|
|
|
The following features were added or enhanced in r12 SP5.
CA Directory now supports SHA-2 for hashing operations, following the requirements in the following standard: US NIST FIPS 180-3 (Oct 2008) Secure Hash Standard (SHS) Requirements.
This affects the following tools:
The following attributes must not contain a space character only:
If one of these attributes does contain a space only, any DISP updates will fail.
To help you avoid this problem, DXloaddb now checks the syntax of these attributes for space-only values, and rejects any it finds with an error similar to the following:
Invalid syntax for fax/telephone number Wrong syntax for value " " on line 19
DXloaddb now rejects entries with multiple passwords in the userPassword attribute.
To permit DXloaddb to load an entry with multiple passwords, use the following command:
set enable-nonstandard-behaviour=true;
If your data has an entry with multiple passwords and you upgrade to CA Directory r12 SP5, you will receive an error message similar to the following:
Entry on line 20 contains multiple values for single-valued attribute 'userPassword'
You will need to fix the problem entries before you run DXloaddb.
The pozLocation attribute in the iTechPoz.dxc schema is now of syntax caseIgnoreString, to allow searches to be case insensitive.
It is now possible to prevent adding an entry which has more than one unrelated structural object classes as specified in Section 8.3.2 of X.501 and Section 2.4.2 of RFC4512.
To enforce this, add the following command to your settings:
set check-structural-oc = true;
A multiwrite group can no longer contain LDAP servers only. Each multiwrite group must contain at least one CA Directory DSA.
If a multiwrite group contains only LDAP servers, peer DSAs send updates only to the first LDAP server in the group. It does not pass the updates on to the other LDAP servers.
If you currently have a multiwrite group that contains only LDAP servers, you should make one of the following changes:
When you set up a view, you can add a constant prefix or suffix to search results in a view.
For example, you could add a prefix to search results from a particular source, to help you distinguish these results from results from other sources.
For more information, see Set Up Views in the Administration Guide.
You can now track data store usage using the following SNMP counters:
CA Directory and CA Directory Management are now certified on SLES 11.1 and Windows 7 64-bit.
Note: For more information see Operating System Support.
CA Directory r12 SP5 does not include a new version of the Directory Manager package (which includes DXmanager). It contains a new version of the Directory package only (which includes DXserver).
You can safely upgrade the Directory package without updating Directory Management.
If you are installing for the first time, install the following versions of these packages:
Note: For more information about the installation packages, see Installation Components in the Installation Guide.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |