The following release notes detail improvements and fixes for RadiantOne v7.3.26.
Improvements
- [VSTS42700]: Improved the logging for the Active Directory password extraction service.
- [VSTS43058]: Added support for logging changes related to backlink attributes (e.g. memberOf) in cn=changelog. This behavior is configurable with a checkbox option on the HDAP store or Persistent Cache.
- [VSTS43071]: Improved the number of snapshot connector's temp files (which start with "fsync" and end with ".tmp" in <RLI_HOME>/temp) that are created by the cluster replication mechanism that are kept. This default amount is 100 files and this is configurable in ZooKeeper /radiantone/v2/v74Cluster/config/http_filesync.conf by adding/editing the #number_fsync_files_to_keep value.
- [VSTS43338]: Improvement to reduce the amount of memory required and CPU usage for persistent cache refreshes while converting dynamic groups to static groups.
- [VSTS43398]: Improved monitoring of the open file descriptor usage by alert, and on logging necessary information whenever the socket cannot be created for incoming connections. This improvement is for Linux systems only.
- [VSTS43734]: Added a new property for ICS changelog connector to determine how the cursor is set during failover.
- [VSTS43469]: Added support for a privileged admin group that is allowed to bypass password policies instead of requiring the user to be a member of the Directory Administrator group which allocated too much privilege.
- [VSTS43538]: Improvements to the Active Directory password capture/filter (.dll) to version the component and improve logging.
- [VSTS43539]: Added an option to exclude changes to the pwdLastLogonTime attribute from cn=changelog, so that the logging is not overwhelmed.
- [VSTS43546]: Improvement to automatically add server certificates for read-only cluster nodes to the client certificate truststore to ensure the node status displays properly on the Main Control Panel -> Dashboard tab.
- [VSTS43765]: Added the com.rli.util.LegacyUtils class to provide access to older APIs from version 7.2 that are no longer publicly available in version 7.3.
- [VSTS43783]: Improvement to add emails-primarytype as a subcategory of the emails attribute when extracting the schema of a SCIMv2 backend service using the scimclient2 custom data source.
- [VSTS44040]: Upgraded to OpenJDK updated to jdk8u345-b01.
- [VSTS44083]: Improvement to the server control panel to disable the certificate viewer if the rli (alias) certificate is not present in the keystore.
- [VSTS43077]: Improved the management of large dynamic group membership associated with backlink attributes. Two configurable properties are allowed at the level of the HDAP or Persistent cache: 1) publish changes to the backlink attribute(s) in the cn=changelog and 2) indicate if async indexing should be used for the backlink attributes.
- [VSTS44176]: Improved the error message displayed in the Global Identity Viewer when the RadiantOne service is not running.
Bug Fixes
- [VSTS41889]: Fixed an issue where the modify/add/delete right-click operations were not working properly with multiple search tabs open on the Main Control Panel -> Directory Browser tab.
- [VSTS42947]: Fixed an issue due to a change in the OpenJDK library, where SSL debugging information about the handshake traffic was not being logged properly in the vds_server.log.
- [VSTS43363]: Fixed an issue where the RadiantOne SAML attribute service was not working when the RadiantOne service was configured to run in FIPS mode.
- [VSTS43404]: Fixed an issue causing the RadiantOne Server Control Panel certificate management and the InstanceManager certificate management to behave differently. Added support to pass a certificate alias when using InstanceManager: -a <alias>. If alias is not given, we will use default rli.
- [VSTS43537]: Fixed an issue where RadiantOne SAML attribute service was not working on the internal SSL connection after hardening the RadiantOne service and disabling the non-SSL ports.
- [VSTS43661]: Fixed an issue where after adding the JDBC driver for a Teradata database, the Teradata schema was not extracted properly due to the includeSynonyms property.
- [VSTS43731]: Fixed an issue seen during a RadiantOne cluster upgrade related to custom authentication provider configurations (pattern1 & pattern2 properties) not properly supported on all nodes.
- [VSTS43740]: Fixed an issue where the value of attribute acilocation was not properly generated after migrating ACI from Novell eDirectory.
- [VSTS43761]: Fixed an issue with converting a data type when virtualizing a database by adding support for sysname data types.
- [VSTS43775]: Fixed an issue where spaces were not supported in the file path for the latest migration tool (2.0.25).
- [VSTS43800]: Fixed an issue where the object class and attribute names were not displayed with the proper case on the LDAP schema configuration page in the Main Control Panel.
- [VSTS43803]: Fixed an issue related to testing the connection to a SCIMv2 backend from the Main Control Panel. By default, the test connection operation will try to get data from the /ServiceProviderConfig endpoint. A different url may be used for the "test connection" operation by adding a "test_connection_url" property to the data source.
- [VSTS43931]: Fixed an issue where inter-cluster replication did not function properly when operational attributes were configured to be hidden.
- [VSTS43953]: Fixed a problem with password policy operational attributes not being cleared in persistent cache due to the filtering excluded attributes behavior for the changelog connector.
- [VSTS44042]: Fixed a problem with PATCH operations for canonical attributes when using the scimclient2 custom data source.
Known Issues
For known issues reported after the release, please see the Radiant Logic Knowledge Base:
https://support.radiantlogic.com/hc/en-us/categories/4412501931540-Known-Issues
v7.3.26 Installers and Update Installers can be downloaded from the following links:
Comments
Please sign in to leave a comment.