PingDirectory suite of products 10.1.0.3 (May 2025)
Added key and trust manager caching
New DS-49135 PingDirectory, PingDirectoryProxy, PingDataSync
Added the ability to cache key managers and trust managers to prevent loading keystore and truststore files from disk when establishing connections to process requests. Use the enable-key-manager-caching and enable-trust-manager-caching configuration properties to enable or disable caching.
Learn more about key and trust manager caching in Configuring key and trust manager providers.
Fixed a server installation issue with Java 17 and Red Hat
Fixed DS-49716 PingDirectory, PingDirectoryProxy, PingDataSync
Fixed an issue that could prevent installing or running servers using Java 17 or later on Red Hat Enterprise Linux (RHEL) systems when the operating system itself is configured to run in FIPS-compliant mode.
This operating system setting is unrelated to whether the PingDirectory server has been set up to run in FIPS-compliant mode.
Fixed an issue with FIPS compliance and Oracle JDK 17+
Fixed DS-48832 PingDirectory, PingDirectoryProxy, PingDataSync
We’ve fixed an issue where the server wouldn’t install or operate correctly in FIPS-compliant mode with Oracle JDK 17 or later.
Fixed a userRoot issue for server upgrades
Fixed DS-49281 PingDirectory
Fixed an issue that caused some server upgrades to fail. During an upgrade, the update tool added userRoot entries for inverted static group support to the server configuration after the userRoot backend had been removed.
Fixed a server startup issue
Fixed DS-49121 PingDirectory, PingDirectoryProxy, PingDataSync
Fixed an issue that could prevent the server from starting when configured to use a third-party key manager provider created using the Server SDK.
Removed the restart prompt when changing a certificate alias
Fixed DS-45174 PingDirectory, PingDirectoryProxy, PingDataSync
Removed the prompt to restart the LDAP connection handler component after changing the ssl-cert-nickname configuration property because a restart isn’t required.
Fixed an internal error logged at server restart
Fixed DS-49551 PingDirectory
We’ve fixed a null pointer exception error logged when restarting a PingDirectory server configured with Delegated Admin.
Fixed SCIM response errors
Fixed DS-48511 PingDirectory, PingDirectoryProxy
Fixed an issue with inconsistencies in id-attribute values returned in SCIM operation responses. Also, fixed an issue with SCIM GET operations, where a filter used to search for an entry would result in a 404 error.
Fixed a SCIM 2.0 PUT issue with attribute values
Fixed DS-49619 PingDirectory
Fixed an issue where SCIM 2.0 PUT operations involving multivalued complex attributes would incorrectly remove some of the values.
Fixed a SCIM issue with modifying ds-pwp-modifiable-state-json
Fixed DS-49781 PingDirectory
Fixed an issue where SCIM requests that attempted to modify the ds-pwp-modifiable-state-json attribute would fail.
Changed proxy transformation requirements for mapped attributes
Fixed DS-48958 PingDirectoryProxy
Updated the attribute mapping proxy transformation to require that both the source and target attribute types are defined in the local schema.
This change ensures that the server uses the correct logic when interacting with values of those attributes (for example, to identify whether the attribute type is declared as single-valued or multivalued so that it can properly format the values in REST API responses). The server now prevents adding a new instance of this proxy transformation if either of the attribute types isn’t defined in the schema. It also logs a warning message on startup if any existing instance of the transformation references an undefined attribute type.
Removed suppression messages for disabled alerts
Fixed DS-49119 PingDirectory, PingDirectoryProxy, PingDataSync
Fixed an issue where alert types that were disabled would still output suppression messages.