OpenDJ is an LDAPv3 compliant directory service, developed for the Java platform, providing a high performance, highly available, and secure store for the identities managed by your organization. Its easy installation process, combined with the power of the Java platform makes OpenDJ the simplest, fastest directory to deploy and manage.
You can download OpenDJ software from the OpenDJ download page. OpenDJ is free to download, evaluate, and use. You can even check out and modify the source code to build your own version if you prefer.
These release notes are written for everyone working with the OpenDJ 2.4.2 release. Read these notes before you install or upgrade OpenDJ software. These notes cover hardware and software prerequisites for installing and upgrading OpenDJ software. These notes list key features added and changed in this release. They also cover compatibility with previous releases and alert you to potential changes coming up that could affect your scripts and applications. Finally, these notes list both issues fixed since the previous release and known issues open at the time of release.
See the OpenDJ Installation Guide for more after you read these release notes. The installation guide covers installation and upgrade for OpenDJ directory server and OpenDJ DSML gateway. If you're planning to upgrade from OpenDJ 2.4.0 or OpenDS 2.2, make sure you run the opendj_patch4upgrade.sh script as described in the "Before you upgrade" section of the OpenDJ Installation Guide .
What's New In OpenDJ 2.4.2
Compared to the OpenDJ 2.4.1, OpenDJ 2.4.2 fixes a number of issues. OpenDJ 2.4.2 is an update release that does not include additional features.
This chapter covers both major changes to existing functionality, and also deprecated and removed functionality.
Major changes to existing functionality
No functionality is deprecated in OpenDJ 2.4.2.
No functionality is planned to be deprecated at this time.
No functionality has been removed in OpenDJ 2.4.2.
No functionality is planned to be removed at this time.
OpenDJ Fixes, Limitations, and Known Issues
OpenDJ issues are tracked at https://bugster.forgerock.org/jira/browse/OPENDJ. This chapter covers the status of key issues at release 2.4.2.
Fixes since last release
The following issues were fixed since release 2.4.1.
- OPENDJ-23: Exception while replaying a delete operation using assured replication.
- OPENDJ-26: Fix OpenDS issue 4585: ConcurrentModificationException in ReplicationBroker
- OPENDJ-58: cn:schema attribute stored twice in 99-user.ldif schema file
- OPENDJ-90: DS disconnecting for more suitable RS even though this RS process is actually STOPed
- OPENDJ-91: Unique Attribute plugin rejects valid modification of unique value.
- OPENDJ-92: Replication thread naming is confusing and inconsistent
- OPENDJ-94: NullPointerException when shutting down worker threads
- OPENDJ-95: Socket leak and constant disconnect/reconnect when a directory server can no longer reach its connected replication server
- OPENDJ-96: Replication server monitor data computation takes too long / blocks rest of server when another RS is cannot be reached
- OPENDJ-97: Very many minor problems with the error logging for replication
- OPENDJ-99: NoSuchElementExceptions while replaying replicated operations.
- OPENDJ-101: NPE when processing UniqueAttributePlugin/AuthenticatedUsers ChangeListener post-sync for moddn operations with conflicts
- OPENDJ-103: Replication in 2.4 head and trunk are no longer compatible with 2.4.0 and 2.4.1
- OPENDJ-105: Replication protocol error. Bad message type. org.opends.server.replication.protocol.StopMsg received, ReplServerStartMsg required
- OPENDJ-106: QuickStart Welcome Panel calls for Java 5, although OpenDJ now requires Java 6
- OPENDJ-107: Potential for leaking DB cursors in replication databases.
- OPENDJ-111: Bugs in ECL changelog creation of changeInitiatorsName attribute
- OPENDJ-117: IllegalMonitorStateException during server shutdown
- OPENDJ-121: Replication failure on startup due to generation ID of -1
Release 2.4.2 has the following limitations.
- OpenDJ directory server provides full LDAP v3 support, except for alias dereferencing, and limited support for LDAPv2.
- Account lockout works on a per-server basis only.
- OpenDJ is not fully integrated with Microsoft Windows, yet OpenDJ directory server can be run as a service, and thus displayed in the Windows Services Control Panel.
- OpenDJ replication is designed to permit an unlimited number of replication servers in your topology. Project testing has, however, focused only on topologies of up to eight replication servers.
The following issues remained open at the time release 2.4.2 became available.
- IcedTea-618: Currently OpenDJ does not work properly with OpenJDK 6 on Linux distributions. If you deploy on Linux, use the Sun JRE for now.
- OPENDJ-68: On T2000 systems, hardware SSL crypto acceleration is slower than software. To work around this issue: 1) add more request handlers to LDAP (for TLS) and LDAPS (for SSL) connection handlers; 2) disable hardware acceleration for server's JVM by removing the SunPKCS11 security provider from jre/lib/security/java.security.
- OPENDJ-88: Online backup of cn=config does not work
- OPENDJ-98: Searches on cn=monitor take a long time
- OPENDJ-109: jar files that are put into $OPENDJ_ROOT/lib/extensions are not visible in classpath
- OPENDJ-130: External change log, used in compliance with Internet-draft, shows a divergence between replicas under load.
- OPENDJ-136: On Windows, upgrade fails with NPE during Verify phase
- OPENDN-137: Registering OpenDJ as a Windows Service is not recommended.
Furthermore when deploying for production, make sure that you follow the installation instructions on allowing OpenDJ to use at least 64K (65536) file descriptors, tuning the JVM appropriately, and increasing database cache size from the default of 10%.
For the latest status, query the OpenDJ bug database online at https://bugster.forgerock.org/jira/browse/OPENDJ.
Tested Operating Systems and Application Servers
OpenDJ software depends on the Java environment more than it depends on the underlying operating systems.
That said, OpenDJ 2.4.2 has been validated on the following operating systems.
- Apple Mac OS X 10.6
- Linux 2.6
- Microsoft Windows 7
- Oracle Solaris 10
OpenDJ 2.4.2 DSML gateway has been validated on Apache Tomcat 6.
OpenDJ administrative tools and log messages have been translated into the following languages.
- Simplified Chinese
Several messages are also translated into Catalan, Korean, Polish and Traditional Chinese.
Note - Certain SEVERE and FATAL error messages are displayed in English only.
How to Report Problems and Provide Feedback
If you have questions regarding OpenDJ which are not answered by the documentation, there is a mailing list which can be found at https://lists.forgerock.org/mailman/listinfo/opendj where you are likely to find an answer.
If you have found issues or reproducible bugs within OpenDJ 2.4.2, report them in https://bugster.forgerock.org.
When requesting help with a problem, please include the following information:
- Description of the problem, including when the problem occurs and its impact on your operation
- Machine type, operating system version, web container and version, JDK version, and OpenDJ release version, including any patches or other software that might be affecting the problem
- Steps to reproduce the problem
- Any error logs or core dumps
You can purchase OpenDJ support subscriptions and training courses from ForgeRock and from consulting partners around the world and in your area. To contact ForgeRock, send mail to email@example.com, or call +47 21520108. To find a partner in your area, see http://www.forgerock.com/partners.html.