Friday June 15, 2007

OpenDS 0.9.0-build004 is now available

• Revision 2056 (Issue #1778) -- Fix a problem in which setup appears to hang on Windows with no Windows service configured.
  
  
• Revision 2057 -- Update the QuickSetup UI so that the user can choose whether to run OpenDS as a service when installing on Windows. This makes it possible to avoid updating the Windows service registry (which may be desirable during product evaluation, as well as under other conditions). It also makes it possible to use the server on Windows Vista, as the current service framework is not compatible with Vista.
  
  
• Revision 2058 (Issue #1745) -- Fix a problem that may occur when using the get effective rights control with requested attributes of "*" (all user attributes) and "+" (all operational attributes).
  
  
• Revision 2059 (Issue #1780) -- Fix a problem that was preventing the server from writing messages to the error log. Also, improve performance when logging is disabled.
  
  
• Revision 2062 (Issue #1781) -- Update the password policy so that it uses the correct calculation when determining the length of time that the account will remain locked due to authentication failures (only values reported to clients were inaccurate -- the server enforced the correct lockout duration).
  
  
• Revision 2063 (Issue #1775) -- Fix a problem in which an incorrect database comparator could be used, which could cause entries to be returned in a problematic order (including subordinate entries returned before their parents).
  
  
• Revision 2064 (Issues #1767, 1768) -- Update the filesystem entry cache implementation so that it will default to running in a disabled state if no valid database directory is specified, rather than defaulting to a hard-coded location. Also, eliminate a message about an invalid database checksum that could be displayed the first time the server was started.
  
  
• Revision 2068 (Issue #604) -- Introduce a new operational attribute that can be used to mark entries for which replication conflicts could not be automatically resolved.
  
  
• Revision 2086 -- Upgrade the version of the Berkeley DB Java Edition that we are using from 3.2.21 to 3.2.29. This update primarily includes bug fixes.
  
  
• Revision 2094 (Issue #1779) -- Add support for "+" in the targetattrs element of access control rules. Also, make it possible to use "*" in conjunction with other attributes, like "*||entryUUID" or "*||+".
  
  
• Revision 2107 (Issue #1795) -- Update the server schema processing code so that it will detect the case in which schema configuration files contain more than one entry (or one entry plus other, unparseable data) and log a warning message at server startup.
  
  

Friday June 08, 2007

OpenDS 0.9.0-build003 is now available

• Revision 1997 (Issue #1749) -- Update the way that privileges are evaluated by the server. Previously, they were always evaluated based on the authentication identity. Now, all privileges except proxied-auth are evaluated based on the authorization identity.
  
  
• Revision 2000 (Issue #1760) -- Fix a problem in the access control implementation that could prevent the use of operational attributes in the userattr bind rule.
  
  
• Revision 2001 -- Rename the default error log file name from "error" to "errors" in order to be more consistent with other products.
  
  
• Revision 2002 (Issue #1758) -- Update the server to provide a lockdown mode. This is a mode in which the server will only allow client connections over loopback interfaces, and will reject all requests from non-root users. A task has been added that can allow an administrator to manually enable or disable this mode, and an internal API is available to expose it to other server components.
  
  
• Revision 2004 (issue #609) -- Update the replication mechanism to provide modify conflict resolution for single-valued attributes. This uses a different mechanism than for multi-valued attributes and can allow the server to maintain less historical information for the attribute.
  
  
• Revision 2009 (Issue #1761) -- Fix a problem that could prevent the QuickSetup installer from running properly (especially on Windows systems) if JAVA_HOME is not set.
  
  
• Revision 2010 -- Fix a problem in the error logger that prevented an override severity of "all" from being handled properly.
  
  
• Revision 2011 (Issue #1753) -- Fix a problem on Windows systems where manually running the setup utility where arguments could be incorrectly interpreted.
  
  
• Revision 2017 (Issue #1601) -- Update the QuickSetup and Status Panel tools to improve the way that they handle focus changes between components so that it is easier to interact with these tools using only the keyboard.
  
  
• Revision 2021 (Issue #1616) -- Update the QuickSetup tool so that it will always provide a button that can be used to launch the status panel even if the installation fails.
  
  
• Revision 2024 (Issue #1634) -- Update the GUI tools so that when a text field gets input focus, its text is automatically selected.
  
  
• Revision 2025 (Issue #1764) -- Fix a problem in the replication initialization where it can enter an infinite loop if there is no replication server available.
  
  
• Revision 2026 (Issue #1117) -- Provide an entry cache implementation that is backed by a Berkeley DB JE instance. The backing database can be placed on a tmpfs or other kind of memory-based filesystem to allow for a space-efficient caching mechanism.
  
  
• Revision 2042 (Issue #1750) -- Update the access control handler so that if it encounters any access control rules that cannot be parsed when the server is starting up, they will be logged and the server will be placed in lockdown mode. This will help avoid problems in which an incorrectly-specified access control rule wouldn't be enforced as an administrator intended and inadvertently grant too much access to users.
  
  
• Revision 2045 (Issue #1729) -- Make changes to the server to allow for better integration with the Penrose virtual directory product.
  
  
• Revision 2046 (Issue #1633) -- Ensure that the JMX connection handler is disabled by default. Given that there is currently no way to configure it in the QuickSetup utility, it is better to have it disabled than running, potentially without the administrator knowing about it.
  
  
• Revision 2048 -- Update the global ACI definitions so that they allow read access to the entryUUID operational attribute.
  
  
• Revision 2049 (Issues 660, 1675, 1770) -- Provide a new mechanism for encoding entries. This provides a mechanism for excluding the DN from the encoded entry (which can be helpful for the filesystem entry cache), and also for compressing the object class sets and attribute descriptions to conserve space and improve encode/decode performance.
  
  
• Revision 2050 (Issue #1775) -- Add a virtual attribute provider that can be used to assign entryUUID values for entries in private backends. The entryUUID values for these entries will be based on an MD5 digest of the normalized DN, but this should not present an instability problem because these entries aren't allowed to be renamed.
  
  
• Revision 2051 (Issues #1765, 1776) -- Eliminate the search-unindexed privilege, since the unindexed-search privilege was added to do the same thing. Also, eliminate the index-rebuild privilege and fold all of its functionality into the ldif-import privilege, since having it as a separate privilege didn't add much value and created unnecessary administrative overhead.
  
  
• Revision 2052 -- Update the entry cache initialization process so that a default entry cache is always instantiated before the backends are brought online. This helps avoid problems in backends that attempt to interact with the cache before the full entry cache initialization is complete.
  
  

Monday June 04, 2007

A Comparison of OpenDS and DSEE Functionality

Friday June 01, 2007

OpenDS 0.9.0-build002 is now available

• Revision 1924 -- Add support for trailing arguments in the command-line parser.
  
  
• Revision 1926 (Issue #1606) -- Fix an access control problem that could cause some attributes to be incorrectly excluded from search results. Also, correct a problem with the way that userattr bind rule was interpreted.
  
  
• Revision 1928 (Issue #1621) -- Fix an access control problem that could cause incorrect evaluation for search filters using a NOT component.
  
  
• Revision 1934 (Issue #202) -- Fix a problem that could cause warnings about setting log file permissions on Windows systems.
  
  
• Revision 1951 (Issue #1085) -- Make changes to the synchronization protocol to ensure that it can remain extensible and backward compatible across OpenDS versions.
  
  
• Revision 1953 (Issue #1623) -- Fix a problem that prevented the access control handler from properly applying a target that was equal to the root DSE.
  
  
• Revision 1966 (Issue #1103) -- Add monitor data for replication naming/modify conflicts, including the number of unresolved naming conflicts, the number of resolved naming conflicts, and the number of resolved modify conflicts since startup. This change was contributed by Chris Drake.
  
  
• Revision 1967 (Issue #1561) -- Make sure that all threads are terminated before returning upon disabling a replication domain.
  
  
• Revision 1968 (Issue #1323) -- Fix a problem that could cause error messages on startup with replication enabled due to two replication servers connecting to each other at the same time.
  
  
• Revision 1975 (Issue #1624) -- Fix a string index out of range exception that could be encountered during a replication total update.
  
  
• Revision 1982 (Issue #1620) -- Fix a problem that could cause get effective rights results to be incorrect for the delete and proxy rights.
  
  
• Revision 1984 -- Fix a misplaced quotation mark in the server access log for search operations that included the proxied authorization control.