Release Notes

From 389 Directory Server

Contents

[edit]

Fedora Directory Server 1.2.0 - April 3, 2009

[edit]

Notes

NOTE: Fedora versions below 9 are no longer supported (except for Fedora Core 6 - see below). If you are running Fedora 8 or earlier, you should upgrade.

NOTE: The console now requires Java 1.6. This is available on most platforms via OpenJDK (IcedTea). If you are using some derivative of Enterprise Linux 5, and cannot find Java 1.6, Java 1.6 is available from Fedora EPEL. See the Download page for information about Enterprise Linux 5. Fedora 9 and later have Java 1.6 OpenJDK.

[edit]

Bugs Fixed

This release contains over 200 bug fixes. The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED have been fixed but are still in testing.

[edit]

New features 

groupdn="ldap:///cn=Administrators,dc=example,dc=com"
    • You can now use a search specification 
 groupdn="ldap:///suffix??scope?(filter)"
    • Example 
(groupdn = "ldap:///ou=Groups, dc=example,dc=com??sub?(cn=*s_0)" or
 groupdn = "ldap:///ou=Groups,dc=example,dc=com??sub?(cn=*s_1)") and
groupdn = "ldap:///ou=Groups, dc=example,dc=com??sub?(cn=*s_2)"

means the user must belong to the group ending with s_0 or s_1, and the group ending with s_2

  • remove-ds.pl - remove a directory server instance
  • remove-ds-admin.pl - wipe out everything (for use when you run setup-ds-admin.pl and get an error, and just want to start over from scratch)
  • New Schema - now includes schema for autofs, samba, and many other apps
[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

Fedora Directory Server 1.1.3 - September 25, 2008

This release fixes a bug in the Windows Sync code that was introduced with 1.1.2. If you are using Windows Sync or plan to use freeIPA, you should upgrade to 1.1.3.

See Fedora Directory Server 1.1.2 for additional information.

[edit]

Bugs Fixed

[edit]

Fedora Directory Server 1.1.2 - September 16, 2008

[edit]

Notes

NOTE: If you had servers that did not show up console, or you want to update the information displayed for those servers in the console, run setup-ds-admin.pl with the new update option (-u or --update) - this will re-register all of your servers with the console. It is ok to run this even if your servers are already registered correctly and show up in the console - it will update the date and version information. 

setup-ds-admin.pl -u

This will prompt for the Configuration Directory Server Admin password (i.e. the password for the admin user).

[edit]

Bugs Fixed

This release contains many, many bug fixes, including some security problems and memory leaks The complete list of bugs fixed is found at the link below. Note that bugs marked as MODIFIED are considered fixed. Only bugs in the NEW or ASSIGNED state have not been fixed or resolved.

[edit]

New features

[edit]

Download, Install, Setup

The Download page has information about how to get the binaries. The Install_Guide has information about installation and setup.

[edit]

Fedora Directory Server 1.1.1 - June 6, 2008

This is primarily a bug fix update. New features:

  • Improved slapi task interface - Slapi_Task_API
  • Improved ldapi support, with support for SASL/EXTERNAL bind - LDAPI_and_AutoBind
  • MemberOf plugin - MemberOf_Plugin
  • Bugs Fixed
    • 429793 - Fixed crash in replication during bulk import
    • 182621 - Allow larger regex buffer to enable long substring filters
    • 439829 - simple password auth fails using NSS 3.11.99 or later
    • 428764 - memory leaks in extensible filter code
    • 440333 - Fixed valrgind errors about use of unitialized values
    • 428163 - SASL IO functions set/get: argument mismatch
    • 429799 - Allow import fifo to clear out all finished entries
[edit]

Fedora Directory Server 1.1.0 - January 4, 2008

WARNING: Following the instructions below will upgrade your 1.0 installation to 1.1. If you want to do this, run /usr/sbin/migrate-ds-admin.pl after installation. If you do not want to do this, use a clean machine or a VM to install Fedora DS 1.1.

[edit]

Known Issues

  • Migration to Fedora 8 and later requires LDIF files - binary database migration from an earlier release to Fedora 8 or later does not work. This is because Fedora 8 and later use Berkeley DB 4.6 and the binary database format used in earlier releases is not compatible. If you are upgrading or migrating to Fedora DS 1.1 on Fedora 8 or later, you must first export (db2ldif) your databases to LDIF format. See DS_Admin_Migration for more information.
[edit]

What's new

  • Auto UID and GID number generation with the libdna plugin - Distributed Numeric Assignment - that works even with multi-master replication environments - see http://cvs.fedora.redhat.com/viewcvs/ldapserver/ldap/servers/plugins/dna/?root=dirsec for more information
  • Separate packages - each main component is in its own package - see Discrete_Packaging
  • Filesystem Hierarchy Standard file/path layout (e.g. log files are under /var/log/dirsrv) - see FHS_Packaging
  • Many of the components are now built into Fedora - see FDS_Into_FedoraCore
  • The setup command is now /usr/sbin/setup-ds-admin.pl - see FDS_Setup for more information
  • startconsole is gone - use /usr/bin/fedora-idm-console instead
  • Migration from version 1.0 and earlier is fully supported by the /usr/sbin/migrate-ds-admin.pl script provided with the package - see FDS_Setup and Migration_From_10 for more information - see note above about migration to Fedora DS 1.1 on Fedora 8 and later.
  • Binary packages are provided only for Fedora 6, 7, 8 and 9 - The Fedora 6 packages should run on Red Hat EL5.1 (not 5.0)
  • Version 1.1 does not include the phonebook, gateway, or org chart web apps - those will be provided in a following release
  • Init scripts! 
service dirsrv {start|stop|restart} [instance name]
service dirsrv-admin {start|stop|restart}
edit /etc/sysconfig/dirsrv or /etc/sysconfig/dirsrv-admin to set environment
[edit]

Installation

  • Installation uses yum
  • If you are already using fedora-ds-base from Fedora, you must first upgrade it 
rpm -qi fedora-ds-base

If that returns an error, skip to the next bullet, otherwise 

yum upgrade fedora-ds-base
  • Set up your Fedora DS yum repo - as root 
cd /etc/yum.repos.d
wget http://directory.fedoraproject.org/sources/idmcommon.repo
wget http://directory.fedoraproject.org/sources/dirsrv.repo
  • Full install 
yum install fedora-ds

This will install many dependencies too. NOTE: On Fedora 8, the IcedTea Java can run the console. On Fedora 7 and earlier, you will still need to install a proprietary JRE in order to run - see Install_Guide for information about how to install Java.

  • First time users can use /usr/sbin/setup-ds-admin.pl to set up the new directory server and admin server
  • Fedora DS 1.0.x users can use /usr/sbin/migrate-ds-admin.pl to migrate existing directory and admin server data

NOTE: If you are upgrading from 1.0, DO NOT USE setup-ds-admin.pl - use migrate-ds-admin.pl instead

  • Console - the console command is /usr/bin/fedora-idm-console - startconsole has been removed
[edit]

Console only Installation

Follow the above steps to set up the yum repositories, then just install the fedora-idm-console package: 

yum install fedora-idm-console

Then use /usr/bin/fedora-idm-console

[edit]

Base DS only Installation

Follow the above steps to set up the yum repositories, then just install the fedora-ds-base package: 

yum install fedora-ds-base
  • First time users can use /usr/sbin/setup-ds.pl to set up the new directory server
  • If you already have a directory server installation, use /usr/sbin/migrate-ds.pl instead of setup-ds.pl
[edit]

Windows Console for Fedora DS 1.1 - December 14, 2007

FedoraConsole.msi is a Windows Installer file for the Console for Fedora Directory Server 1.1. Go to Download to download the file.

  • Tested with Sun Java 1.4 and 1.5 on Windows 2003 Server
  • You will need to install Java 1.4 or 1.5. Java must be available in your PATH, or you can edit the batch file provided to set JAVA to the correct path to java.exe
  • This might work with Fedora DS 1.0.4 but it has not been tested.
[edit]

Fedora Directory Server 1.1 Beta - November 26, 2007

WARNING: Following the instructions below will upgrade your 1.0 installation to 1.1. If you want to do this, run /usr/sbin/migrate-ds-admin.pl after installation. If you do not want to do this, use a clean machine or a VM to install Fedora DS 1.1.

What's new? 

service dirsrv {start|stop|restart} [instance name]
service dirsrv-admin {start|stop|restart}
edit /etc/sysconfig/dirsrv or /etc/sysconfig/dirsrv-admin to set environment
[edit]

Installation

  • Installation uses yum
  • If you are already using fedora-ds-base from Fedora, you must first upgrade it 
rpm -qi fedora-ds-base

If that returns an error, skip to the next bullet, otherwise 

yum upgrade fedora-ds-base
  • Set up your Fedora DS yum repo - as root 
cd /etc/yum.repos.d
wget http://directory.fedoraproject.org/sources/idmcommon.repo
wget http://directory.fedoraproject.org/sources/dirsrv.repo
  • Install 
yum install fedora-ds

This will install many dependencies too. NOTE: On Fedora 8, the IcedTea Java can run the console. On Fedora 7 and earlier, you will still need to install a proprietary JRE in order to run - see Install_Guide for information about how to install Java.

  • First time users can use /usr/sbin/setup-ds-admin.pl to set up the new directory server and admin server
  • Fedora DS 1.0.x users can use /usr/sbin/migrate-ds-admin.pl to migrate existing directory and admin server data

NOTE: If you are upgrading from 1.0, DO NOT USE setup-ds-admin.pl - use migrate-ds-admin.pl instead

  • Console - the console command is /usr/bin/fedora-idm-console - startconsole has been removed
[edit]

Fedora Directory Server 1.0.4 - November 9, 2006

What's new?

  • Bug fixes - follow this link to see the bugzilla report
    • The main bug fixed is in setup - it would change file ownership and break the server
  • Known issues
    • You may get a Constraint Violation error during setup after doing an upgrade - disable password syntax checking before running setup, and re-enable it afterwards if you are using password syntax checking
    • After doing an upgrade install (rpm -U), make sure the directory server and admin server are running:
      • /opt/fedora-ds/slapd-instance/start-slapd
      • /opt/fedora-ds/start-admin
    • See also What's New with FDS 1.0.3 below
[edit]

Installation

First, Download the binaries. Next, if you are upgrading from an earlier release, use rpm -Uvh to install, otherwise, use rpm -ivh. If upgrading, make sure your slapd and admin server are running: 

cd /opt/fedora-ds
./slapd-yourhost/start-slapd
./start-admin

Next, if you are using password syntax checking, disable it before running setup: 

ldapmodify -x -D "cn=directory manager" -w password
dn: cn=config
changetype: modify
replace: passwordCheckSyntax
passwordCheckSyntax: off

Finally, run setup as follows: 

cd /opt/fedora-ds ; ./setup/setup

Then, if you are using password syntax checking, enable it again: 

ldapmodify -x -D "cn=directory manager" -w password
dn: cn=config
changetype: modify
replace: passwordCheckSyntax
passwordCheckSyntax: on

Please refer to the Install_Guide for more information.

[edit]

Fedora Directory Server 1.0.3 - 10/31/2006

What's new?

  • Password modify extended operation can generate new passwords
  • New versions of NSPR (4.6.3) NSS (3.11.3) Mozldap (6.0.0)
    • These new components address bugs and memory leaks in earlier versions, and adds client support for SASL to the bundled ldap command line tools
  • Uses system sasl and snmp instead of bundled versions
  • The PAM passthru auth plug-in is included (disabled by default)
  • Bug fixes - follow this link to see the bugzilla report
  • Known issues
    • After doing an upgrade install (rpm -U), make sure the directory server and admin server are running:
      • /opt/fedora-ds/slapd-instance/start-slapd
      • /opt/fedora-ds/start-admin
    • Using password syntax checking to restrict passwords less than 9 characters in length doesn't work with new password generation
[edit]

Installation

First, Download the binaries. Next, if you are upgrading from an earlier release, use rpm -Uvh to install, otherwise, use rpm -ivh. If upgrading, make sure your slapd and admin server are running: 

cd /opt/fedora-ds
./slapd-yourhost/start-slapd
./start-admin

Finally, run setup as follows: 

cd /opt/fedora-ds ; ./setup/setup

Please refer to the Install_Guide for more information.

[edit]

Fedora Directory Server 1.0.2 - 03/02/2006

What's new?

  • Extended Password Syntax checking - passwords can be checked to see if they conform to the following:
    • minimum password character length (old feature, but now the default is 8 characters)
    • minimum number of digit characters (0-9)
    • minimum number of ASCII alpha characters (a-z, A-Z)
    • minimum number of uppercase ASCII alpha characters (A-Z)
    • minimum number of lowercase ASCII alpha characters (a-z)
    • minimum number of special ASCII characters (!@#$, etc.)
    • minimum number of 8-bit characters
    • maximum number of times the same char can be immediately repeated (aaabbb)
    • minimum number of character categories that are represented (categories are lower, upper, digit, special, and 8-bit)
    • More information, including screen shots, can be found here.
  • Support for Linux x86_64 - RPMs for Fedora Core 4 and 5 and RHEL4 x86_64 are on the Download page.
  • Bug fixes - follow this link to see the bugzilla report
[edit]

Installation

First, Download the binaries. Next, if you are upgrading from an earlier release, use rpm -Uvh to install, otherwise, use rpm -ivh. Finally, run setup as follows: 

cd /opt/fedora-ds ; ./setup/setup

If upgrading, you may need to restart your slapd and/or admin server after running setup: 

cd /opt/fedora-ds
./slapd-yourhost/start-slapd
./start-admin

Please refer to the Install_Guide for more information.

[edit]

Fedora Directory Server 1.0.1 - 12/08/2005

This is a patch release to address the following problems:

  • Fedora DS 1.0 was built with the build bomb ON - this means the binary will quit working after 120 days - 175053
  • The Admin Server in Fedora DS 1.0 can allow unauthorized access to sensitive information - 174837
  • The console required the mozilla-nspr and mozilla-nss packages. This dependency has been removed - 174981
  • Other bugs: 174843 175187 175098
[edit]

Installation

First, Download the binaries.

[edit]

Upgrade from Fedora DS 1.0

If you are upgrading from Fedora DS 1.0, DO NOT RUN SETUP after doing the rpm -Uvh. Instead, just restart your directory servers, followed by restarting your admin server. e.g. 

cd /opt/fedora-ds
./slapd-name/start-slapd
./slapd-name2/start-slapd
...
./slapd-nameN/start-slapd
./start-admin
[edit]

First time Fedora DS Install

If you are installing the software for the first time, please refer to Install_Guide for more information.

[edit]

Fedora Directory Server 1.0

FDS10Announcement

Retrieved from "http://directory.fedoraproject.org/wiki/Release_Notes"
Account