OpenDS 1.0.0-build001 is now available

After last week's release of OpenDS 0.9.0, we've started the push toward the 1.0.0 release, and the first build toward that milestone is now available. Since the 0.9.0 release, we have been primarily focused on fixing bugs as part of our Summer 2007 Bugfest, and this build includes the fix for over 80 bugs of varying severities.

This week's build, OpenDS 1.0.0-build001, is based on revision 2381. The direct link to download the core server is The direct link to download the DSML gateway is

I have also updated the archive that may be used to install OpenDS via Java Web Start. You may launch that using the URL, or visit for more information.

Detailed information about this build is available at Some of the changes that have been incorporated since OpenDS 0.9.0 include:
  • Revision 2238 -- Perform a refactoring of much of the core server to provide the framework that will be needed to support, proxy, distribution, and virtual functionality.

  • Revision 2254 -- Display an "Open" dialog box rather than a "Save" dialog when prompting the user to select the desired directory in the QuickSetup tool.

  • Revision 2255 (Issue #1812) -- Fix a problem in which the server could become blocked if it was configured for replication but none of the replication servers were available.

  • Revision 2257 (Issues #1325, 1850, 1863) -- Provide the ability to create a basic replication environment at install time using the QuickSetup utility. Provide the ability to cancel an installation process midway through, even after potentially making changes to remote servers. Provide better support for merging the QuickSetup and QuickUpgrade functionality into a single tool.

  • Revision 2259 (Issue #577) -- Update the server so that it uses a non-success result for operations that include the LDAP no-op control. This control isn't completely standardized and there is no official result code reserved for it, but we have decided to use the same result code that OpenLDAP uses (result code 16654) until an official result code is assigned.

  • Revision 2260 (Issue #1476) -- Update the SASL ANONYMOUS mechanism handler so that any trace string provided in the client credentials will be included in the access log.

  • Revision 2262 (Issues #1565, 1848) -- Update the LDAP filter processing code so that decoding string filters will be more strict and more correct. This will catch filters that were invalid but previously not rejected.

  • Revision 2263 (Issue #1879) -- Fix potential null pointer exceptions in the replication code finalization on systems with poorly-configured name resolution.

  • Revision 2264 (Issue #670) -- Update the support for access control rules based on the client's IP address to handle IPv6 addresses.

  • Revision 2267 (Issue #1856) -- Use more correct and robust argument parsing for the status utility.

  • Revision 2268 (Issues #1874, 1875) -- Provide better error handling in the replication domain initialization process.

  • Revision 2269 (Issue #1473) -- Fix a problem with inconsistent format checking for the targattrfilters ACI keyword.

  • Revision 2272 (Issue #1876) -- Implement a change in replication that can help improve performance in the case where the flush to the replication server database is a bottleneck.

  • Revision 2274 (Issues #1423, 1839, 1871) -- Eliminate the ConfigurableComponent interface, as it has been replaced by the ConfigurationChangeListener interface and is no longer needed.

  • Revision 2276 (Issue #1836) -- Update the import-ldif utility so that it includes a new "--countRejects" option that can be used to count the number of rejected entries. That value will be used as the exit code, and can be used in scripts to determine if there were any failures during the import.

  • Revision 2277 (Issue #1883) -- Update all of the command-line utilities to ensure that the exit code should always be between 0 and 255. Any value that would have been outside that range will be changed to 255.

  • Revision 2278 (Issues #704, 705, 706, 918, 1901) -- Fix a number of issues related to search filter processing.

  • Revision 2279 (Issue #631) -- Update the password modify extended operation so that it properly sets password policy state attributes that were not previously updated, including last login time if the user provides the current password and it is correct, or the auth failure times if the user provides an incorrect password.

  • Revision 2280 (Issue #1898) -- Fix a potential problem when encountering replication conflicts for an entry that has been deleted.

  • Revision 2282 (Issue #1789) -- Use a more appropriate result code when interacting with the filesystem entry cache if there is a problem with its configuration.

  • Revision 2285 (Issue #1872) -- Use valid OIDs for the historical CSN ordering matching rule and the associated attribute syntax.

  • Revision 2287 (Issue #1632) -- Skip schema checking for replicated operations.

  • Revision 2289 (Issue #874) -- Fix a problem in which the ldifsearch utility always returned the object class attribute even if it should not have been included in the results.

  • Revision 2303 (Issue #1474) -- Use a more user-friendly message for the case in which an LDAP client loses a connection to the Directory Server.

  • Revision 2305 (Issue #1906) -- Update the server to reject requests from LDAPv2 clients if those requests contain controls. Previously, the server would only strip out response controls, but this had the potential to hide problems, and the new behavior is more consistent with that exhibited by DSEE.

  • Revision 2306 (Issue #1907) -- Update the way that the server handles search requests with the virtual list view control to be more forgiving with target ranges that are out of the bounds of the actual result set.

  • Revision 2307 (Issue #1908) -- Update the default access logger so that it will include an attrs="ALL" element in the case that the client did not request any specific attributes to return for a search operation.

  • Revision 2313 (Issue #1403) -- Update the file-based trust manager provider so that it will reject certificates that are expired or not yet valid.

  • Revision 2314 (Issue #1909) -- Update the LDIF reader so that it has the ability to perform syntax validation as well as schema checking. It will honor the ds-cfg-invalid-attribute-syntax-behavior configuration option.

  • Revision 2315 (Issue #1911) -- Update the MakeLDIF tool so that the "random:telephone" tag will generate telephone numbers that include the country code so that they are more compliant with the ITU-T E.123 specification.

  • Revision 2316 (Issue #1231, 1234) -- Update the LDAP and JMX connection handlers so that they attempt to bind a server socket to the configured port for all appropriate addresses during the initialization phase. This should provide a more reliable mechanism for determining whether the connection handler will be allowed to start.

  • Revision 2317 (Issue #1861) -- Update the configuration file handler so that it will report back to clients if a problem occurs while applying a configuration add, delete, or modify after the new configuration has been written to disk.

  • Revision 1423 (Issue #1428) -- Update the import-ldif utility to provide the ability to write skipped entries to a specified file.

  • Revision 2326 -- Update the server to provide a new ds-cfg-strip-syntax-minimum-upper-bound configuration attribute to strip the suggested minimum upper bound from the attribute type syntax OID. This may cause problems with certain APIs (e.g., JNDI).

  • Revision 2334 (Issue #1880) -- Provide better error handling for runtime exceptions encountered during the JMX connection handler.

  • Revision 2337 (Issues #1861, 1932, 1936, 1937) -- Fix a set of problems with the configuration interface in which insufficient validation was performed when applying configuration changes.

  • Revision 2338 (Issue #1368) -- Update the Berkeley DB Java Edition backend to ensure that the matched DN component of the request is set when appropriate.

  • Revision 2340 (Issue #1462) -- Fix a problem that could cause a deadlock in the server when performing a subtree delete operation.

  • Revision 2342 (Issue #1899) -- Update the configuration for the Berkeley DB Java Edition backend to ensure that it will require a valid value for the database logging level.

  • Revision 2345 (Issue #987) -- Update all of the tools provided with OpenDS to make them easier to invoke programmatically.

  • Revision 2346 (Issue #1957) -- Change the log level for many of the messages generated by the import-ldif utility to reduce the amount of output generated by default.

  • Revision 2348 (Issue #1238) -- Update the server's DIGEST-MD5 SASL mechanism handler so that it provides the ability to process the digest-uri element of the request if a value is provided for the ds-cfg-server-fqdn configuration attribute.

  • Revision 2351 (Issue #1321) -- Update the access and audit logging systems to provide a way to control whether synchronization messages should be logged. If they are (which is the default configuration), then those messages will be noted with a "type=synchronization" flag.

  • Revision 2354 (Issue #1916) -- Fix the manage-account tool to use the correct underlying Java class.

  • Revision 2355 -- Fix a problem with the way that the server encoded the "reverse order" flag in the server-side sort control.

  • Revision 2359 (Issue #1972) -- Update the bind processing code so that the "bind in progress" flag will not be incorrectly unset between stages of a multi-stage SASL bind.

  • Revision 2363 (Issue #1810) -- Update the password policy configuration to support a new ds-cfg-state-update-failure-policy that can make it possible to configure whether an otherwise successful bind operation should fail if a problem occurs while attempting to update the password policy state information for the user.

  • Revision 2364 (Issues #1588, 1589) -- Improve the locking code used for server entry cache implementations to simplify the code and eliminate the potential for returning a stale entry.

  • Revision 2365 (Issue #1974) -- Fix a problem that prevented attribute syntaxes and matching rules from being notified of configuration changes.

  • Revision 2368 (Issue #1217) -- Update the JMX connection handler to ensure that any client connecting to the server using JMX will be required to have the jmx-read privilege. The jmx-notify privilege has been deprecated, as Java does not provide a reliable mechanism for trapping client registration to receive notifications.

  • Revision 2373 (Issue #1895) -- Fix a problem in which total update initialization did not work properly with environments containing three servers that are also replication servers.

  • Revision 2377 (Issue #614) -- Update the LDAP connection handler to eliminate the possibility of a race condition if a client sent a second request with the same message ID as the first request while the server was still performing post-response processing for the first operation.


Post a Comment:
Comments are closed for this entry.



Top Tags
« July 2016