidate 4 for the 1.2.5 release. The new packages available for testing are:

  • 389-ds-base-1.2.5.rc4

NOTE: Packages for Enterprise Linux are available from EPEL. We will no longer have a separate yum repo hosted on this site.

Instructions for installing these from the testing repositories: 

yum install --enablerepo=updates-testing 389-ds # Fedora new install
yum upgrade --enablerepo=updates-testing 389-ds-base # Fedora upgrade

See Download for more information about setting up yum access.

[edit]

Your Feedback is Important!

The best way to provide feedback is via the Fedora Update system. If you have an account, go here:

If you are using a build on another platform, just send us an email to 389-users@redhat.com.

If you find a bug, or would like to see a new feature, you can enter it here - https://bugzilla.redhat.com/enter_bug.cgi?product=389

[edit]

Notes

NOTE: FC6 (EL5) package updates are no longer available. Get them from EPEL instead.

NOTE: Fedora versions below 11 are no longer supported (except for Fedora Core 6 - see below). If you are running Fedora 10 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. Fedora 9 and later have Java 1.6 OpenJDK.

NOTE: If you are using the console, after installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. 1.2.3 fixed some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. For more information, see the 1.2.3 release notes below.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

[edit]

New features

None - this is primarily to fix bugs found in 1.2.5.rc3

[edit]

Bugs Fixed

This release contains one bug fix. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Directory Server 1.2.5.rc3 (Release Candidate) - December 18, 2009

This has been released for testing. The packages are available from the testing repositories. This is Release Candidate 3 for the 1.2.5 release. The new packages available for testing are:

  • 389-ds-base-1.2.5.rc3
  • 389-admin-1.1.10.a2

NOTE: Packages for Enterprise Linux are available from EPEL. We will no longer have a separate yum repo hosted on this site.

Instructions for installing these from the testing repositories: 

yum install --enablerepo=updates-testing 389-ds # Fedora new install
yum upgrade --enablerepo=updates-testing 389-ds-base 389-admin 389-console # Fedora upgrade

See Download for more information about setting up yum access.

[edit]

Your Feedback is Important!

The best way to provide feedback is via the Fedora Update system. If you have an account, go here:

If you are using a build on another platform, just send us an email to 389-users@redhat.com.

If you find a bug, or would like to see a new feature, you can enter it here - https://bugzilla.redhat.com/enter_bug.cgi?product=389

[edit]

Notes

NOTE: FC6 (EL5) package updates are no longer available. Get them from EPEL instead.

NOTE: Fedora versions below 11 are no longer supported (except for Fedora Core 6 - see below). If you are running Fedora 10 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. Fedora 9 and later have Java 1.6 OpenJDK.

NOTE: If you are using the console, after installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. 1.2.3 fixed some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. For more information, see the 1.2.3 release notes below.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

[edit]

New features

None - this is primarily to fix bugs found in 1.2.5.rc2

[edit]

Bugs Fixed

This release contains a couple of bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Directory Server 1.2.5.rc2 (Release Candidate) - December 8, 2009

This has been released for testing. The packages are available from the testing repositories. This is Release Candidate 2 for the 1.2.5 release. The new package available for testing is:

  • 389-ds-base-1.2.5.rc2

Instructions for installing these from the testing repositories: 

yum install --enablerepo=updates-testing 389-ds # Fedora new install
yum upgrade --enablerepo=updates-testing 389-ds-base 389-admin 389-console # Fedora upgrade

or EL5 

yum install --enablerepo=dirsrv-testing --enablerepo=idmcommon-testing 389-ds # new install
yum upgrade --enablerepo=dirsrv-testing --enablerepo=idmcommon-testing 389-ds-base # upgrade

See Download for more information about setting up yum access.

[edit]

Your Feedback is Important!

The best way to provide feedback is via the Fedora Update system. If you have an account, go here:

If you are using a build on another platform, just send us an email to 389-users@redhat.com.

If you find a bug, or would like to see a new feature, you can enter it here - https://bugzilla.redhat.com/enter_bug.cgi?product=389

[edit]

Notes

NOTE: If using the FC6 (EL5) packages, you must update your yum repo files - the URLs have changed. See Download for more information.

NOTE: Fedora versions below 10 are no longer supported (except for Fedora Core 6 - see below). If you are running Fedora 9 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 9 and later have Java 1.6 OpenJDK.

NOTE: If you are using the console, after installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. 1.2.3 fixed some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. For more information, see the 1.2.3 release notes below.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

[edit]

New features

None - this is primarily to fix bugs found in 1.2.5.rc1

[edit]

Bugs Fixed

This release contains a couple of bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Directory Server 1.2.5.rc1 (Release Candidate) - December 2, 2009

This has been released for testing. The packages are available from the testing repositories. This is Release Candidate 1 for the 1.2.5 release. The new package available for testing is:

  • 389-ds-base-1.2.5.rc1

Instructions for installing these from the testing repositories: 

yum install --enablerepo=updates-testing 389-ds # Fedora new install
yum upgrade --enablerepo=updates-testing 389-ds-base 389-admin 389-console # Fedora upgrade

or EL5 

yum install --enablerepo=dirsrv-testing --enablerepo=idmcommon-testing 389-ds # new install
yum upgrade --enablerepo=dirsrv-testing --enablerepo=idmcommon-testing 389-ds-base # upgrade

See Download for more information about setting up yum access.

[edit]

Your Feedback is Important!

The best way to provide feedback is via the Fedora Update system. If you have an account, go here:

If you are using a build on another platform, just send us an email to 389-users@redhat.com.

If you find a bug, or would like to see a new feature, you can enter it here - https://bugzilla.redhat.com/enter_bug.cgi?product=389

[edit]

Notes

NOTE: If using the FC6 (EL5) packages, you must update your yum repo files - the URLs have changed. See Download for more information.

NOTE: Fedora versions below 10 are no longer supported (except for Fedora Core 6 - see below). If you are running Fedora 9 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 9 and later have Java 1.6 OpenJDK.

NOTE: If you are using the console, after installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. 1.2.3 fixed some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. For more information, see the 1.2.3 release notes below.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

[edit]

New features

  • Named Pipe Log Script - this script allows you to replace the access/errors/audit log file with a named pipe attached to a script - this allows you to do things like
    • enable full debug error log level in production environments without suffering too much performance degradation
    • log only certain events e.g. failed bind attempts only, or only messages that contain a specified pattern
    • send data to a remote server, send email, anything that can be scripted
    • Named_Pipe_Log_Script
[edit]

Bugs Fixed

This release contains a couple of bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Windows Console 1.1.4.a1 - November 16, 2009

This is the alpha 1 (.a1) release. See Release_Procedure for information about release numbering. This release supports Windows Server 2008 in addition to 2003. 2000 is no longer supported (although it may work, we don't test it). We also have 64-bit packages in addition to the 32-bit packages.

This release uses the 389 branding. The program files folder will be named 389 Management Console.

[edit]

389 Windows Password Synchronization 1.1.3 - November 16, 2009

This release supports Windows Server 2008 in addition to 2003. 2000 is no longer supported (although it may work, we don't test it). We also have 64-bit packages in addition to the 32-bit packages.

This release uses the 389 branding. The program files folder will be named 389 Password Sync. If you are upgrading from Fedora PassSync, the upgrade will attempt to copy your db and log files from the Fedora folder to the new 389 folder. It will not remove the old Fedora folder. You can remove that manually after you have verified that the 389 PassSync is working correctly.

[edit]

389 Directory Server 1.2.4 (testing release) - November 4, 2009

This has been released for testing. The packages are available from the testing repositories, not the official release repositories yet. We are seeking feedback. The new package available for testing is:

  • 389-ds-base-1.2.4

Instructions for installing these from the testing repositories: 

yum install --enablerepo=updates-testing 389-ds # Fedora new install
yum upgrade --enablerepo=updates-testing 389-ds-base 389-admin 389-console # Fedora upgrade

or EL5 

yum install --enablerepo=dirsrv-testing --enablerepo=idmcommon-testing 389-ds # new install
yum upgrade --enablerepo=dirsrv-testing --enablerepo=idmcommon-testing 389-ds-base # upgrade

See Download for more information about setting up yum access.

[edit]

Your Feedback is Important!

The best way to provide feedback is via the Fedora Update system. If you have an account, go here:

If you are using a build on another platform, just send us an email to 389-users@redhat.com.

If you find a bug, or would like to see a new feature, you can enter it here - https://bugzilla.redhat.com/enter_bug.cgi?product=389

[edit]

Notes

NOTE: If using the FC6 (EL5) packages, you must update your yum repo files - the URLs have changed. See Download for more information.

NOTE: Fedora versions below 10 are no longer supported (except for Fedora Core 6 - see below). If you are running Fedora 9 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 9 and later have Java 1.6 OpenJDK.

NOTE: If you are using the console, after installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. 1.2.3 fixed some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. For more information, see the 1.2.3 release notes below.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

[edit]

New features

  • Support for Salted MD5 (SMD5) hashes. These are supported for migration purposes only. You should not use SMD5 for new passwords - use SSHA256
[edit]

Bugs Fixed

This release contains a couple of bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Windows Password Synchronization 1.1.2 - November 3, 2009

This release supports Windows Server 2008 in addition to 2003. 2000 is no longer supported (although it may work, we don't test it). We also have 64-bit packages in addition to the 32-bit packages.

This release uses the 389 branding. The program files folder will be named 389 Password Sync. If you are upgrading from Fedora PassSync, the upgrade will attempt to copy your db and log files from the Fedora folder to the new 389 folder. It will not remove the old Fedora folder. You can remove that manually after you have verified that the 389 PassSync is working correctly.

[edit]

389 Directory Server 1.2.3 (testing release) - October 7, 2009

This has been released for testing. The packages are available from the testing repositories, not the official release repositories yet. We are seeking feedback. The two new packages available for testing are:

  • 389-ds-base-1.2.3
  • 389-admin-1.1.9

Instructions for installing these from the testing repositories: 

yum install --enablerepo=updates-testing 389-ds # Fedora new install
yum upgrade --enablerepo=updates-testing 389-ds-base 389-admin 389-console # Fedora upgrade

or EL5 

yum install --enablerepo=dirsrv-testing --enablerepo=idmcommon-testing 389-ds # new install
yum upgrade --enablerepo=dirsrv-testing --enablerepo=idmcommon-testing 389-ds-base 389-admin 389-console # new install

See Download for more information about setting up yum access.

[edit]

Notes

NOTE: If using the FC6 (EL5) packages, you must update your yum repo files - the URLs have changed. See Download for more information.

NOTE: Fedora versions below 10 are no longer supported (except for Fedora Core 6 - see below). If you are running Fedora 9 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 9 and later have Java 1.6 OpenJDK.

NOTE: If you are using the console, after installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. 1.2.3 fixes some bugs related to update - it will remove old Fedora servers from the console, and will preserve TLS/SSL configuration. See the buglist below.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

[edit]

New features

  • Ability to set resource limits (sizelimit, timelimit, look through limit) specifically for anonymous connections
    • This is useful when you want to have different limits for regular users and anonymous users
    • Set the attribute nsslapd-anonlimitsdn in cn=config to the DN of the entry that you want to use as the "template" entry. This is a dummy entry that you have to create. Then you set whatever resource limits you want to apply to anonymous to that dummy entry, and those limits will apply to anonymous users.
  • Access based on the security strength of the connection
    • There is a new ACI keyword - minssf - this allows you to set access control based on how secure the connection is
    • There is a global server setting in cn=config - nsslapd-minssf - that allows you to reject operations based on how secure the connection is
  • Ability to shut off anonymous access
    • This adds a new config switch in cn=config - nsslapd-allow-anonymous-access - that allows one to restrict all anonymous access. When this is enabled, the connection dispatch code will only allow BIND operations through for an unauthenticated user. The BIND code will only allow the operation through if it's not an anonymous or unauthenticated BIND.
[edit]

Bugs Fixed

This release contains several bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

  • Tracking bug for 1.2.3 release - https://bugzilla.redhat.com/showdependencytree.cgi?id=519216&hide_resolved=0
    • 495073 RFE: In Place upgrade should handle configuration and schema changes
    • 495522 Start script hardcodes file permissions mask to 077 (600), so the nsslapd-*log-mode configuration attributes don't work
    • 501616 [RFE] Restrict access to secure sessions only (TLS and SSL)
    • 501846 Running setup-ds-admin.pl -u on replica with ldaps chokes on CA cert
    • 513308 empty principal name used when using server to server sasl for db chaining
    • 516305 MODIFY/replace with empty values does not ignore missing or unknown attributes
    • 518112 rhds 81 el53 64b ns-slapd seg fault error 4 - nspr -5956 (The device for storing the file is full.)
    • 518279 logs created at startup can get wrong file mode
    • 518514 Bitwise Plugin: Bitwise filter doesn't return except the first entry if its multi-valued
    • 518673 entryusn: wrong lastusn value
    • 519455 Should not attempt to pop SASL IO layer if not using SASL IO
    • 520483 setup-ds-admin.pl: Can't call method "getErrorString" on an undefined value at /usr/lib64/dirsrv/perl/AdminUtil.pm line 405.
    • 520493 Upgrade from fedora-ds-1.2.0 to 389-ds-1.2.2 breaks 389-console and the admin server
    • 520921 Config schema not included in core schema
    • 521523 RPM Dependencies for 389 console are incomplete
    • 523476 389-ds-base/glibmm24: conflicting perl provides
    • 525007 ldif2db replaces existing modify/create name and timestamps
    • 525785 setup-ds-admin.pl should use correct default hostname + port
    • 526141 allow empty groups
    • 526319 SASL IO sometimes loops with "error: would block"
[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Directory Server 1.2.2 - August 26, 2009

[edit]

Notes

NOTE: Fedora versions below 10 are no longer supported (except for Fedora Core 6 - see below). If you are running Fedora 9 or earlier, you should upgrade.

NOTE: This release is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 9 and later have Java 1.6 OpenJDK.

NOTE: After installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. There is a bug in setup - it will leave the old versions of the server in console - you can ignore the old versions.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

[edit]

New features

There are no new features in this release. This release fixes some critical bugs.

[edit]

Bugs Fixed

This release contains several bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

389 Directory Server 1.2.1 - August 17, 2009

[edit]

Notes

NOTE: Fedora versions below 10 are no longer supported (except for Fedora Core 6 - see below). If you are running Fedora 9 or earlier, you should upgrade.

NOTE: This is the first release that is branded as 389. All of the RPMs have been marked as obsoleting their Fedora DS counterparts. When upgrading via yum, you must use yum upgrade (not update) so that the obsoletes will be processed.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 9 and later have Java 1.6 OpenJDK.

NOTE: After installing the updates, you must run setup-ds-admin.pl -u to refresh your console and admin server configuration with the new version information. There is a bug in setup - it will leave the old versions of the server in console - you can ignore the old versions.

NOTE: 389-console is the command to run the console. This replaces fedora-idm-console.

[edit]

New features

There are several new features in this release. For more information, see New Features for 1.2.1

[edit]

Bugs Fixed

This release contains several bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

Fedora Directory Server 1.2.0 - April 3, 2009

[edit]

Notes

NOTE: Fedora versions below 9 are no longer supported (except for Fedora Core 6 - see below). If you are running Fedora 8 or earlier, you should upgrade.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 9 and later have Java 1.6 OpenJDK.

[edit]

Bugs Fixed

This release contains over 200 bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

[edit]

New features 

groupdn="ldap:///cn=Administrators,dc=example,dc=com"
    • You can now use a search specification 
 groupdn="ldap:///suffix??scope?(filter)"
    • Example 
(groupdn = "ldap:///ou=Groups, dc=example,dc=com??sub?(cn=*s_0)" or
 groupdn = "ldap:///ou=Groups,dc=example,dc=com??sub?(cn=*s_1)") and
groupdn = "ldap:///ou=Groups, dc=example,dc=com??sub?(cn=*s_2)"

means the user must belong to the group ending with s_0 or s_1, and the group ending with s_2

  • remove-ds.pl - remove a directory server instance
  • remove-ds-admin.pl - wipe out everything (for use when you run setup-ds-admin.pl and get an error, and just want to start over from scratch)
  • New Schema - now includes schema for autofs, samba, and many other apps
[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

Fedora Directory Server 1.1.3 - September 25, 2008

This release fixes a bug in the Windows Sync code that was introduced with 1.1.2. If you are using Windows Sync or plan to use freeIPA, you should upgrade to 1.1.3.

See Fedora Directory Server 1.1.2 for additional information.

[edit]

Bugs Fixed

[edit]

Fedora Directory Server 1.1.2 - September 16, 2008

[edit]

Notes

NOTE: If you had servers that did not show up console, or you want to update the information displayed for those servers in the console, run setup-ds-admin.pl with the new update option (-u or --update) - this will re-register all of your servers with the console. It is ok to run this even if your servers are already registered correctly and show up in the console - it will update the date and version information. 

setup-ds-admin.pl -u

This will prompt for the Configuration Directory Server Admin password (i.e. the password for the admin user).

[edit]

Bugs Fixed

This release contains many, many bug fixes, including some security problems and memory leaks The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED are considered fixed. Only bugs in the NEW or ASSIGNED state have not been fixed or resolved.

[edit]

New features

[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

Fedora Directory Server 1.1.1 - June 6, 2008

This is primarily a bug fix update. New features:

  • Improved slapi task interface - Slapi_Task_API
  • Improved ldapi support, with support for SASL/EXTERNAL bind - LDAPI_and_AutoBind
  • MemberOf plugin - MemberOf_Plugin
  • Bugs Fixed
    • 429793 - Fixed crash in replication during bulk import
    • 182621 - Allow larger regex buffer to enable long substring filters
    • 439829 - simple password auth fails using NSS 3.11.99 or later
    • 428764 - memory leaks in extensible filter code
    • 440333 - Fixed valrgind errors about use of unitialized values
    • 428163 - SASL IO functions set/get: argument mismatch
    • 429799 - Allow import fifo to clear out all finished entries
[edit]

Fedora Directory Server 1.1.0 - January 4, 2008

WARNING: Following the instructions below will upgrade your 1.0 installation to 1.1. If you want to do this, run /usr/sbin/migrate-ds-admin.pl after installation. If you do not want to do this, use a clean machine or a VM to install Fedora DS 1.1.

[edit]

Known Issues

  • Migration to Fedora 8 and later requires LDIF files - binary database migration from an earlier release to Fedora 8 or later does not work. This is because Fedora 8 and later use Berkeley DB 4.6 and the binary database format used in earlier releases is not compatible. If you are upgrading or migrating to Fedora DS 1.1 on Fedora 8 or later, you must first export (db2ldif) your databases to LDIF format. See DS_Admin_Migration for more information.
[edit]

What's new

  • Auto UID and GID number generation with the libdna plugin - Distributed Numeric Assignment - that works even with multi-master replication environments - see http://cvs.fedora.redhat.com/viewcvs/ldapserver/ldap/servers/plugins/dna/?root=dirsec for more information
  • Separate packages - each main component is in its own package - see Discrete_Packaging
  • Filesystem Hierarchy Standard file/path layout (e.g. log files are under /var/log/dirsrv) - see FHS_Packaging
  • Many of the components are now built into Fedora - see FDS_Into_FedoraCore
  • The setup command is now /usr/sbin/setup-ds-admin.pl - see FDS_Setup for more information
  • startconsole is gone - use /usr/bin/fedora-idm-console instead
  • Migration from version 1.0 and earlier is fully supported by the /usr/sbin/migrate-ds-admin.pl script provided with the package - see FDS_Setup and Migration_From_10 for more information - see note above about migration to Fedora DS 1.1 on Fedora 8 and later.
  • Binary packages are provided only for Fedora 6, 7, 8 and 9 - The Fedora 6 packages should run on Red Hat EL5.1 (not 5.0)
  • Version 1.1 does not include the phonebook, gateway, or org chart web apps - those will be provided in a following release
  • Init scripts! 
service dirsrv {start|stop|restart} [instance name]
service dirsrv-admin {start|stop|restart}
edit /etc/sysconfig/dirsrv or /etc/sysconfig/dirsrv-admin to set environment
[edit]

Installation

  • Installation uses yum
  • If you are already using fedora-ds-base from Fedora, you must first upgrade it 
rpm -qi fedora-ds-base

If that returns an error, skip to the next bullet, otherwise 

yum upgrade fedora-ds-base
  • Set up your Fedora DS yum repo - as root 
cd /etc/yum.repos.d
wget http://directory.fedoraproject.org/sources/idmcommon.repo
wget http://directory.fedoraproject.org/sources/dirsrv.repo
  • Full install 
yum install fedora-ds

This will install many dependencies too. NOTE: On Fedora 8, the IcedTea Java can run the console. On Fedora 7 and earlier, you will still need to install a proprietary JRE in order to run - see Install_Guide for information about how to install Java.

  • First time users can use /usr/sbin/setup-ds-admin.pl to set up the new directory server and admin server
  • Fedora DS 1.0.x users can use /usr/sbin/migrate-ds-admin.pl to migrate existing directory and admin server data

NOTE: If you are upgrading from 1.0, DO NOT USE setup-ds-admin.pl - use migrate-ds-admin.pl instead

  • Console - the console command is /usr/bin/fedora-idm-console - startconsole has been removed
[edit]

Console only Installation

Follow the above steps to set up the yum repositories, then just install the fedora-idm-console package: 

yum install fedora-idm-console

Then use /usr/bin/fedora-idm-console

[edit]

Base DS only Installation

Follow the above steps to set up the yum repositories, then just install the fedora-ds-base package: 

yum install fedora-ds-base
  • First time users can use /usr/sbin/setup-ds.pl to set up the new directory server
  • If you already have a directory server installation, use /usr/sbin/migrate-ds.pl instead of setup-ds.pl
[edit]

Windows Console for Fedora DS 1.1 - December 14, 2007

FedoraConsole.msi is a Windows Installer file for the Console for Fedora Directory Server 1.1. Go to Download to download the file.

  • Tested with Sun Java 1.4 and 1.5 on Windows 2003 Server
  • You will need to install Java 1.4 or 1.5. Java must be available in your PATH, or you can edit the batch file provided to set JAVA to the correct path to java.exe
  • This might work with Fedora DS 1.0.4 but it has not been tested.
[edit]

Fedora Directory Server 1.1 Beta - November 26, 2007

WARNING: Following the instructions below will upgrade your 1.0 installation to 1.1. If you want to do this, run /usr/sbin/migrate-ds-admin.pl after installation. If you do not want to do this, use a clean machine or a VM to install Fedora DS 1.1.

What's new? 

service dirsrv {start|stop|restart} [instance name]
service dirsrv-admin {start|stop|restart}
edit /etc/sysconfig/dirsrv or /etc/sysconfig/dirsrv-admin to set environment
[edit]

Installation

  • Installation uses yum
  • If you are already using fedora-ds-base from Fedora, you must first upgrade it 
rpm -qi fedora-ds-base

If that returns an error, skip to the next bullet, otherwise 

yum upgrade fedora-ds-base
  • Set up your Fedora DS yum repo - as root 
cd /etc/yum.repos.d
wget http://directory.fedoraproject.org/sources/idmcommon.repo
wget http://directory.fedoraproject.org/sources/dirsrv.repo
  • Install 
yum install fedora-ds

This will install many dependencies too. NOTE: On Fedora 8, the IcedTea Java can run the console. On Fedora 7 and earlier, you will still need to install a proprietary JRE in order to run - see Install_Guide for information about how to install Java.

  • First time users can use /usr/sbin/setup-ds-admin.pl to set up the new directory server and admin server
  • Fedora DS 1.0.x users can use /usr/sbin/migrate-ds-admin.pl to migrate existing directory and admin server data

NOTE: If you are upgrading from 1.0, DO NOT USE setup-ds-admin.pl - use migrate-ds-admin.pl instead

  • Console - the console command is /usr/bin/fedora-idm-console - startconsole has been removed
[edit]

Fedora Directory Server 1.0.4 - November 9, 2006

What's new?

  • Bug fixes - follow this link to see the bugzilla report
    • The main bug fixed is in setup - it would change file ownership and break the server
  • Known issues
    • You may get a Constraint Violation error during setup after doing an upgrade - disable password syntax checking before running setup, and re-enable it afterwards if you are using password syntax checking
    • After doing an upgrade install (rpm -U), make sure the directory server and admin server are running:
      • /opt/fedora-ds/slapd-instance/start-slapd
      • /opt/fedora-ds/start-admin
    • See also What's New with FDS 1.0.3 below
[edit]

Installation

First, Download the binaries. Next, if you are upgrading from an earlier release, use rpm -Uvh to install, otherwise, use rpm -ivh. If upgrading, make sure your slapd and admin server are running: 

cd /opt/fedora-ds
./slapd-yourhost/start-slapd
./start-admin

Next, if you are using password syntax checking, disable it before running setup: 

ldapmodify -x -D "cn=directory manager" -w password
dn: cn=config
changetype: modify
replace: passwordCheckSyntax
passwordCheckSyntax: off

Finally, run setup as follows: 

cd /opt/fedora-ds ; ./setup/setup

Then, if you are using password syntax checking, enable it again: 

ldapmodify -x -D "cn=directory manager" -w password
dn: cn=config
changetype: modify
replace: passwordCheckSyntax
passwordCheckSyntax: on

Please refer to the Install_Guide for more information.

[edit]

Fedora Directory Server 1.0.3 - 10/31/2006

What's new?

  • Password modify extended operation can generate new passwords
  • New versions of NSPR (4.6.3) NSS (3.11.3) Mozldap (6.0.0)
    • These new components address bugs and memory leaks in earlier versions, and adds client support for SASL to the bundled ldap command line tools
  • Uses system sasl and snmp instead of bundled versions
  • The PAM passthru auth plug-in is included (disabled by default)
  • Bug fixes - follow this link to see the bugzilla report
  • Known issues
    • After doing an upgrade install (rpm -U), make sure the directory server and admin server are running:
      • /opt/fedora-ds/slapd-instance/start-slapd
      • /opt/fedora-ds/start-admin
    • Using password syntax checking to restrict passwords less than 9 characters in length doesn't work with new password generation
[edit]

Installation

First, Download the binaries. Next, if you are upgrading from an earlier release, use rpm -Uvh to install, otherwise, use rpm -ivh. If upgrading, make sure your slapd and admin server are running: 

cd /opt/fedora-ds
./slapd-yourhost/start-slapd
./start-admin

Finally, run setup as follows: 

cd /opt/fedora-ds ; ./setup/setup

Please refer to the Install_Guide for more information.

[edit]

Fedora Directory Server 1.0.2 - 03/02/2006

What's new?

  • Extended Password Syntax checking - passwords can be checked to see if they conform to the following:
    • minimum password character length (old feature, but now the default is 8 characters)
    • minimum number of digit characters (0-9)
    • minimum number of ASCII alpha characters (a-z, A-Z)
    • minimum number of uppercase ASCII alpha characters (A-Z)
    • minimum number of lowercase ASCII alpha characters (a-z)
    • minimum number of special ASCII characters (!@#$, etc.)
    • minimum number of 8-bit characters
    • maximum number of times the same char can be immediately repeated (aaabbb)
    • minimum number of character categories that are represented (categories are lower, upper, digit, special, and 8-bit)
    • More information, including screen shots, can be found here.
  • Support for Linux x86_64 - RPMs for Fedora Core 4 and 5 and RHEL4 x86_64 are on the Download page.
  • Bug fixes - follow this link to see the bugzilla report
[edit]

Installation

First, Download the binaries. Next, if you are upgrading from an earlier release, use rpm -Uvh to install, otherwise, use rpm -ivh. Finally, run setup as follows: 

cd /opt/fedora-ds ; ./setup/setup

If upgrading, you may need to restart your slapd and/or admin server after running setup: 

cd /opt/fedora-ds
./slapd-yourhost/start-slapd
./start-admin

Please refer to the Install_Guide for more information.

[edit]

Fedora Directory Server 1.0.1 - 12/08/2005

This is a patch release to address the following problems:

  • Fedora DS 1.0 was built with the build bomb ON - this means the binary will quit working after 120 days - 175053
  • The Admin Server in Fedora DS 1.0 can allow unauthorized access to sensitive information - 174837
  • The console required the mozilla-nspr and mozilla-nss packages. This dependency has been removed - 174981
  • Other bugs: 174843 175187 175098
[edit]

Installation

First, Download the binaries.

[edit]

Upgrade from Fedora DS 1.0

If you are upgrading from Fedora DS 1.0, DO NOT RUN SETUP after doing the rpm -Uvh. Instead, just restart your directory servers, followed by restarting your admin server. e.g. 

cd /opt/fedora-ds
./slapd-name/start-slapd
./slapd-name2/start-slapd
...
./slapd-nameN/start-slapd
./start-admin
[edit]

First time Fedora DS Install

If you are installing the software for the first time, please refer to Install_Guide for more information.

[edit]

Fedora Directory Server 1.0

FDS10Announcement

Retrieved from "http://directory.fedoraproject.org/wiki/Old_Release_Notes"
Account