eDirectory 8.8.8 Patch 9 supersedes eDirectory 8.8.8 Patch 8.
For the list of all issues resolved in eDirectory 8.8, including all patches, refer to TID 3426981, “History of Issues Resolved in eDirectory 8.8.x”.
For the list of software fixes and enhancements in the previous releases, see eDirectory 8.8.8 Patch 8 Release Notes.
For information about security services that are bundled with eDirectory and other components used with eDirectory, see Section 6.0, Additional Documentation.
eDirectory 8.8.8 Patch 9 includes the following platform updates, enhancements, and fixed issues:
This release introduces the following enhancements:
This release introduces the following two events to monitor login and authenticate session events:
NOTE:To monitor these two events, you need to enable both the XDAS and NMAS Auditing.
The DSE_LOGIN_EX event is mapped to the Create Session event in XDAS, which is used to monitor the login attempts to the eDirectory tree. For more information, see Configuring XDAS Events in the NetIQ eDirectory Administration Guide.
NOTE:eDirectory 8.8 SP8 Patch 9 onwards, DSE_LDAP_CONNECTION event is not available to monitor the Create Session event.
The DSE_AUTHENTICATE event is mapped to the Authenticate Session event in XDAS, which is used to monitor the background authentication in the eDirectory tree. For more information, see For more information, see Configuring XDAS Events in the NetIQ eDirectory Administration Guide.
NOTE:eDirectory 8.8 SP8 Patch 9 onwards, DSE_LDAP_BIND, DSE_LDAP_BINDRESPONSE and DSE_LOGIN events are not available to monitor the Authenticate Session event.
In previous releases, eDirectory allowed you to create indexes only on one attribute based on a value, presence, or a substring index. This release introduces a new option to create and manage value indexes on multiple attributes. This feature helps to perform search operations on multiple attributes much faster. For more information, see Index Manager in the NetIQ eDirectory Administration Guide.
In this release, the Java version has been updated to 1.8.0_112. The patch installer automatically upgrade the Java version. No manual steps are required for this.
In addition to the platforms introduced in previous releases of eDirectory, this release adds support for the following operating system:
RHEL 7.3 (Red Hat Enterprise Linux)
This release includes the following software fixes that resolve several previous issues:
This Service Pack updates eDirectory to resolve the Clickjacking web application vulnerability (Bug 981593).
Issue: Each login attempt to the eDirectory server triggers two events; one event from NMAS and another event from the DS.
Fix: The XDAS event mechanism has been updated to trigger only one event for the login either by NMAS or by DS. The Create Session event is mapped to DSE_LOGIN_EX which is used to monitor the login events now. (Bug 613609)
Issue: eDirectory crashes when an LDAP search is performed using both the paged result control and the server-side sort.
Fix: The LDAP server has been enhanced to handle both the paged results control and the server-side sort control in the same search request. Capability to determine the order in which the two controls are performed has also been added.(Bug 834316)
Issue: Certificates created by the PKI CA contain serial numbers longer than 20 bytes, these do not comply with the RFC 5280.
Fix: PKI CA now generates certificates with serial numbers smaller than 20 bytes.(Bug 934091)
Issue: eDirectory displays the 0xFFFDFE0B error while backing up a restored object.
Fix: This issue is fixed.(Bug 964463)
Issue: eDirectory crashes while performing heavy LDAP operations. This occurs while getting the next reference from a cursor if the block is not read properly while accessing it.
Fix: eDirectory has been upgraded to read the block properly and position the cursor to it before accessing.(Bug 965402)
Issue: eDirectory crashes while searching on an object with multiple naming attribute and the operational attribute name.
Fix: eDirectory has been upgraded to allocate sufficient buffer while reading the RDN from the object.(Bug 969168)
Issue: LDAP searches get delayed because of intermittent long delays.
Fix: eDirectory has been upgraded to handle the LDAP searches without causing any delay.(Bug 981856)
Issue: Socket leaks in eDirectory is noticed when an interface name is used instead of an IP address.
Fix: This patch updates eDirectory not to leak sockets any more.(Bug 987581)
For information about prerequisites for installing eDirectory, see the NetIQ eDirectory 8.8 SP8 Installation Guide.
NOTE:This version of eDirectory supports Identity Manager 4.5 SP4. For more information, see NetIQ Identity Manager 4.5 Service Pack 4 Release Notes.
The installation program provides the ability to upgrade from eDirectory 8.8 SP8 onwards or perform a new installation.
Ensure that you are currently on any one of the following eDirectory versions, before upgrading to eDirectory 8.8.8 Patch 9:
8.8.8 Patch 1
8.8.8 Patch 2
8.8.8 Patch 3
8.8.8 Patch 4
8.8.8 Patch 5
8.8.8 Patch 6
8.8.8 Patch 7
8.8.8 Patch 8
NOTE:If you have eDirectory 8.5.x or 8.6.x, you must first upgrade to eDirectory 8.7.x, then upgrade to eDirectory 8.8 SP8 and later.
For iManager information, refer to the iManager online documentation.
For NMAS information, refer to the eDirectory online documentation page. This documentation is available as a zip file at the end of this page.
For Password Management information, refer to the eDirectory online documentation page. This documentation is available as a zip file at the end of this page.
For Certificate Server information, refer to the eDirectory online documentation page. This documentation is available as a zip file at the end of this page.
For NICI information, refer to the NICI online documentation.
For more information on eDirectory issues on Open Enterprise Server (OES), refer to the OES Readme.
For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.netiq.com/company/legal/.
Copyright © 2016 NetIQ Corporation, a Micro Focus company. All Rights Reserved.