ForgeRock Directory Services version 7.2 has been released. According to the release notes, changes in this release include:
- Updated setup so that it now requires a –deploymentId argument
- Added support for big indexes, which are optimized for very large result sets
- Added support for Argon2 password encoding
- Added support for backing up to AWS S3 using temporary credentials
- Reduced startup time with large numbers of groups
- Added support for Java 17
- Added support for template-based virtual attributes
- Added support for DN pattern matching
- Fixed an issue that could prevent the server from shutting down
- Fixed an issue that could prevent the server from starting in a non-US locale
- Fixed a potential deadlock in changelog purging
- Fixed an issue that could prevent changelog files from being closed
- Removed the lookthrough-limit configuration property
- Replaced the cursor-entry-limit property with a max-candidate-set-size property
- Added support for the HAProxy proxy protocol
- Updated the server to log SSL exceptions as errors rather than warnings
- Added an administrative alert when a backup completes
- Improved search optimization for unresolved conflicts
- Improved search optimization for initial substrings
- Improved keepalive support for proxy connections
- Added a tool to generate a bash completion script for included commands
- Added improved monitoring of index usage
- Added support for histogram metrics in monitoring
- Updated monitoring to consider replication threads/li>
- Exposed monitoring output over HTTP even if some backends are offline
- Added an entrySize field in access log messages
- Updated the server to warn if it detects that an external service is attempting to unexpectedly manage rotation and retention
- Improved efficiency of validating PKCS5S2-encoded passwords
- Improved efficiency of generating ETag values
- Improved efficiency of rebuild-index when rebuilding specific indexes
- Improved efficiency of rebuild-index when rebuilding degraded indexes but there are no such indexes
- Added a dskeymgr show-deployment-id command
- Updated the dsrepl status –showReplicas command to include an entry count
- Updated the supportextract command to collect additional system information
- Updated the supportextract command to attempt to exclude environment variables that may represent passwords
- Updated the REST to LDAP gateway to add an estimate of the total paged results for indexed searches
- Updated the REST to LDAP gateway to add support for simplifying search filters
- Updated the REST to LDAP gateway to make it possible to request the number of matches without actually retrieving the corresponding entries
- Updated the REST to LDAP gateway to improve use of JSON data types when converting from LDAP attribute values
- Updated the REST to LDAP gateway to use a replace modification when updating the value of a single-valued attribute
- Improved monitoring support for the REST to LDAP gateway
- Improved debugsearchindex output
- Improved schema compatibility with the RFC 2307bis draft
- Improved consistency of config file archives
- Fixed an issue in which upgrade did not properly migrate JE configuration properties
- Fixed a potential out-of-memory error when attempting a subtree delete
- Fixed an issue in which the LDIF backend could silently reject entries that fail schema validation
- Fixed an issue that could interfere with exporting a backend when an expected database does not exist
- Fixed an issue that could case the process of listing or restoring a cloud backup to be slow
- Fixed an issue that could cause dsconfig to exit when setting the bootstrap-replication-server property
- Fixed a setup issue that may arise when providing a trust store password file
- Fixed an issue that could prevent creating VLV indexes with a baseObject scope
- Fixed a makeldif issue when attempting to use a DateTime tag with colons
- Fixed an issue in which some dsbackup global arguments were not valid for some subcommands