This chapter covers the status of key issues and limitations for OpenDJ ${docTargetVersion} and OpenDJ SDK ${sdkDocTargetVersion}. For details and information on other issues, see the OpenDJ issue tracker.

OpenDJ 2.6.0 and later maintenance releases include important improvements to replication. Replication remains fully compatible with earlier versions. However, some operations that work fine with the current OpenDJ release, such as replicating large groups and replicating high volumes of adds and deletes, can cause issues for earlier versions. Make sure you upgrade all servers to this version before allowing clients to take advantage of write operations that could cause trouble for older servers. The following important bugs were fixed in this release. OPENDJ-1427: Control-panel reports duplicate ds-sync-hist values for pwdHistory OPENDJ-1354: replication threads BLOCKED in pendingChanges queue OPENDJ-1190: Under rare circumstances the DS replication recovery thread (RSUpdater) can spin OPENDJ-1146: Memory leak on opendj 2.6.0 OPENDJ-1142: OpenDJ setup does not work in Java8 EA - A security class cannot be found in this JVM OPENDJ-452: Manual add of new schema objectclass in 99-user.ldif are not replicated

Release has the following limitations, none of which are new since . OpenDJ directory server provides full LDAP v3 support, except for alias dereferencing, and limited support for LDAPv2. When you configure account lockout as part of password policy, OpenDJ locks an account after the specified number of consecutive authentication failures. Account lockout is not transactional across a replication topology, however. Global account lockout occurs as soon as the authentication failure times have been replicated. OpenDJ is not fully integrated with Microsoft Windows, yet OpenDJ directory server can be run as a service, and thus displayed in the Windows Services Control Panel. OpenDJ replication is designed to permit an unlimited number of replication servers in your topology. Project testing has, however, focused only on topologies of up to eight replication servers. OpenDJ plugin extensions must follow the guidelines set forth in the README file delivered in opendj/example-plugin.zip. When developing your extension, aim to remain loosely coupled with any particular version of OpenDJ. Libraries used must be installed in opendj/lib/extensions/ (or bundle them in your .jar). Keep your configuration separate from the server configuration. Also, unless you are reusing standard schema definitions, keep your schema definitions separate as well. This can affect how your extension works after upgrade. In particular opendj-accountchange-handler-1.0.0 does not work with OpenDJ 2.6.0 after upgrade (OPENDJ-991). See that issue for notes on how make that version of the extension work with OpenDJ 2.6.0.

When deploying for production, make sure that you follow the installation instructions on allowing OpenDJ to use at least 64K (65536) file descriptors, and on tuning the JVM appropriately. The following important issues remained open at the time this release became available. OPENDJ-1586: Nested Groups fail to return indirect members with db's larger than 10 entries OPENDJ-1431: Trimming of draftcndb gets stuck, changelog keeps growing in size OPENDJ-1375: Subtree delete control can wait forever for an id2subtree lock OPENDJ-1358: Backup task logs path in ID field, and ID in path field OPENDJ-1325: An error occurred while attempting to perform index rebuild: The database environment could not be opened: (JE 5.0.73) OPENDJ-1309: First dsreplication enable could warn before replicating schema OPENDJ-1294: ldappasswordmodify -D <DN> -w - fails without prompting password from stdin OPENDJ-1290: Nested backends handles hasSubordinates attribute incorrectly OPENDJ-1239: dsreplication logs warnings for each replication server under cn=monitor OPENDJ-1213: LDIFReader should reject LDIF that contains trailing space OPENDJ-1189: Integer overflow while sizing scratch files building indexes OPENDJ-1172: Deadlock between replication threads during shutdown. OPENDJ-1169: Exception/error lost when logging ERR_LOOP_REPLAYING_OPERATION OPENDJ-1158: rebuild-index leaves backend offline if a backup is running OPENDJ-1151: OpenDJ unable to initialize the SSL context an doesn't start OPENDJ-1138: searchrate throws java.lang.IndexOutOfBoundsException OPENDJ-1131: Rest2LDAP fails to start with GlassFish3.1 OPENDJ-1094: ECL virtual lastChangeNumber attribute can decrement OPENDJ-1087: OpenDJ Console: Validation checks missing OPENDJ-1056: secure listener should not be created if proper keying material is not available for some reason OPENDJ-1051: Upgrade: add task to update lastChangeNumber/firstChangeNumber attributes definition when upgrading from 2.4.x OPENDJ-1043: Worker Thread was interrupted while waiting for new work while shutting down OPENDJ-1016: Control panel does not follow static group recommendation from documentation OPENDJ-1009: CryptoManagerTestCase:testStreamEncryptDecryptSuccess fails OPENDJ-1007: InstallHelper: endless loop, etc. OPENDJ-948: unauthorized disclosure of directory contents OPENDJ-934: Changes to RS window-size property require a server restart OPENDJ-862: Strange ds-privilege-name behavior OPENDJ-810: Non-atomic password state updates OPENDJ-640: Text Query Against indexed telephoneNumber Attribute Very Slow OPENDJ-573: mustChangePassword function makes-up password change state OPENDJ-557: Identical changes recorded in duplicate changelog records OPENDJ-527: rebuild-index --rebuildAll corrupts the indexes for certain data sets OPENDJ-518: Cannot log into the administrative control panel with FIPS-140 enabled in certain cases OPENDJ-505: dsreplication enable fails when hostname contains an underscore OPENDJ-431: Server side sort control only works on result sets of less than 100000 entries OPENDJ-412: Blocked persistent searches may block all worker threads OPENDJ-365: Potential deadlock in JE backend while performing a mix of update operations OPENDJ-270: dsreplication disable takes a long time OPENDJ-49: Replication replay does not take into consideration the server/backend's writability mode.