<?xml version="1.0" encoding="UTF-8"?>
|
<!--
|
! CCPL HEADER START
|
!
|
! This work is licensed under the Creative Commons
|
! Attribution-NonCommercial-NoDerivs 3.0 Unported License.
|
! To view a copy of this license, visit
|
! http://creativecommons.org/licenses/by-nc-nd/3.0/
|
! or send a letter to Creative Commons, 444 Castro Street,
|
! Suite 900, Mountain View, California, 94041, USA.
|
!
|
! You can also obtain a copy of the license at
|
! trunk/opendj3/legal-notices/CC-BY-NC-ND.txt.
|
! See the License for the specific language governing permissions
|
! and limitations under the License.
|
!
|
! If applicable, add the following below this CCPL HEADER, with the fields
|
! enclosed by brackets "[]" replaced with your own identifying information:
|
! Portions Copyright [yyyy] [name of copyright owner]
|
!
|
! CCPL HEADER END
|
!
|
! Copyright 2011-2013 ForgeRock AS
|
!
|
-->
|
<chapter xml:id='chap-issues'
|
xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en'
|
xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'
|
xsi:schemaLocation='http://docbook.org/ns/docbook http://docbook.org/xml/5.0/xsd/docbook.xsd'
|
xmlns:xlink='http://www.w3.org/1999/xlink'
|
xmlns:xinclude='http://www.w3.org/2001/XInclude'>
|
<title>OpenDJ Fixes, Limitations, & Known Issues</title>
|
|
<para>This chapter covers the status of key issues and limitations for OpenDJ
|
<?eval ${docTargetVersion}?> and OpenDJ SDK <?eval ${docTargetVersion}?>.
|
For details and information on other issues, see the <link xlink:show="new"
|
xlink:href="https://bugster.forgerock.org/jira/browse/OPENDJ" >OpenDJ issue
|
tracker</link>.</para>
|
|
<section xml:id="fixes">
|
<title>Key Fixes</title>
|
|
<note><!-- TODO: reconsider when 2.4.x is no longer supported. -->
|
<para>OpenDJ 2.6.0 includes important improvements to replication.
|
Replication remains fully compatible with earlier versions. However, some
|
operations that work fine with OpenDJ 2.6.0, such as replicating large
|
groups and replicating high volumes of adds and deletes, can cause
|
issues for earlier versions. Make sure you upgrade all servers to 2.6.0
|
before allowing clients to take advantage of write operations that could
|
cause trouble for older servers.</para>
|
</note>
|
|
<para>The following important bugs were fixed in this release.</para>
|
|
<para>TODO</para><!-- https://github.com/markcraig/release-notes-list-builder -->
|
</section>
|
|
<section xml:id="limitations">
|
<title>Limitations</title>
|
|
<para>Release <?eval ${docTargetVersion}?> has the following
|
limitations.</para>
|
|
<itemizedlist>
|
<listitem>
|
<para>OpenDJ directory server provides full LDAP v3 support, except for
|
alias dereferencing, and limited support for LDAPv2.</para>
|
</listitem>
|
<listitem>
|
<para>When you configure account lockout as part of password policy,
|
OpenDJ locks an account after the specified number of consecutive
|
authentication failures. Account lockout is not transactional across a
|
replication topology, however. Global account lockout occurs as soon as
|
the authentication failure times have been replicated.</para>
|
</listitem>
|
<listitem>
|
<para>OpenDJ is not fully integrated with Microsoft Windows, yet OpenDJ
|
directory server can be run as a service, and thus displayed in the
|
Windows Services Control Panel.</para>
|
</listitem>
|
<listitem>
|
<para>OpenDJ replication is designed to permit an unlimited number
|
of replication servers in your topology. Project testing has, however,
|
focused only on topologies of up to eight replication servers.</para>
|
</listitem>
|
|
<listitem>
|
<para>OpenDJ plugin extensions must follow the guidelines set forth in
|
the <filename>README</filename> file delivered in
|
<filename>opendj/example-plugin.zip</filename>. When developing your
|
extension, aim to remain loosely coupled with any particular version of
|
OpenDJ. Libraries used must be installed in
|
<filename>opendj/lib/extensions/</filename> (or bundle them in your
|
.jar). Keep your configuration separate from the server configuration.
|
Also, unless you are reusing standard schema definitions, keep your
|
schema definitions separate as well.</para>
|
|
<para>This can affect how your extension works after upgrade. In
|
particular <literal>opendj-accountchange-handler-1.0.0</literal> does
|
not work with OpenDJ 2.6.0 after upgrade (<link xlink:show="new"
|
xlink:href="https://bugster.forgerock.org/jira/browse/OPENDJ-991"
|
>OPENDJ-991</link>). See that issue for notes on how make that version
|
of the extension work with OpenDJ 2.6.0.</para>
|
</listitem>
|
|
<!-- This hardware is EOL.
|
<listitem>
|
<para>On Niagara systems such as T2000, hardware SSL crypto acceleration
|
runs more slowly than software crypto acceleration. To work around this
|
issue take the following actions.</para>
|
<orderedlist>
|
<listitem>
|
<para>Add more request handlers to LDAP (for TLS) and LDAPS (for SSL)
|
connection handlers.</para>
|
</listitem>
|
<listitem>
|
<para>Disable hardware acceleration for server's JVM by removing the
|
SunPKCS11 security provider from
|
<filename>jre/lib/security/java.security</filename>.</para>
|
</listitem>
|
</orderedlist>
|
</listitem>
|
-->
|
</itemizedlist>
|
</section>
|
|
<section xml:id="known-issues">
|
<title>Known Issues</title>
|
|
<tip>
|
<para>When deploying for production, make sure that you follow the
|
installation instructions on allowing OpenDJ to use at least 64K (65536)
|
file descriptors, and on tuning the JVM appropriately.</para>
|
</tip>
|
|
<para>The following important issues remained open at the time this release
|
became available.</para>
|
|
<para>TODO</para><!-- https://github.com/markcraig/release-notes-list-builder -->
|
</section>
|
</chapter>
|
