PingDataMetrics Server 6.2.0.0 Release Notes - PingDataMetrics - PingDirectory - 8.1

Added support for remotely invoking the collect-support-data tool using an administrative task, and for invoking the tool on a regular basis as a recurring task. The tool has also been updated to add an outputPath argument to allow specifying the path or name to use for the output file.

The "create-systemd-script" CLI now creates a "forking" service file since Ping services are started by a process (the "start-server" script) that is different than the actual service process.

Added support for an extended operation that can be used to invoke the collect-support-data tool from a remote system and stream the output and resulting support data archive back to the client. The collect-support-data command-line tool has been updated to support this capability through the new --useRemoteServer argument.

Fixed an issue that could cause the server to generate an administrative alert about an uncaught exception when trying to send data on a TLS-encrypted connection that is no longer valid.

Fixed a bug in which SEMI_AGGRESSIVE and AGGRESSIVE JVM Tuning Parameters were previously allowed to both be selected.

Updated the manage-profile tool to prevent displaying warnings about offline config changes when starting the server.

Added a logging-error-behavior property to the log publisher, periodic stats logger plugin, and monitor history plugin configuration that can be used to specify the behavior the server should exhibit if an error occurs while attempting logging-related processing. By default, the server will preserve its previous behavior of writing a message to standard error, but it can be configured to enter lockdown mode on a logging error, in which the server will report itself as unavailable and will only accept requests from accounts with the lockdown-mode privilege and only from clients communicating over a loopback interface.

Fixed an issue that could prevent some tools from running properly with an encrypted tools.properties file.

A license is now always required when using the manage-profile replace-profile tool.

Updated the logic that the server uses to select an appropriate default set of TLS cipher suites.

Fixed an issue that could cause the shutdown process to stall if the server is configured to use TCP to communicate with a StatsD endpoint that has become unresponsive.

Fixed an issue with recurring exec tasks where the working-directory attribute was ignored.

Fixed an issue with the way the server reports memory usage after completing an explicitly requested garbage collection.

Updated the StatsD monitoring endpoint to replace any spaces, commas, or colons with underscores, and remove and single quotes or double quotes in sent metric lines. This simplifies parsing of the produced metrics.

A gauge called HTTP Processing (Percent) is now available. This gauge measures the server's capacity to process new incoming HTTP requests.

Updated the server to make the general monitor entry available to JMX clients.

Improved debugging support for Server SDK extensions. If debugging is enabled, the server will now generate a debug message whenever it invokes an extension. For some extension methods that return a value, the server will also generate a debug message with that return value.

Fixed a memory leak when performing SCIM queries on the Directory Server.

Updated the cn=Cluster subtree to prevent clustered configuration changes when servers in the cluster have mixed versions. To make clustered configuration changes, either update all servers in the cluster to the same version, or temporarily create separate clusters by server version by changing the cluster-name property on the server instance configuration objects.

To avoid inconsistencies, changing clustered configuration will now require all servers in the cluster to be on the same product version. Servers will not pull any clustered configuration from the master of the cluster if they are on a different product version.

Fixed an issue with manage-profile replace-profile where certain configuration changes for recurring task chains were not being applied.

Fixed an issue that prevented password changes for topology administrators unless their password policy was configured to allow pre-encoded passwords.

Addressed an issue that could lead to slow, off-heap memory growth. This only occurred on servers whose cn=Version,cn=monitor entry was retrieved frequently.

Added an ssl-client-auth-policy configuration property to the HTTP connection handler to provide support for mutual TLS authentication.

Updated the base monitor entry to include locationName and locationDN attributes if the server is configured with a location.

Updated the Server SDK to add ClientContext and OperationContext methods for obtaining the name and DN of the associated client connection policy.

Updated the file servlet HTTP servlet extension to add support for requiring authentication in order to access the content. Access may optionally be limited to members of a specified set of groups.

Fixed an issue that could prevent setup from generating a self-signed certificate for systems with non-ASCII hostnames.

Fixed an issue where mirrored subtree polling could produce config archive files that were identical or ignored the configured insignificant attributes list.

Added the --zip argument to the manage-profile generate-profile subcommand, which can be used to generate a zipped server profile.

Added an administrative task that may be used to generate a server profile and a corresponding recurring task that may be used to invoke the task on a regular basis.

Added an instance root file servlet to the default configuration. HTTPS requests to /instance-root by authenticated users with the file-servlet-access privilege will be granted access to files within the server instance root.

Servers running on Linux will now log a warning about possible performance impacts if the current memory control group has memory.swappiness set to a nonzero value.

The server now warns the administrator at startup if there are multiple versions of the same jar listed in the classpath, and the first one in the classpath is not the newest one.

Addressed an issue where some tools would throw a NullPointerException if a server was configured with a custom global result code map.