NetIQ eDirectory 9.2 SP5 Release Notes

August 2021

NetIQ eDirectory 9.2 SP5 resolves several previous issues. Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure our products meet all your needs. You can post feedback in the eDirectory Community Support Forums, our community Web site that also includes product notifications, blogs, and product user groups.

For a full list of all issues resolved in NetIQ eDirectory 9.x, including all patches and service packs, refer to TID 7016794, “History of Issues Resolved in NetIQ eDirectory 9.x”.

For more information about this release and for the latest release notes, see the Documentation Web site. To download this product, see the Product Upgrade Web site.

1.0 What’s New?

eDirectory 9.2 SP5 provides the following fixes in this release:

1.1 Updates for the eDirectory Docker Containers

We are shipping a preview version of Docker Container-based deployment with eDirectory 9.2 SP5 for customers to use and provide feedback. Customers wishing to deploy in production will be supported only with a Professional Services engagement. For more information, see Deploying eDirectory Using Docker Container in the eDirectory Installation Guide.

1.2 New edirAdmin User Group Created While Installing eDirectory on Linux

From eDirectory 9.2.5 release and onward, the installer creates a new user group called edirAdmin during installation. This user group has access permission to the directories where the data, log, and configuration files are installed. Any user added to this group will have the group permissions assigned to these directories. However, for non-root installation or configuration, this group must be manually created before installing or upgrading eDirectory on the server. After creating the user group, the user must be added to this group to be able to configure eDirectory server instances using his or her individual tarball installation, or by using a binary installation. For more information, see Adding the edirAdmin User Group in the eDirectory Installation Guide.

1.3 Operating System Support

In addition to the operating systems supported in previous versions of eDirectory, this release adds support for the following:

  • SUSE Linux Enterprise Server (SLES) 15 SP3

  • Red Hat Enterprise Linux (RHEL) 8.4

1.4 Fixed Issues

eDirectory 9.2 SP5 includes the following software fixes that resolve several previous issues:

Resolved Security Vulnerability

This version of eDirectory resolves CVE-2021-22532 and CVE-2021-22533.

Discrepancy When Using Microsoft Server 2008 Password Policy Where the Actual Password Violations Exceed the Number of Complexity Violations Set in eDirectory

Fix: This issue was occurring because eDirectory categorized alphabets with diacritical marks as extended ASCII characters. From this release, eDirectory will not consider them as extended characters. (Defect 235445)

High-Valued Attributes Adversely Affecting eDirectory Services Performance

Fix: When any of the two high-valued attributes namely, DirXMLEntitlementResult and oidpInstanceData exceed a certain threshold value, eDirectory now triggers a new DSE_HIGH_VALUED_ATTR(341)event to alert the user. This event is logged into the hvAttr-alert.log file. (Defect 257205)

Broken Links While Searching for Errors in iMonitor

Fix: The links are working correctly.(Defect 235439)

Connection Between eDirectory and Identity Applications Terminates with an Error Code -5875 in ndstrace

Fix: This occurs due to asynchronous requests from the client over SSL connection. This version of eDirectory implements a synchronization mechanism that prevents simultaneous access to SSL connection. (Defect 322019)

Using the NOT Operator "!" in Search Query Does Not Return Correct Results When Searching Nested Groups with NDSD_USE_GROUPMEMBERSHIP_OPTIMIZATION=true

Fix: Searching nested groups using the NOT operator "!" in the search query now displays the result as expected, irrespective of the value set for the NDSD_USE_GROUPMEMBERSHIP_OPTIMIZATION flag. (Defect 329530)

Path for the env_custom Environment File in SystemD Service File Set Incorrectly After Upgrading eDirectory to 9.2.x Version

Fix: In eDirectory 9.2.5 version, the path for the env_custom evironment file is set properly in the service file created for the nds.conf file. (Defect 314445)

2.0 System Requirements

For information about prerequisites, hardware requirements, and supported operating systems, see the NetIQ eDirectory Installation Guide.

3.0 Installing or Upgrading

To upgrade to eDirectory 9.2 SP5, you need to be on eDirectory 8.8.8.x or 9.x. For more information on upgrading eDirectory, see the NetIQ eDirectory Installation Guide.

4.0 Additional Documentation

4.1 iManager

For iManager information, refer to the iManager online documentation.

4.2 Novell International Cryptographic Infrastructure (NICI)

The NICI Administration Guide is included in the eDirectory documentation page.

4.3 eDirectory Issues on Open Enterprise Server

For more information on eDirectory issues on Open Enterprise Server (OES), see OES Readme.

5.0 Legal Notices

For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.netiq.com/company/legal/.

Copyright © 2021 NetIQ Corporation, a Micro Focus company. All Rights Reserved.