Ping Identity Directory Server version 9.2.0.0 has just been released. I wrote about this release in detail on my personal blog, but here’s a summary of the changes:

• Removed support for incremental backups
• Updated the Groovy language version from 2.x to 3.x
• Added support for Java 17
• Added support for accessing external services through an HTTP proxy server
• Added a Prometheus monitoring servlet extension
• Added support for authenticating to Amazon AWS using an IRSA role
• Added support for generating digital signatures with encryption settings definitions
• Updated replace-certificate when running in interactive mode so that it can re-prompt for a certificate file if the initial file existed but did not contain valid certificate data
• Improved support for data security auditors
• Added new secure, connectioncriteria, and requestcriteria access control keywords
• Added support for defining resource limits for unauthenticated clients
• Added Argon2i, Argon2d, and Argon2id password storage schemes to supplement the existing Argon2 scheme
• Changed the default value of the replication-purge-obsolete-replicas global configuration property from false to true
• Updated migrate-ldap-schema to support migrating attribute type definitions from Active Directory in spite of their non-standards-compliant format
• Improved the usage text for the dsreplication enable command
• Exposed the maximum-attributes-per-add-request and maximum-modifications-per-modify-request properties in the global configuration
• Added support for synchronizing to SCIMv2 destinations
• Added a sync-pipe-view tool that can display information about the set of sync pipes configured in the server
• Added sync pipe monitor attributes related to account password policy state when synchronizing to a Ping Identity Directory Server
• Fixed an issue that could cause replication protocol messages to be dropped, potentially resulting in paused replication
• Fixed an issue in which a timeout could prevent adding servers to a large topology
• Fixed an issue in which an unexpected error could cause a replication server to stop accepting new connections
• Fixed an issue that prevented resource limits from being set properly for the topology administrator
• Fixed an issue in which the dsreplication tool incorrectly handled DNs in a case-sensitive manner
• Fixed an issue that could cause dsreplication enable to fail if there were any topology administrators without passwords
• Fixed an issue that could cause a configured idle timeout to interfere with replica initialization
• Fixed an issue that could prevent the server from generating an administrative alert when clearing an alarm that triggered an alert when it was originally raised
• Fixed an issue that could cause degraded performance to a PingOne sync destination
• Fixed an issue that could prevent users from changing their own passwords with the password modify extended operation if their account was in a “must change password” state and the request passed through the Directory Proxy Server
• Fixed an issue in which dsconfig would always attempt to use simple authentication when applying changes to servers in a group, regardless of the type of authentication used when launching dsconfig
• Fixed an issue that could cause certain kinds of Directory REST API requests to fail if they included the uniqueness request control
• Fixed an issue in which an unclean shutdown could cause the server to create exploded index databases
• Disabled the index cursor entry limit by default, which could cause certain types of indexed searches to be considered unindexed
• Fixed an issue that could adversely affect performance in servers with a large number of virtual static groups