Child pages
  • OpenDJ 2.4.2 Release Notes
Skip to end of metadata
Go to start of metadata

OpenDJ is an LDAPv3 compliant directory service, developed for the Java platform, providing a high performance, highly available, and secure store for the identities managed by your organization. Its easy installation process, combined with the power of the Java platform makes OpenDJ the simplest, fastest directory to deploy and manage.

You can download OpenDJ software from the OpenDJ download page. OpenDJ is free to download, evaluate, and use. You can even check out and modify the source code to build your own version if you prefer.

These release notes are written for everyone working with the OpenDJ 2.4.2 release. Read these notes before you install or upgrade OpenDJ software. These notes cover hardware and software prerequisites for installing and upgrading OpenDJ software. These notes list key features added and changed in this release. They also cover compatibility with previous releases and alert you to potential changes coming up that could affect your scripts and applications. Finally, these notes list both issues fixed since the previous release and known issues open at the time of release.

See the OpenDJ Installation Guide for more after you read these release notes. The installation guide covers installation and upgrade for OpenDJ directory server and OpenDJ DSML gateway. If you're planning to upgrade from OpenDJ 2.4.0 or OpenDS 2.2, make sure you run the script as described in the "Before you upgrade" section of the OpenDJ Installation Guide .

What's New In OpenDJ 2.4.2

Compared to the OpenDJ 2.4.1, OpenDJ 2.4.2 fixes a number of issues. OpenDJ 2.4.2 is an update release that does not include additional features.

OpenDJ Compatibility

This chapter covers both major changes to existing functionality, and also deprecated and removed functionality.

Major changes to existing functionality


Deprecated functionality

No functionality is deprecated in OpenDJ 2.4.2.

No functionality is planned to be deprecated at this time.

Removed functionality

No functionality has been removed in OpenDJ 2.4.2.

No functionality is planned to be removed at this time.

OpenDJ Fixes, Limitations, and Known Issues

OpenDJ issues are tracked at This chapter covers the status of key issues at release 2.4.2.

Fixes since last release

The following issues were fixed since release 2.4.1.

  • OPENDJ-23: Exception while replaying a delete operation using assured replication.
  • OPENDJ-26: Fix OpenDS issue 4585: ConcurrentModificationException in ReplicationBroker
  • OPENDJ-58: cn:schema attribute stored twice in 99-user.ldif schema file
  • OPENDJ-90: DS disconnecting for more suitable RS even though this RS process is actually STOPed
  • OPENDJ-91: Unique Attribute plugin rejects valid modification of unique value.
  • OPENDJ-92: Replication thread naming is confusing and inconsistent
  • OPENDJ-94: NullPointerException when shutting down worker threads
  • OPENDJ-95: Socket leak and constant disconnect/reconnect when a directory server can no longer reach its connected replication server
  • OPENDJ-96: Replication server monitor data computation takes too long / blocks rest of server when another RS is cannot be reached
  • OPENDJ-97: Very many minor problems with the error logging for replication
  • OPENDJ-99: NoSuchElementExceptions while replaying replicated operations.
  • OPENDJ-101: NPE when processing UniqueAttributePlugin/AuthenticatedUsers ChangeListener post-sync for moddn operations with conflicts
  • OPENDJ-103: Replication in 2.4 head and trunk are no longer compatible with 2.4.0 and 2.4.1
  • OPENDJ-105: Replication protocol error. Bad message type. org.opends.server.replication.protocol.StopMsg received, ReplServerStartMsg required
  • OPENDJ-106: QuickStart Welcome Panel calls for Java 5, although OpenDJ now requires Java 6
  • OPENDJ-107: Potential for leaking DB cursors in replication databases.
  • OPENDJ-111: Bugs in ECL changelog creation of changeInitiatorsName attribute
  • OPENDJ-117: IllegalMonitorStateException during server shutdown
  • OPENDJ-121: Replication failure on startup due to generation ID of -1


Release 2.4.2 has the following limitations.

  • OpenDJ directory server provides full LDAP v3 support, except for alias dereferencing, and limited support for LDAPv2.
  • Account lockout works on a per-server basis only.
  • OpenDJ is not fully integrated with Microsoft Windows, yet OpenDJ directory server can be run as a service, and thus displayed in the Windows Services Control Panel.
  • OpenDJ replication is designed to permit an unlimited number of replication servers in your topology. Project testing has, however, focused only on topologies of up to eight replication servers.

Known issues

The following issues remained open at the time release 2.4.2 became available.

  • IcedTea-618: Currently OpenDJ does not work properly with OpenJDK 6 on Linux distributions. If you deploy on Linux, use the Sun JRE for now.
  • OPENDJ-68: On T2000 systems, hardware SSL crypto acceleration is slower than software. To work around this issue: 1) add more request handlers to LDAP (for TLS) and LDAPS (for SSL) connection handlers; 2) disable hardware acceleration for server's JVM by removing the SunPKCS11 security provider from jre/lib/security/
  • OPENDJ-88: Online backup of cn=config does not work
  • OPENDJ-98: Searches on cn=monitor take a long time
  • OPENDJ-109: jar files that are put into $OPENDJ_ROOT/lib/extensions are not visible in classpath
  • OPENDJ-130: External change log, used in compliance with Internet-draft, shows a divergence between replicas under load.
  • OPENDJ-136: On Windows, upgrade fails with NPE during Verify phase
  • OPENDN-137: Registering OpenDJ as a Windows Service is not recommended.

Furthermore when deploying for production, make sure that you follow the installation instructions on allowing OpenDJ to use at least 64K (65536) file descriptors, tuning the JVM appropriately, and increasing database cache size from the default of 10%.

For the latest status, query the OpenDJ bug database online at

Tested Operating Systems and Application Servers

OpenDJ software depends on the Java environment more than it depends on the underlying operating systems.

That said, OpenDJ 2.4.2 has been validated on the following operating systems.

  • Apple Mac OS X 10.6
  • Linux 2.6
  • Microsoft Windows 7
  • Oracle Solaris 10

OpenDJ 2.4.2 DSML gateway has been validated on Apache Tomcat 6.

Available Locales

OpenDJ administrative tools and log messages have been translated into the following languages.

  • French
  • German
  • Japanese
  • Simplified Chinese
  • Spanish

Several messages are also translated into Catalan, Korean, Polish and Traditional Chinese.

Note - Certain SEVERE and FATAL error messages are displayed in English only.

How to Report Problems and Provide Feedback

If you have questions regarding OpenDJ which are not answered by the documentation, there is a mailing list which can be found at where you are likely to find an answer.

If you have found issues or reproducible bugs within OpenDJ 2.4.2, report them in

When requesting help with a problem, please include the following information:

  • Description of the problem, including when the problem occurs and its impact on your operation
  • Machine type, operating system version, web container and version, JDK version, and OpenDJ release version, including any patches or other software that might be affecting the problem
  • Steps to reproduce the problem
  • Any error logs or core dumps


You can purchase OpenDJ support subscriptions and training courses from ForgeRock and from consulting partners around the world and in your area. To contact ForgeRock, send mail to, or call +47 21520108. To find a partner in your area, see

  • No labels