PingDS release notes

Removed

The functionality listed here has been removed.

DS 8.0

  • Support for Java versions prior to 21 has been removed.

  • The DS REST to LDAP endpoints, configuration, and gateway have been removed.

    The DSML gateway has also been removed.

    For HTTP access to directory data, use HDAP instead.

  • The JMX connection handler has been removed.

  • The rehash-policy: always setting for Bcrypt and PBKDF2-based password policies has been removed.

    The rehash-policy can now be set to never (default), only-decrease, or only-increase.

  • Support has been removed for CSV, Elasticsearch, JDBC, JMS, Splunk, and Syslog access logs.

    As a result, the following log publishers have been removed:

    • CsvFileAccessLogPublisher

    • CsvFileHttpAccessLogPublisher

    Elasticsearch and Splunk have native or third-party tools to collect, transform, and route logs. Learn more in Third-party software.

  • Support has been removed for the /admin and /metrics/api endpoints.

  • With the updates to change number indexing, the dsrepl reset-change-number command has been removed.

    The following metrics have also been removed:

    LDAP:

    • ds-mon-indexing-state

    • ds-mon-purge-waiting-for-change-number-indexing

    • ds-mon-replicas-preventing-indexing

    • ds-mon-time-since-last-indexing

    Prometheus:

    • ds_change_number_indexing_state

    • ds_change_number_time_since_last_indexing_seconds

    • ds_replication_changelog_purge_waiting_for_change_number_indexing

  • The dsconfig global configuration variable use-virtual-threads-if-available has been removed.

  • The following JE Backend configuration properties have been removed:

    • db-checkpointer-wakeup-interval

    • db-evictor-core-threads

    • db-evictor-keep-alive

    • db-evictor-max-threads

    • db-num-cleaner-threads

    • db-num-lock-tables

    • db-run-cleaner

DS 7.5

  • Support for Java 11 has been removed.

    When upgrading to this version, follow the instructions in Before you upgrade.

  • The dsrepl start-disaster-recovery and dsrepl end-disaster-recovery commands have been removed.

    For instructions on what to use instead, refer to the disaster recovery documentation instead.

  • Support for SNMP monitoring has been removed.

  • The deprecated /admin and /api (REST to LDAP) endpoints have been removed from the configuration for new servers.

    If you must create them temporarily for compatibility, refer to When adding new servers.

DS 7.4

  • The file-based debug log publisher has been removed.

    An error log publisher now writes debug-level messages. For details, refer to Debug-level logging.

  • The Argon2 password storage configuration property argon2-migration-memory has been removed.

    If necessary, set argon2-memory-pool-size instead.

DS 7.3

  • The following deprecated command-line options have been removed:

    --bindPasswordFile
    --deploymentKeyPasswordFile
    --keyStorePasswordFile
    --monitorUserPasswordFile
    --rootUserPasswordFile
    --trustStorePasswordFile

    Use the --*:file alternatives suggested in Deprecated since DS 7.1 instead. With the setup command, use the --keyStorePasswordFilePath and --trustStorePasswordFilePath options to retain the paths to the files in the configuration instead of copying the cleartext passwords.

  • The Degraded replica status and degraded-status-threshold configuration property have been removed.

    When the replication delay is more than five seconds, the dsrepl status command reports the replica is SLOW.

  • The advanced LDAP connection handler property send-rejection-notice has been removed.

    The LDAP connection handler no longer sends an extended response message with a notice of disconnection when rejecting a new client connection.

DS 7.2

  • The lookthrough-limit setting has been removed. Use time-limit instead.

DS 7.1

  • You can no longer add new DS servers to a deployment with OpenDJ 2.6 or earlier servers.

    Instead, upgrade older servers before adding new servers.

  • DS server configuration support for extending group implementations, including group implementation configuration objects, their properties, and the related dsconfig subcommands.

    In previous releases, an administrator could disable and enable group implementations, and could change the Java class of a group implementation as part of the server configuration.

    The default group implementations continue to work as documented in Groups.

DS 7.0

  • Support for Java 8 has been removed.

    Support for 32-bit JVMs has also been removed.

    When upgrading to this version, follow the instructions in Before you upgrade.

  • The backup and restore commands have been removed. Use the dsbackup command instead.

  • The dsreplication command has been removed.

    You now configure replication as part of the setup process using the setup --replicationPort and setup --bootstrapReplicationServer options. For details and examples, refer to Installation.

    For most operations, use the dsrepl command. Since replication configuration is part of the setup process, the dsrepl command does not include a command for configuring replication. Learn about the new command in Replication, and Changelog for notifications.

    To temporarily suspend and resume replication, use the dsconfig command. For details, refer to Disable replication.

  • The ads-truststore and ads-truststore.pin files have been removed.

    For new deployments, DS servers protect secret keys with a shared master key. The setup process derives the shared master key from the deployment ID and password.

  • The JVM profiler plugin has been removed.

  • The following monitoring metrics have been removed:

    • LDAP metrics:

      • ds-mon-approx-oldest-change-not-synchronized

      • ds-mon-approximate-delay

      • ds-mon-missing-changes

    • Prometheus metrics:

      • ds_replication_changelog_connected_replicas_approx_oldest_change_not_synchronized_seconds

      • ds_replication_changelog_connected_replicas_approximate_delay_seconds

      • ds_replication_changelog_connected_replicas_missing_changes

  • The following monitoring metrics depending on the JVM implementation are not stable interfaces. They have been removed from the documentation:

    Garbage collection statistics

    Affected metrics have names like ds-mon-jvm-garbage-collector-* under cn=monitor, and ds_jvm_garbage_collector_* in Prometheus output.

    Memory pool use

    Affected metrics have names like ds-mon-jvm-memory-pools-* under cn=monitor, and ds_jvm_memory_pools_* in Prometheus output.

  • The No-Op alias for the LDAP no-op control (OID: 1.3.6.1.4.1.4203.1.10.2) has been removed.

    Use the NoOp alias or the OID instead.

DS 6.5

  • The manage-account get-password-history subcommand has been removed due to security concerns.