NetIQ eDirectory 9.2 Service Pack 6 Release Notes

February 2022

NetIQ eDirectory 9.2 SP6 resolves several previous issues. Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure our products meet all your needs. You can post feedback in the eDirectory Community Support Forums, our community Web site that also includes product notifications, blogs, and product user groups.

For a full list of all issues resolved in NetIQ eDirectory 9.x, including all patches and service packs, refer to TID 7016794, “History of Issues Resolved in NetIQ eDirectory 9.x”.

For more information about this release and for the latest release notes, see the Documentation Web site. To download this product, see the Product Upgrade Web site.

1.0 What’s New?

eDirectory 9.2 SP6 provides the following key features, enhancements, and fixes in this release:

1.1 New Features

eDirectory 9.2 SP6 adds support for eDirectory Container deployment on Microsoft Azure container instance. The deployment process is simple and time efficient. The eDirectory container is pushed into the registry as Docker image that is self-contained and capable of running on its own. For more information, see Deploying eDirectory Container on Microsoft Azure Container Instance in the NetIQ eDirectory Installation Guide.

1.2 Updates for Dependent Components

This release adds support for the following third-party components:

  • OpenSSL 1.0.2za

  • OpenLDAP SDK 2.4.59

1.3 Operating System Support

In addition to the operating systems supported in previous versions of eDirectory, this release adds support for the following:

  • Red Hat Enterprise Linux (RHEL) 8.5

  • Windows Server 2022

1.4 What’s Deprecated for Removal?

Novell Audit Platform Agent is deprecated as of eDirectory 9.2 SP6 version. NetIQ recommends that you move to CEF module for auditing services. For more information, see Auditing with CEF in the NetIQ eDirectory Administration Guide.

1.5 Fixed Issues

eDirectory 9.2 SP6 includes the following software fixes that resolve several previous issues:

Resolved Security Vulnerabilities

This version of eDirectory resolves the following Common Vulnerabilities and Exposures (CVE):

  • CVE-2021-38131

  • CVE-2021-38132

  • CVE-2021-38133

  • CVE-2021-38135

Unable to Modify Dynamic Groups When the memberQueryURL has an Invalid base DN

Fix: There is a new boolean flag that is set based on the base DN resolution. If the base DN resolution fails during dynamic group evaluation, the flag is set to true and the NDS error: returning partial results (-6016) is not displayed. As a result, dynamic groups can be modified to remove invalid base DN from memberQueryURL. (Defect 234857)

pre_ndsd_stop_custom Script Missing From eDirectory Installed on SLES 12 Platform

Fix: This release onward, when eDirectory is installed on SLES 12 platform, the pre_ndsd_stop_custom script is created in the /opt/novell/eDirectory/sbin directory during eDirectory configuration. (Defect 236026)

Duplicate Messages Filling Up the ndsd.log Log File on Non-DSfW Server

Fix: The dependency on the libxadsdk.so.2.0.0 and libxadnds.so.2.0.0 libraries has been removed. As a result, when starting ndsd services or configuring Domain Services for Windows (DSfW) on a non-DSfW server, eDirectory no longer displays the following message in the ndsd.log file: Method load failed: libxadnds.so.2: cannot open shared object file: No such file or directory. (Defect 237032)

eDirectory Crashes When a Dynamic Group Contains an Invalid memberQueryURL Attribute

Fix: A ldap search on dynamic groups with an invalid memberQueryURL attribute will no longer lead to eDirectory to crash. A check is added to validate whether the attribute value added to dynamicGroup object during the collection of dynamic group information is correct. If the syntax is incorrect, the error -613 INVALID SYNTAX will be reported. (Bug 325131)

eDirectory Crashed in te_free

Fix: This issue is now resolved. eDirectory no longer crashes in te_free. (Bug 314114)

-699 FATAL Error Occasionally Reported During Synchronization Operation

Fix: During the synchronization process, a check is now introduced to skip the replica root ID check if it is a partition root data. As a result, the -699 FATAL error is no longer reported and synchronization functionality works as expected. (Bug 316167)

LDAP Searches on Trees with Nested Groups Takes a Long Time to Respond, Resulting in High CPU Utilization

Fix: The ldapsearch has been updated. There is no longer a delay in response when searching eDirectory trees with many nested groups, even if the groupmember index is enabled. (Defect 367118)

2.0 System Requirements

For information about prerequisites, hardware requirements, and supported operating systems, see the NetIQ eDirectory Installation Guide.

3.0 Installing or Upgrading

To upgrade to eDirectory 9.2 SP6, you need to be on eDirectory 8.8.8.x or 9.x. For more information on upgrading eDirectory, see the NetIQ eDirectory Installation Guide.

4.0 Known Issues

NetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. There are no new issues other than the issues mentioned in the NetIQ eDirectory 9.2 SP5 Release Notes. If you need further assistance with any issue, please contact Technical Support.

5.0 Additional Documentation

5.1 iManager

For iManager information, refer to the iManager online documentation.

5.2 Novell International Cryptographic Infrastructure (NICI)

The NICI Administration Guide is included in the eDirectory documentation page.

5.3 eDirectory Issues on Open Enterprise Server

For more information on eDirectory issues on Open Enterprise Server (OES), see OES Readme.