NetIQ eDirectory 9.2 SP1 resolves several previous issues. Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure our products meet all your needs. You can post feedback in the eDirectory Community Support Forums, our community Web site that also includes product notifications, blogs, and product user groups.
For a full list of all issues resolved in NetIQ eDirectory 9.x, including all patches and service packs, refer to TID 7016794, “History of Issues Resolved in NetIQ eDirectory 9.x”.
For more information about this release and for the latest release notes, see the Documentation Web site. To download this product, see the Product Upgrade Web site.
IMPORTANT:If you are currently on Identity Manager 4.8, you must upgrade Identity Applications to version 4.8.0 HF1 before upgrading eDirectory to 9.2 SP1.
eDirectory 9.2 SP1 provides the following fixes in this release:
In this release, the supported OpenSSL version is 1.0.2t.
In addition to the platforms introduced in previous releases of eDirectory, this release adds support for the following operating system:
SUSE Linux Enterprise Server (SLES) 12 SP5
Red Hat Linux Enterprise (RHEL) 8.1
eDirectory 9.2 SP1 includes the following software fixes that resolve several previous issues:
Issue: eDirectory CEF events are not parsed by the eDirectory Collector due to format mismatch in the Syslog server. (Bug 1147056)
Issue: eDirectory fails to load the CEFAudit module automatically after restarting the server. (Bug 1138656)
Issue: While performing LDAP bind operation for the same user across multiple servers at the same time, the operation might be successful in one server and the synchronization happens to the next replica server immediately. But due to the mismatch in time stamp for the operation in different servers, login might fail displaying -659 error code. (Bug 1155649)
Fix: To fix this issue, set NDSD_CC_SKULK_DELAY environment variable to 5 or greater value. For more information, see Synchronization Method in the eDirectory Administration Guide. If you still get the same error, set NDSD_CC_SKULK_DELAY to 5 or greater along with the newly introduced environment variable NDSD_RETRY_MODIFY to true. For more information, see eDirectory Displays -659 Error Code While Performing LDAP Operations in the Troubleshooting Section of the Administration Guide.
NOTE:eDirectory server should be stopped before setting the NDSD_RETRY_MODIFY environment variable. Restart the eDirectory server once the environment variable is set.
Issue: Performing simultaneous write operations on eDirectory objects fail when performed on multiple replicas. (Bug 1153495)
Issue: Limits imposed by Systemd on the number of eDirectory threads is not removed while upgrading the eDirectory server. (Bug 1157025)
Issue: eDirectory fails to dereference some aliases in case of large search results. (Bug 1157731)
Issue: NDSCONS is unable to load dsrepair.dlm and dstrace.dlm in non-English locale. (Bug 1107101)
Issue: eDirectory memory leak is observed while performing LDAP searches with malformed LDAP requests. (Bug 1160370)
To upgrade to eDirectory 9.2 SP1, you need to be on eDirectory 8.8.8.x or above. For more information on upgrading eDirectory, see the NetIQ eDirectory Installation Guide.
For information about prerequisites, hardware requirements, and supported operating systems, see the NetIQ eDirectory Installation Guide.
To upgrade to eDirectory 9.2 SP1, you need to be on eDirectory 8.8.8.x or 9.0. For more information on upgrading eDirectory, see the NetIQ eDirectory Installation Guide.
NetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact Technical Support.
For the list of the known issues in eDirectory 9.1, refer to the Known Issues section in the respective release notes.
Issue: eDirectory 9.2 encrypts/decrypts user passwords using OpenSSL in FIPS mode. Since DES is disallowed by FIPS 140-2, the operations fail if the tree key used for encryption/decryption is of type DES.
Workaround: You must disable the FIPS mode by specifying 0 for n4u.server.fips_tls in the nds.conf file.
For iManager information, refer to the iManager online documentation.
The NICI Administration Guide is included in the eDirectory documentation page.
For more information on eDirectory issues on Open Enterprise Server (OES), see OES Readme.
For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.netiq.com/company/legal/.
Copyright © 2020 NetIQ Corporation, a Micro Focus company. All Rights Reserved.