ForgeRock Directory Services version 7.3 has been released. According to the release notes, changes in this release include:
- Improved the efficiency of online replica initialization
- Improved the logic for detecting when a replica has fallen too far behind in replication
- Reduced the amount of memory required for group and entry caching
- Improved the efficiency of encoding and decoding entries containing attributes with large numbers of values
- Added support for monitoring the cost of maintaining an index
- Added a matching rule that can be used to monitor progress when migrating passwords to a new scheme
- Added a warning message when defining an unnecessary presence index for an attribute that has an equality index
- Added a variety of monitoring metrics
- Added support for logging error messages in JSON format
- Improved the efficiency of returning userCertificate values
- Updated the mail attribute type definition to support non-ASCII characters
- Updated the modrate tool to support reading entries before updating them, and to improve support for multivalued attributes
- Moved replication messages to the server error log
- Moved entry cache metrics from “cn=entry cache,cn=monitor” to “cn=entry caches,cn=monitor”
- Addressed an issue that could cause an upgrade to require a full rebuild
- Fixed an error when processing a search involving BigIndex
- Reduced the frequency of change number indexing state logging
- Ignored the max-allowed-client-connections limit in the admin connector
- Fixed an issue when backing up to an S3 bucket in a new region
- Eliminated redundant columns in dsconfig list-replication-domains output
- Fixed an issue in which the replication server could forward changes that had already been applied
- Fixed an issue in which a backup could report an incorrect number of database files
- Added support for serializing information about controls in replication messages
- Fixed an issue that could cause isMemberOf read attempts to block after creating, deleting, or renaming static groups
- Fixed an issue that could cause all worker threads to become blocked by abandon operations
- Fixed an issue in processing an abandon operation during server shutdown
- Fixed an issue that could prevent the server from starting when configured with a subordinate base DN
- Removed the dsrepl –script-friendly argument
- Updated the LoadBalancer availability check to handle bad user bind states
- Fixed an issue in which missing replication server heartbeats were not detected
- Fixed an issue in which the server could fail to check the state of a new replica added to the topology
- Updated the server to revert permissions for the 99-user.ldif schema file on startup
- Fixed an issue in which certain important replication debugging messages were suppressed
- Fixed an issue in which dsrepl status did not take bad data status into account
- Fixed a potential deadlock between overlapping modify DN operations
- Fixed an issue in which dsrepl status could show deleted replication domains
- Improved logging for replication connect errors
- Fixed an issue in which the server could ignore critical VLV controls when processing an unindexed search
- Fixed an issue in which connections to the proxy server incorrectly timed out after 10 seconds
- Fixed an issue that could occur when running searchrate concurrently with modrate
- Fixed an issue with the server incorrectly terminating connections as a result of a missing heartbeat
- Fixed an issue win which supportextract could incorrectly exclude certain key stores
- Fixed an issue in which the LDAP changelog was not properly updated during a replica initialization
- Fixed an issue in which rotation and retention policies were not correctly applied for certain logging
- Fixed an issue in which the replication server could accept connections when its database is unavailable