- Issued:
- 2009-04-29
- Updated:
- 2009-04-29
RHEA-2009:0455 - Product Enhancement Advisory
Synopsis
Red Hat Directory Server enhancement update
Type/Severity
Product Enhancement Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Enhanced Red Hat Directory Server and related packages are now available.
Description
Red Hat Directory Server is an LDAPv3-compliant directory server. The
redhat-ds-base package includes the LDAP server and command line utilities
for server administration.
These updated Red Hat Directory Server packages have many new features:
- Added SASL Kerberos and Start TLS support for server connections,
including replication, chaining, Windows synchronization, and pass-through
authentication. Configuration attributes have been added or expanded to
enable the new server connection types.
- Added supported for Unix sockets (LDAPI) and autobind. With this update,
Directory Server's LDAP operations can run over Unix sockets. Enabling
LDAPI also allows the Directory Server to use autobind to authenticate
logged in Unix users to the Directory Server automatically, based on
their Unix credentials.
- Added the Distributed Numeric Assignment Plug-in to automatically manage
and assign number values for attributes. This also simplifies number range
management for multimaster replication.
- Added the MemberOf Plug-in and entry attributes to reflect group
membership in user entries automatically. Group membership is defined in
the group entry itself. The MemberOf Plug-in adds and manages a new
attribute, memberOf, on user entries so that user entries show all of the
groups to which the user is a member.
- Enabled dynamic schema reloads. Custom schema files can be added to an
instance and loaded on the fly by running a schema reload task or a new
schema reload script.
- Created two new cn=tasks entries for schema reload and memberOf tasks.
Each task has its own entry under the cn=tasks,cn=config
configuration entry in the server's DSE. A new task entry can be added,
with task-specific attributes, to initiate the task. As soon as the task
is completed, the task entry is removed.
- Enhanced the Get Effective Rights extended operation to allow options
for non-existent and operational attributes. A get effective rights
search returns the access permissions that one directory user has to a
directory entry or entries. This update adds additional flags to return
the rights for non-existent attributes and operational attributes for
the entry.
- Supports 64-bit integers for performance counters, even on 32-bit
systems. Several server, database, and SNMP counters had upper range
restrictions of 32-bit integers, but these could cycle too quickly for
accurate statistics monitoring on high-performance systems. Additionally, a
new configuration attribute was added to turn counters off and on.
- Added a new parameter to set the frequency that the Directory Servers
sends synchronization updates to an Active Directory sync peer.
- Added a new parameter to enable or disable unauthenticated binds. It is
possible for a users to attempt to bind to the directory using a username
but without giving a password. The server previously allowed that
unauthenticated bind to continue as an anonymous bind. The new parameter
allows administrators to set whether to allow anonymous access or cause
the bind attempt to fail.
These packages also contain many bug fixes for major features in Red Hat
Directory Server, including replication, synchronization, setup and
migration, command-line tools, the Java console, the admin server, and
password policy.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.
Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
Affected Products
- Red Hat Directory Server 8 x86_64
- Red Hat Directory Server 8 i386
Fixes
(none)CVEs
(none)
References
(none)
Red Hat Directory Server 8
SRPM | |
---|---|
adminutil-1.1.8-2.el5dsrv.src.rpm | SHA-256: 8be067d2be5ad8950c67c0206d37b0685c070836d727bf4ee60511cde0720b40 |
idm-console-framework-1.1.3-9.el5idm.src.rpm | SHA-256: 5f85700cefaf0423495441a00634b02b4fe4b9a303a9c368bc90f45a33226ddd |
jss-4.2.5-1.el5idm.src.rpm | SHA-256: e68c0db6d85a40cb4d9284e6c0c1ad07002babf4369e39b281a3153124b833e5 |
redhat-admin-console-8.1.0-2.el5dsrv.src.rpm | SHA-256: 31fb4497d295a49c2dddb7a87e92e26ca0e771609ef1cf732e9674d635f8443a |
redhat-ds-8.1.0-1.el5dsrv.src.rpm | SHA-256: 5618c95c0d89acfd3f8cc72b5663a1491499dea51211248dc33dba8e26e90818 |
redhat-ds-admin-8.1.0-9.el5dsrv.src.rpm | SHA-256: 7aaf46e60929f68a9e81331e465258ec8aee70d51cbf4ba13abddc97b73c0a95 |
redhat-ds-base-8.1.0-0.14.el5dsrv.src.rpm | SHA-256: bd4dd4fefb78444e7126a58385208dbbc7b2fddb5689351374e43e46dad3edca |
redhat-ds-console-8.1.0-5.el5dsrv.src.rpm | SHA-256: 9a85b146f39875f163ac525f7970d8609595bdb8e68d9d5df4acd341fb376904 |
redhat-idm-console-1.0.1-1.el5idm.src.rpm | SHA-256: b854ea339c94a6a3749e4d8d11d62b70b99b64ff67cfcfff4ef956940dd6635c |
x86_64 | |
adminutil-1.1.8-2.el5dsrv.x86_64.rpm | SHA-256: 8b21f40f9b023f934915463d6c88d3724d52ff880e8eec0bdb2d11ea4b7ece33 |
adminutil-devel-1.1.8-2.el5dsrv.x86_64.rpm | SHA-256: 00c6769b3fdb58d6d13aeb6cb9c25a6a21b424c5600fc3e2573e8bf8aac017a0 |
idm-console-framework-1.1.3-9.el5idm.noarch.rpm | SHA-256: 2c9e85a0edc55ad4aa9f83b19c1dff052fcd7dbacef32b0e0139fbb99bdd4121 |
jss-4.2.5-1.el5idm.x86_64.rpm | SHA-256: b67fbbbf66a241a8667fae1ed0a93192ae83adb71b71bb8585a1bb5cf76d4636 |
redhat-admin-console-8.1.0-2.el5dsrv.noarch.rpm | SHA-256: ea910a7eebab61462163593d9a42a1e6d4ebd1c62554835769bd131b4dea0530 |
redhat-ds-8.1.0-1.el5dsrv.x86_64.rpm | SHA-256: 1a86b190d833df29a0050d68b7df24f2bf97c66901ff06fa2709ae4d77fdd62a |
redhat-ds-admin-8.1.0-9.el5dsrv.x86_64.rpm | SHA-256: adb89014b4cfdf75fd978369775add8956d4d2ff0f7ad28d2972706434accd1a |
redhat-ds-base-8.1.0-0.14.el5dsrv.x86_64.rpm | SHA-256: 561b807be4aa8daec2cebf5ba2b17953ff40e81cfd8f06f3f0713dc66891dc00 |
redhat-ds-base-devel-8.1.0-0.14.el5dsrv.x86_64.rpm | SHA-256: 7fc38a09dc7c1a72638730f9553b2c3c1833786e90a259d90d1a6a035cea7ccf |
redhat-ds-console-8.1.0-5.el5dsrv.noarch.rpm | SHA-256: 1a834d800db2580add7c5be0d5114ea4a99e21296d15b12c6f753a2935aac7f3 |
redhat-idm-console-1.0.1-1.el5idm.x86_64.rpm | SHA-256: 880ba0165cdd774142456ee191665f6621d1c78a49044ba5f93e97ad71f50592 |
i386 | |
adminutil-1.1.8-2.el5dsrv.i386.rpm | SHA-256: 08cdf71d188b3911536ef0a6172c756aaa77884040e8311f1fdc2420c13bb264 |
adminutil-devel-1.1.8-2.el5dsrv.i386.rpm | SHA-256: 3c0c3e8dd9427f59762c23bc8217a6e10bd63093ef002690fc24a780ee0a2686 |
idm-console-framework-1.1.3-9.el5idm.noarch.rpm | SHA-256: 2c9e85a0edc55ad4aa9f83b19c1dff052fcd7dbacef32b0e0139fbb99bdd4121 |
jss-4.2.5-1.el5idm.i386.rpm | SHA-256: 0ced9fa3f978ef442eeec9a411c393a0bc7d691cec8803427338eeab78514f87 |
redhat-admin-console-8.1.0-2.el5dsrv.noarch.rpm | SHA-256: ea910a7eebab61462163593d9a42a1e6d4ebd1c62554835769bd131b4dea0530 |
redhat-ds-8.1.0-1.el5dsrv.i386.rpm | SHA-256: 7ee51b986ab2948a9d4b2dc07145d5745e9fcecb6d72ae1df6ab03a53fe5046c |
redhat-ds-admin-8.1.0-9.el5dsrv.i386.rpm | SHA-256: eed86b23a5f81e07f4ab1c0e7529e01c1a636251163e5eda5fd4f8d1dd382e10 |
redhat-ds-base-8.1.0-0.14.el5dsrv.i386.rpm | SHA-256: 07e13355c36e3f42b3eeb08e4ee6ec14f7d850d3d12cb710ef703028948f745c |
redhat-ds-base-devel-8.1.0-0.14.el5dsrv.i386.rpm | SHA-256: 46e5bf9cdd75e80395b6089a8c4fe3cfe2b3a951e6be8e549bbb69e64244cdb9 |
redhat-ds-console-8.1.0-5.el5dsrv.noarch.rpm | SHA-256: 1a834d800db2580add7c5be0d5114ea4a99e21296d15b12c6f753a2935aac7f3 |
redhat-idm-console-1.0.1-1.el5idm.i386.rpm | SHA-256: 3e040144114afc8194eab02c973531cff11649300a5e2e81f4bd68b59b393190 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.