Child pages
  • OpenDJ 2.4.3 Release Notes
Skip to end of metadata
Go to start of metadata

OpenDJ is an LDAPv3 compliant directory service, developed for the Java platform, providing a high performance, highly available, and secure store for the identities managed by your organization. Its easy installation process, combined with the power of the Java platform makes OpenDJ the simplest, fastest directory to deploy and manage.

You can download OpenDJ software from the OpenDJ download page. OpenDJ is free to download, evaluate, and use. You can even check out and modify the source code to build your own version if you prefer.

These release notes are written for everyone working with the OpenDJ 2.4.3 release. Read these notes before you install or upgrade OpenDJ software. These notes cover hardware and software prerequisites for installing and upgrading OpenDJ software. These notes list key features added and changed in this release. They also cover compatibility with previous releases and alert you to potential changes coming up that could affect your scripts and applications. Finally, these notes list both issues fixed since the previous release and known issues open at the time of release.

See the OpenDJ Installation Guide for more after you read these release notes. The installation guide covers installation and upgrade for OpenDJ directory server and OpenDJ DSML gateway. If you're planning to upgrade from OpenDJ 2.4.0 or OpenDS 2.2, make sure you run the script as described in the "Before you upgrade" section of the OpenDJ Installation Guide .

What's New In OpenDJ 2.4.3

Compared to the OpenDJ 2.4.2, OpenDJ 2.4.3 fixes a number of issues. OpenDJ 2.4.3 is an update release that does not include additional features.

OpenDJ Compatibility

This chapter covers both major changes to existing functionality, and also deprecated and removed functionality.

Major changes to existing functionality


Deprecated functionality

No functionality is deprecated in OpenDJ 2.4.3.

No functionality is planned to be deprecated at this time.

Removed functionality

No functionality has been removed in OpenDJ 2.4.3.

No functionality is planned to be removed at this time.

OpenDJ Fixes, Limitations, and Known Issues

OpenDJ issues are tracked at This chapter covers the status of key issues at release 2.4.3.

Fixes since last release

The following issues were fixed since release 2.4.2.

  • OPENDJ-57: ECL: lastChangeNumber and firstChangeNumber reset to zero when the changelog is purged to empty
  • OPENDJ-67: Investigate ECL change number consistency across replications servers which have been subjected to different purging policies
  • OPENDJ-130: External change log, used in compliance with Internet-draft, shows a divergence between replicas under load.
  • OPENDJ-142: Message.raw() with treats first arg as format string even when there are no format arguments
  • OPENDJ-164: Upgrade 2.4 branch to JE 4.1.10 due to serious bug in JE 4.1.7
  • OPENDJ-170: External ChangeLog returns the Cookie Control even when not requested
  • OPENDJ-171: OpenDJ does not support a NULL ChangeLog Cookie value
  • OPENDJ-172: External ChangeLog Cookie varies when searching with an empty cookie. Cookie should be reproducible.
  • OPENDJ-173: External ChangeLog cookies content is altered by Change purging and prevents from continuing search with a previous returned cookie.
  • OPENDJ-179: Add Maven build infrastructure for OpenDJ trunk and 2.4 branch
  • OPENDJ-184: Transient errors when accessing cn=changelog DraftCN DB result in complete shutdown of the replication service.


Release 2.4.3 has the following limitations, none of which are new since 2.4.0.

  • OpenDJ directory server provides full LDAP v3 support, except for alias dereferencing, and limited support for LDAPv2.
  • When you configure account lockout as part of password policy, OpenDJ locks an account after the specified number of consecutive authentication failures. Account lockout is not transactional across a replication topology, however.
  • OpenDJ is not fully integrated with Microsoft Windows, yet OpenDJ directory server can be run as a service, and thus displayed in the Windows Services Control Panel.
  • OpenDJ replication is designed to permit an unlimited number of replication servers in your topology. Project testing has, however, focused only on topologies of up to eight replication servers.

Known issues

The following issues remained open at the time release 2.4.3 became available.

  • IcedTea-618: Currently OpenDJ does not work properly with OpenJDK 6 on Linux distributions. If you deploy on Linux, use the Sun JRE for now.
  • OPENDJ-68: On T2000 systems, hardware SSL crypto acceleration is slower than software. To work around this issue: 1) add more request handlers to LDAP (for TLS) and LDAPS (for SSL) connection handlers; 2) disable hardware acceleration for server's JVM by removing the SunPKCS11 security provider from jre/lib/security/
  • OPENDJ-88: Online backup of cn=config does not work
  • OPENDJ-98: Searches on cn=monitor take a long time
  • OPENDJ-109: jar files that are put into $OPENDJ_ROOT/lib/extensions are not visible in classpath
  • OPENDJ-136: On Windows, upgrade fails with NPE during Verify phase
  • OPENDN-137: Registering OpenDJ as a Windows Service is not recommended.

New known issues since 2.4.2:

  • OPENDN-145: Upgrade hangs if the OpenDJ is running and properties files is used.

Furthermore when deploying for production, make sure that you follow the installation instructions on allowing OpenDJ to use at least 64K (65536) file descriptors, tuning the JVM appropriately, and increasing database cache size from the default of 10%.

For the latest status, query the OpenDJ bug database online at

Tested Operating Systems and Application Servers

OpenDJ software depends on the Java environment more than it depends on the underlying operating systems.

That said, OpenDJ 2.4.3 has been validated on the following operating systems.

  • Apple Mac OS X 10.6
  • Linux 2.6
  • Microsoft Windows 7
  • Oracle Solaris 10

OpenDJ 2.4.3 DSML gateway has been validated on Apache Tomcat 6.

Available Locales

OpenDJ administrative tools and log messages have been translated into the following languages.

  • French
  • German
  • Japanese
  • Simplified Chinese
  • Spanish

Several messages are also translated into Catalan, Korean, Polish and Traditional Chinese.

Note - Certain SEVERE and FATAL error messages are displayed in English only.

How to Report Problems and Provide Feedback

If you have questions regarding OpenDJ which are not answered by the documentation or here in the wiki, there is a mailing list which can be found at where you are likely to find an answer.

If you have found issues or reproducible bugs within OpenDJ 2.4.3, report them in

When requesting help with a problem, please include the following information:

  • Description of the problem, including when the problem occurs and its impact on your operation
  • Machine type, operating system version, web container and version, JDK version, and OpenDJ release version, including any patches or other software that might be affecting the problem
  • Steps to reproduce the problem
  • Any error logs or core dumps


You can purchase OpenDJ support subscriptions and training courses from ForgeRock and from consulting partners around the world and in your area. To contact ForgeRock, send mail to, or call +47 21520108. To find a partner in your area, see

  • No labels