Tivoli Directory Server, Version 6.0.0.72-ISS-ITDS-IF0072

Download Description

Naming conventions:

As of 6.0.0.70, package names have been changed from "-TIV-ITDS-" to "-ISS-ITDS-" to reflect that Tivoli Directory Server (TDS) is now part of the IBM Security Systems (ISS) division.

Prior to version 6.0.0.69, TDS fixes used separate fix pack and interim fix numbers. Fix packs were numbered sequentially, and interim fixes were restarted from '1' after every fix pack. But the actual version (V.R.M.F) number was strictly sequential, and unrelated to either the fix pack or interim fix numbers.

For example: 6.0.0-TIV-ITDS-FP0008 was "the 8th fix pack" even though it was version 6.0.0.58, and 6.0.0.8-TIV-ITDS-IF0002 was "the 2nd interim fix after the 8th fix pack" even though it was version 6.0.0.60.

Starting with version 6.0.0.69, TDS fixes have only 1 version number.* Fix packs and interim fixes do not have a separate numbering sequence, and the "FP", "IF" or "TF" in the name is merely a label indicating the level of testing applied to the build. 6.0.0.69-TIV-ITDS-FP0019 can now be understood as "version 6.0.0.69 is a fix pack", not "the 19th fix pack".

FP:	Fix packs are formally verified and regression tested by an independent test team. The most recent OS patches, as well as WebSphere, GSKit and DB2 updates are certified during fix pack testing and the tested environments are documented in the fix pack README.
IF:	Interim fixes are verified by support and development and recommended for all users. Most fixes are delivered as IF's.

Fix packs and interim fixes are available to all entitled users and can be downloaded directly from fix central.

LA:	Limited availability interim fixes are used to deliver APARs before a more formal interim fix or fix pack is released. They are intended for a limited audience and supported until a more formal fix is published.
TF:	Test fixes are special purpose builds used to diagnose a specific problem or validate a specific fix. They are not generally available or supported beyond their intended use.

Limited availability and test fixes are never published to fix central and can only be obtained directly from IBM support.

* There are separate versions for TDS (6.0.0.x) and the webadmin tool (3.x). Installing the TDS fix does not automatically deploy the updated webadmin tool to the WebSphere application server (WAS). This requires additional steps which are documented in the installation instructions at the end of this README.

Problem Tracking Information:

The APAR number and abstract for all changes included in this fix are listed below. Further detail on individual APARs can be found by searching for the APAR number on the Tivoli Directory Server Support Web page.

APARs from 6.0.0.72-ISS-ITDS-IF0072 (6.0.0.72 / 3.0029)
---------------------------------------------------------

APAR IO17525 (CMVC 112488)
[Solaris only] ldap_ssl_client_init failed! rc == 118 Unknown
SSL error

APAR IO17570 (CMVC 113332)
The idsadscfg command will hang if the -adg parameter is too
long.

APAR IO17575 (CMVC 113386 113388 113428)
Server trace doesn't list attributes requested on search

APAR IO17579 (CMVC 113386)
Routine build maintenance

APARs from 6.0.0.71-ISS-ITDS-IF0071 (6.0.0.71 / 3.0029)
---------------------------------------------------------

APAR IO16747 (CMVC 113012)
operations error encountered when userpassword ends in ">"

APAR IO17298 (CMVC 113341)
[MDVREGR IO16650] TDS 6.0.0.70 crashes at startup - MEMORY FAULT

APAR IO17349 (CMVC 113152)
[MDVREGR IO16648] ibmslapd may crash during referral processing

APAR IO17362 (CMVC 113207)
[MDVREGR IO16636] "sh" error running dbback on non-Windows OS

APAR IO17363 (CMVC 113149 113354 113355)
Routine build maintenance

APARs from 6.0.0.70-ISS-ITDS-IF0070 (6.0.0.70 / 3.0029)
---------------------------------------------------------

APAR IO16634 (CMVC 112558)
ldapsearch/modify/add/delete of specific entry fails with rc=85
(if left running long enough)

APAR IO16636 (CMVC 112520 112561 112569 112581 112608)
TDS instance fails to start with error GLPCTL088E

APAR IO16637 (CMVC 112524)
idsbulkload fails with GLPBLK108E error

APAR IO16638 (CMVC 112559)
Client library leaks memory, if any error in referral chase.

APAR IO16639 (CMVC 112472)
Script 'tbindmsg' calls itself when it fails and gets into
infinite loop

APAR IO16640 (CMVC 112592)
IBMSLAPD/IBMDIRADM fail to start after disabling FIPS mode

APAR IO16641 (CMVC 112656)
Paged search requests might cause ldap crash.

APAR IO16643 (CMVC 112688)
ibmslapd may core when shutting down

APAR IO16644 (CMVC 112763)
null ciphers are enabled in default SSL/TLS configuration

APAR IO16645 (CMVC 112775)
Improve pwdCheckSyntax behavior with one-way encrypted passwords

APAR IO16646 (CMVC 112720)
Migrated TDS master server instance crashes, when we enable
global password policy and modify the user password.

APAR IO16647 (CMVC 112772)
Fix file permissions

APAR IO16648 (CMVC 112712)
server memory fault when searching on an entry with a referral
attribute.

APAR IO16649 (CMVC 112658)
TDS Client library returns false rc 81 when server is running

APAR IO16650 (CMVC 112770)
SIGSEGV if search filter AND/OR clauses are nested too deeply

APAR IO16651 (CMVC 112847)
Routine build maintenance

APAR IO16653 (CMVC 112953)
[MDVREGR IO15159] idssethost utility fails to accept a valid
configured ip alias on AIX

APARs from 6.0.0.69-TIV-ITDS-IF0069 (6.0.0.69 / 3.0029)
---------------------------------------------------------

APAR IO13762 (CMVC 112449)
ldapsearch behaves erratically if attribute cache is enabled.

APAR IO14507 (CMVC 111072)
ldapsearch does not support passwords starting with the '?'

APAR IO14900 (CMVC 112375)
LDAPDiff may flag equivalent aclEntries as differences

APAR IO15147 (CMVC 106614)
SSL Replication does not work after restarting replica instance

APAR IO15148 (CMVC 110999)
idsinstall must call slibclean before update install on AIX

APAR IO15150 (CMVC 112433 112454 112458 112459 112465)
IBMSLAPD CRASH

APAR IO15151 (CMVC 111820)
LDAP clients fail to chase referral on bind operation

APAR IO15154 (CMVC 112064 112455)
The Changelog cleanup code cannot remove incomplete entries in
the changelog db.

APAR IO15155 (CMVC 112063)
RootDSE search may incorrectly calculate the firstchangenumber

APAR IO15156 (CMVC 112427)
ibmslapd crashes in initialization of paged search connection

APAR IO15157 (CMVC 112377)
duplicate pre-op numbers in audit log

APAR IO15158 (CMVC 112430)
Include paged search info in audit log

APAR IO15159 (CMVC 112482 112492 112494)
idsxinst may crash on a system with more than 10 network
interfaces

APAR IO15160 (CMVC 111942 112247 112442 112443 112447)
Routine build maintenance

APARs from 6.0.0.8-TIV-ITDS-IF0010 (6.0.0.68 / 3.0028)
--------------------------------------------------------

APAR IO14124 (CMVC 112010)
idsinstall fails for installing 32 bit client on 64 bit machine.

APAR IO14668 (CMVC 111765)
ibmslapd process cores when conflict resolution enabled

APAR IO14669 (CMVC 111988)
[MDVREGR IO12725] modifiersname may not get updated on entry
modification

APAR IO14671 (CMVC 112008)
Server memory leak during search operations

APAR IO14673 (CMVC 112255)
idsdbback completes rc=0 even if database backup failed.

APAR IO14674 (CMVC 112256)
TDS client does not reject empty string as invalid search filter

APAR IO14675 (CMVC 112243)
Routine build maintenance

APAR IO14676 (CMVC 112186 112220 112227)
Windows timestamps do not reflect correct microseconds

APARs from 6.0.0.8-TIV-ITDS-IF0009 (6.0.0.67 / 3.0028)
--------------------------------------------------------

APAR IO13821 (CMVC 111722)
LDAP server leaks memory when database codepage is not UTF8

APAR IO14043 (CMVC 111915 111948)
Mask sensitive data in audit log and server trace

APAR IO14045 (CMVC 111837 111889 111905)
TDS Remote Code Execution Vulnerability

APAR IO14053 (CMVC 111868 111974 111982)
Routine build maintenance

APARs from 6.0.0.8-TIV-ITDS-IF0008 (6.0.0.66 / 3.0028)
--------------------------------------------------------

APAR IO13447 (CMVC 111387)
[MDVPARTL IO12488] ldapsearch failing for dn having Cyrillic
characters with tds-proxy

APAR IO13770 (CMVC 111553)
LDAP server memory leak in replication-supplier

APAR IO13772 (CMVC 111808)
Routine build maintenance

APAR IO13795 (CMVC 106456)
32k tablespace fails to be created when running the idscfgchglg
command as the ldap instance owner user in a multi-user env

APARs from 6.0.0.8-TIV-ITDS-IF0007 (6.0.0.65 / 3.0028)
--------------------------------------------------------

APAR IO12980 (CMVC 111359)
webadmin modified attributes displays lowercase attribute names

APAR IO12981 (CMVC 111482)
Attribute is unusable after increasing attribute length

APAR IO13305 (CMVC 100462 111382)
Web Administration tool fails to load the edit attribute panel
for an entry.

APAR IO13306 (CMVC 105239)
Bad BER request could potentially crash Tivoli Directory Server

APAR IO13308 (CMVC 110424 111343)
Small memory leak when IBMSLAPD_PREOP_AUDIT=YES and audit is on

APAR IO13309 (CMVC 111587 111588 111598)
Routine build maintenance

APAR IO13364 (CMVC 111262)
proxy server crash cleaning up paged search on backend

APAR IO13365 (CMVC 111333)
ldapcompare always returns true when target dn has pwdReset:
true

APARs from 6.0.0.8-TIV-ITDS-IF0006 (6.0.0.64 / 3.0027)
--------------------------------------------------------

APAR IO11841 (CMVC 110170)
Schema checking fails for Operational Attributes when using
bulkload.

APAR IO12399 (CMVC 111096)
System cores when DIGEST-MD5 connection are attempted.

APAR IO12559 (CMVC 111194)
Client LDAP search may hang waiting for server.

APAR IO12724 (CMVC 104901)
ldapmodify on unix fails if LDIF contains "file://" URL

APAR IO12725 (CMVC 110051 111287)
Replicated failed compare updates modifytimestamp and which
causes replication confilct on next operation.

APAR IO12802 (CMVC 110210)
Audit bind PREOP RECORD not generated when PREOP AUDITING is
enabled.

APAR IO12803 (CMVC 105937)
ldapchangepwd shows error 'invalid pointer'

APAR IO12806 (CMVC 106165)
ldapexop and ibmdirctl show error 'invalid pointer' using TLS

APAR IO12807 (CMVC 110447)
pwdReset:true replicated to consumet when not set on supplier.

APAR IO12808 (CMVC 110908)
ldtrc should find tfi files without TRCTFIDIR.

APAR IO12810 (CMVC 111070)
Wrong timestamps in db2cli.log

APAR IO12811 (CMVC 111256)
free(): invalid next size

APAR IO12812 (CMVC 110889 111257 111258)
Routine build maintenance

APAR IO12829 (CMVC 99823)
DSML - modify Filter.java to correctly process NOT filters

APAR IO12837 (CMVC 111119)
Add/Mod of "ldaps" URL fails for "ibm-replicareferralurl" attr.

APAR IO12838 (CMVC 111218)
idsldif2db only imports the first entry with operational
attribute.

APARs from 6.0.0.8-TIV-ITDS-IF0005 (6.0.0.63 / 3.0026)
--------------------------------------------------------

APAR IO12059 (CMVC 110090)
idsldif2db may coredump on program exit if ibm-slapdReplDBConns
is set in ibmslapd.conf

APAR IO12210 (CMVC 110701)
idsimigr fails to parse schema files in unicode locales on AIX

APAR IO12316 (CMVC 110764)
Server Hang, crash issue with paged search.

APAR IO12389 (CMVC 92713)
Allow NULL valued attribute in DN like "cn=,o=ibm"

APAR IO12390 (CMVC 109411)
[MDVREGR IO07729] Search gives DB2 Tablename as attribute name
with hyphen char.

APAR IO12476 (CMVC 109620)
[MDVREGR IO11943] Server hung using paged searches with
GLPSRV203W messages in ibmslapd.log

APAR IO12477 (CMVC 110146)
aliasedEntryName should be an alternative of aliasedObjectName.

APAR IO12488 (CMVC 110827)
client code corrupts arabic search filter by stripping 0xD8 byte
from leading character

APAR IO12491 (CMVC 108018 109613 110343 110704 110890)
Routine build maintenance

APAR IO12496 (CMVC 110025)
Different Timestamps in db2cli.log file.

APAR IO12498 (CMVC 110370)
idsinstall may fail if multiple versions of ITDS are installed

APARs from 6.0.0.8-TIV-ITDS-IF0004 (6.0.0.62 / 3.0026)
--------------------------------------------------------

APAR IO11814 (CMVC 109360)
eSIP IBM20100125-1140: LDAP do_extendedOp DoS vulnerability

APAR IO11889 (CMVC 108931)
Realm doesn't work for boolean valued user template.

APAR IO11943 (CMVC 108251)
LDAP server may crash under heavy load with paged searches

APAR IO11945 (CMVC 108864)
deadlock encountered when reconfiguring replication topology

APAR IO11946 (CMVC 108865)
schema violation when adding entries with boolean attributes via
the web admin

APAR IO11947 (CMVC 109186 109444 109446 109447)
Routine build maintenance

APARs from 6.0.0.8-TIV-ITDS-IF0003 (6.0.0.61 / 3.0025)
--------------------------------------------------------

APAR IO11222 (CMVC 107792)
idsldif2db cores after successfully loading all entries

APAR IO11227 (CMVC 107468)
Cannot add ibm-nestedGroup if ibm-membergroup = parent DN

APAR IO11407 (CMVC 107809)
memory leak if ldap_explode_dn() is called with an empty string

APAR IO11555 (CMVC 107232)
Excessive communications errors in ibmslapd.log file when using
some load balancers.

APAR IO11558 (CMVC 108390)
TDS 6.0 may exhibit high CPU if searches return ibm-entryUUID

APAR IO11560 (CMVC 107947)
timeout error starting Windows services which depend on TDS

APAR IO11562 (CMVC 108011)
boolean attribute modified in WebAdmin not saved

APAR IO11563 (CMVC 107858)
[MDVPARTL IO11006] upgrade from 52 to 60 using idsxinst tries to
configure database

APAR IO11564 (CMVC 108032 108040 108077 108418)
Routine build maintenance

APAR IO11575 (CMVC 108259)
audit log incorrectly reporting unauthenticated binds when using
pre-op bind plugin

APAR IO11608 (CMVC 107453)
ibmslapd crashes on Solaris 10 for SPARC

APARs from 6.0.0.8-TIV-ITDS-IF0002 (6.0.0.60 / 3.0024)
--------------------------------------------------------

APAR IO10998 (CMVC 107248)
Ldapmodify shows junk characters on schema update

APAR IO11040 (CMVC 107348)
TDS 6.0 FP05 traps on Suse Linux 9

APAR IO11051 (CMVC 107256)
modifydn operation may fail with operations error

APAR IO11185 (CMVC 106995)
SUBSTR and ORDERING definitions removed by schema migration

APAR IO11180 (CMVC 107385)
No error msg displayed on invalid password change.

APAR IO11190 (CMVC 107231 107680 107686 107730)
Routine build maintenance

APARs from 6.0.0.8-TIV-ITDS-IF0001 (6.0.0.59 / 3.0023)
--------------------------------------------------------

APAR IO10744 (CMVC 106905)
ldapdiff not generating correct LDIF for controls.

APAR IO10802 (CMVC 106949)
Adding a nested group which contains it's own parent will hang
the server

APAR IO10892 (CMVC 107095)
TDS server consumes high CPU and may become unresponsive

APAR IO10996 (CMVC 106734)
client does not correctly translate \00 to null as per rfc 4515

APAR IO11000 (CMVC 107183)
ibmslapd core dumps on Linux 64 during shutdown with -k option.

APAR IO11001 (CMVC 106957 106960 107192)
Routine build maintenance

APAR IO11003 (CMVC 106739)
TDS client cannot parse password policy response control from
other servers, such as Sun or openLDAP.

APAR IO11006 (CMVC 106883)
upgrade from 52 to 60 using idsxinst tries to configure database

APAR IO11007 (CMVC 106961)
webadmin - replicated peer server role may be shown as replica

APAR IO11009 (CMVC 107040 107209)
TDS 6.x proxy does not dereference alias request.

APARs from 6.0.0-TIV-ITDS-FP0008 (6.0.0.58 / 3.0022)
--------------------------------------------------------

APAR IO09138 (CMVC 98565)
ibmslapd writes initial log messages to ibmdiradm.log

APAR IO09199 (CMVC 104608)
Unable to set ACLs on entry cn=localhost

APAR IO09365 (CMVC 105131)
ibmslapd ABEND (SIGSEGV) in do_group_ri() function

APAR IO09531 (CMVC 99785)
Java.lang.NullPointerException logged by the Web Admin tool

APAR IO09532 (CMVC 103228)
replication schedule set up via web admin not completed

APAR IO09533 (CMVC 103879)
TDS 6.x referral builds search request with extra filter of
objectclass=*

APAR IO09538 (CMVC 105282 105353 105535)
Routine build maintenance

APAR IO09554 (CMVC 105272)
libibmldap.so calls ber_init() from external library

APAR IO09584 (CMVC 105760)
Memory leak in ldap_init() and ldap_url_search_direct() APIs

APAR IO09669 (CMVC 105787)
TDS 6.x - idsdb2ldif -s cn=schema core dumps

APAR IO09671 (CMVC 105887)
Routine build maintenance

APAR IO09879 (CMVC 106198 106636)
Idsxinst/idsxcfg command fails with JAVA exception on HP-UX 64
bit Itanium machine.

APAR IO09891 (CMVC 106346)
bulkload/ldif2db fails if attr value length is > 4096 in a line

APAR IO09962 (CMVC 106054)
idsimigr tool doesn't handle multiple objectclass names

APAR IO09982 (CMVC 106266)
TDS 6.x idsdb2ldif does not export pwdHistory attribute

APAR IO10014 (CMVC 92970)
"password cannot be changed" error when editing user in webadmin

APAR IO10018 (CMVC 106419)
ibmslapd crash deleting entry w/ attribute not in schema

APAR IO10126 (CMVC 106327)
TDS server cores during the import of TIM adapter profile

APAR IO10156 (CMVC 106293)
rootDSE search returns incorrect lastChangeNumber attribute

APAR IO10157 (CMVC 98958 106228 106409 106410)
schema modify terminated with unauthorized user - ITDS6.1

APAR IO10158 (CMVC 105994)
Corrections to IDSWebApp release info (IDSWebAppInfo.xml)

APAR IO10159 (CMVC 105968)
Server appears unresponsive after 15 minutes

APAR IO10160 (CMVC 105876)
Server can become unresponsive

APAR IO10161 (CMVC 106298 106302 106361)
Routine build maintenance

APAR IO10171 (CMVC 106379)
bulkload/ldif2db fails after applying 6.0.0.7-TIV-ITDS-LA0003

APAR IO10201 (CMVC 106302)
Routine build maintenance

APAR IO10298 (CMVC 94432)
ibm-allgroups ldap search may result in operations error

APAR IO10520 (CMVC 101416)
idsimigr cores while migrating from TDS 5.x to 6.x

APAR IO10522 (CMVC 106590)
NAS does not start after migration to TDS 6.x

APAR IO10523 (CMVC 106351 106353 106425)
Routine build maintenance

APAR IO10539 (CMVC 106435 106528)
idsinstall fails if multiple TDS versions or non-en msgs are
installed

APAR IO10544 (CMVC 106689 106790)
Excessive replication conflicts with large groups

APAR IO10650 (CMVC 106798 106802 106838)
TDS server may not sort national language characters properly

APAR IO10686 (CMVC 106722)
webadmin removes matchingrule upon attribute indexing

APAR IO10697 (CMVC 106767)
webadmin doesn't display matching rules in view attributes
panel if schema uses descriptive names instead of OIDs

APAR IO10698 (CMVC 106781)
TDS migration fails if the db2 instance has an _ in the instance
name

APAR IO10716 (CMVC 102731 106766)
TDS client hangs under heavy load

APAR IO10717 (CMVC 106422 106705 106779 106823 106835)
Routine build maintenance

APARs from 6.0.0-TIV-ITDS-FP0007 (6.0.0.52 / 3.0019)
--------------------------------------------------------

APAR IO06620 (CMVC 102425)
ibmslapd/idsslapd wrapper fails to manage core files on linux

APAR IO06810 (CMVC 101257)
ibmslapd proxy fails to failover

APAR IO06811 (CMVC 102266)
ITDS migration may not migrate indexes containing "REVERSE"
index correctly.

APAR IO07473 (CMVC 101508)
generalized time format attributes corrupted under heavy loads

APAR IO07884 (CMVC 102634)
Server may core w/ SIGSEGV on Linux w/ > 1000 clients connected

APAR IO08588 (CMVC 100829)
ldap client fails to connect to alternate hosts in list

APAR IO08741 (CMVC 101546)
Routine build maintenance

APAR IO08757 (CMVC 101303)
Error GLPCTL036E from idscfgdb in using DB2 9 in Japanese locale

APAR IO08768 (CMVC 104286)
start/stop/restart panel in webadmin polls ibmslapd every second

APAR IO08839 (CMVC 102059)
TDS 6.0 Hangs after 1024 concurrent connections on Solaris

APAR IO08915 (CMVC 102522)
ibm-allGroups search via proxy may result in "operations error"
on backend if dataset returned is very large

APAR IO08922 (CMVC 102765)
Blind addition of global replication on first startup

APAR IO08943 (CMVC 101441)
TDS 6.x webadmin cannot administer Z/OS LDAP server

APAR IO08946 (CMVC 101814 101828)
Segmentation Fault from ibmslapd after migration from 5.2 to 6.1

APAR IO08947 (CMVC 101771)
glibc errors from db2ldif using -k & -t options

APAR IO08948 (CMVC 101708 102581 102582 102596)
Routine build maintenance

APAR IO09036 (CMVC 102961)
Server may core (SIGSEGV) on Solaris w/ > 1000 clients connected

APAR IO09107 (CMVC 103021)
Error GLPRDB001E when deleting a uniqueMember attribute value

APAR IO09136 (CMVC 103210)
Routine build maintenance

APAR IO09150 (CMVC 102726)
incorrect error when adding an attribute type to the TDS schema

APAR IO09168 (CMVC 102807)
All writes and potentially some or all reads are blocked while
skipping large number of pending changes in replication queues

APAR IO09169 (CMVC 103408)
ldapsearch error using -m DIGEST-MD5 on HP-IA64:
"ldap_sasl_bind_s: Plugin library not loaded"

APAR IO09170 (CMVC 103401 103464)
Routine build maintenance

APAR IO09284 (CMVC 104219)
comma appended to DN in TDS v6.0 Web Administration tool

APAR IO09287 (CMVC 104190)
Group membership is not correctly determined for LDAP and
changelog backends

APAR IO09300 (CMVC 104213 104215 104429)
Routine build maintenance

APAR IO09302 (CMVC 103015)
TDS 6.x - search via referral disregards search filter

APAR IO09474 (CMVC 104825)
6.0 proxy server cores at startup if a backend server is down

APAR IO09475 (CMVC 104528 104530 105222)
Routine build maintenance

APAR IO09485 (CMVC 97738 99657)
LDAP client cores during open_connection call to getaddrinfo

APAR IO09498 (CMVC 105280)
Routine build maintenance

APARs from 6.0.0-TIV-ITDS-FP0006 (6.0.0.45 / 3.0016)
--------------------------------------------------------

APAR IO07362 (CMVC 99835)
very long userPassword will crash server using AES encryption

APAR IO07637 (CMVC 99967 100131 100143)
Security defect in IDSWebApp WnDebugServlet

APAR IO07729 (CMVC 100052)
Search displays DB2 tablenames truncated upto 16 characters.

APAR IO07735 (CMVC 100050)
memory leak in ldap_explode_rdn() C API call

APAR IO07766 (CMVC 100100)
Updates to password history table in db2 can cause db2 deadlock
when many simultaneous password changes are made.

APAR IO07767 (CMVC 100148)
"DSA is unwilling to perform" error (rc=53) from paged search

APAR IO07813 (CMVC 99679.02)
Enable simplified login URL for TDS webadmin

APAR IO07814 (CMVC 100021 100083 100087 100088 100137 100145)
Routine build maintenance

APAR IO07815 (CMVC 99833)
New diagnostic audit log pre-op and post-op records

APAR IO07837 (CMVC 100013)
TDS 6.0 proxy fails to resolve localhost if IPV6 is enabled

APAR IO08235 (CMVC 100650)
deploy_IDSWebApp -v does not display war file version correctly

APAR IO08267 (CMVC 100568 100569)
TDS proxy operations error with custom attr that contains _ char

APAR IO08308 (CMVC 100265 100399 100422)
"rc=-1 Unknown error" starting slapd w/ ibmdirctl on SuSE 10

APAR IO08310 (CMVC 97432)
proxy crashes with operations error while adding suffix entry

APAR IO08311 (CMVC 99933)
The entry DN in proxy error msg GLPPXY023E is incorrect

APAR IO08314 (CMVC 99934)
Proxy fails to start if all backends in server group are not up

APAR IO08317 (CMVC 100641)
infinite loop in db2ldif if "CN=NULL"

APAR IO08319 (CMVC 100320 100606)
Routine build maintenance

APAR IO08371 (CMVC 100690)
Error GLPSCH028E after migration to TDS 6.0 or 6.1

APAR IO08404 (CMVC 95674)
TDS 6.0 proxy server may audit failed operations as successful

APAR IO08416 (CMVC 97572)
TDS proxy server will not re-connect to a backend server which
was down when the proxy was started

APAR IO08443 (CMVC 100801)
TDS 6.0 may allow user to change pwd before pwdMinAge is reached

APAR IO08508 (CMVC 97106)
TDS 6.0 proxy server may crash (ABEND) if audit is enabled

APAR IO08509 (CMVC 99083)
idssnmp configuration is over-written by update/patch install

APAR IO08510 (CMVC 100642)
TLS search returns LDAP_SERVER_DOWN (81) if ibm-slapdAllowAnon =
FALSE

APAR IO08543 (CMVC 100688 100689)
NR IO07815 FIX COMPLETION: audit log pre-op and post-op changes

APAR IO08547 (CMVC 100839)
Ship "ldif" utility for TDS 6.x

APAR IO08548 (CMVC 100827)
Routine build maintenance

APAR IO08549 (CMVC 100893)
NR IO08547 FIX COMPLETION: "ldif" utility missing from Windows

APAR IO08550 (CMVC 100753 100965)
NR IO08308 FIX COMPLETION: "rc=-1 Unknown error" starting slapd
w/ ibmdirctl on Redhat 5

APAR IO08551 (CMVC 100961)
Routine build maintenance

APARs from 6.0.0-TIV-ITDS-FP0005 (6.0.0.41 / 3.0015)
--------------------------------------------------------

APAR IO06239 (CMVC 96969)
Allow configuring the number of DB2 connections to be greater
than the number of worker threads

APAR IO06310 (CMVC 97842)
Manage Users panel not displayed correctly after deleting the
single user on its last page.

APAR IO06311 (CMVC 97844)
Filtered search results using webadmin display wrong user data.

APAR IO06315 (CMVC 97840)
Groups added to a user may not be displayed by Web Admin tool.

APAR IO06396 (CMVC 98015)
A memory leak occurs when SSL connections fail to be opened.

APAR IO06406 (CMVC 97949)
Users and Groups - inconsistency in adding users while using
WebAdmin UI.

APAR IO06410 (CMVC 97932)
idssnmp agent does not encrypt the idssnmp.properties file

APAR IO06422 (CMVC 97999)
Copy User fails while using WebAdmin UI.

APAR IO06480 (CMVC 98178)
Server takes long time to start in "configuration only mode"
after migration from TDS 5.1 or earlier

APAR IO06489 (CMVC 98580)
Attributes not displayed after editing a user template to add
objectclasses

APAR IO06515 (CMVC 98284)
"Multiple Values" button is not working in the user add panel

APAR IO06527 (CMVC 98420)
db2ldif returns 'CN=NULL' membership in addition to correct
membership.

APAR IO06539 (CMVC 97850)
idslink/idsrmlink -s fullsrv does not update all links

APAR IO06546 (CMVC 98418)
[HP IA64 only] start command fails w/ rc=35072 Unknown error

APAR IO06563 (CMVC 98442)
ldap_delete or modify returns "No such attribute" (rc=16)

APAR IO06564 (CMVC 97575)
Reject add of pwdPolicy operational attributes w/out admin ctrl

APAR IO06567 (CMVC 98603)
[AIX only] ibmslapd ulimits are wrong when started via ibmdirctl

APAR IO06581 (CMVC 94384)
Enable support for large files (>2GB) on Unix

APAR IO06585 (CMVC 98578)
6.0 idsinstall does not update instance copies of "runscript"

APAR IO06608 (CMVC 98821)
TDS 6.0 changelog entries are not in proper LDIF format

APAR IO06624 (CMVC 99267 99513)
ibm-allGroups incorrect if memberURL uses integer attributes

APAR IO06644 (CMVC 98897)
AE IO04842 FIX COMPLETION: server starts in configuration mode
after applying TDS 6.0 FP04

APAR IO06648 (CMVC 98919)
AE IO06216 FIX COMPLETION: ldap_unbind() API's may return
LDAP_LOCAL_ERROR (82)

APAR IO06684 (CMVC 99049)
ldif2db utility cores if attribute value is all whitespace

APAR IO06709 (CMVC 92665)
ldapsearch w/ filter may return error 87 (LDAP_FILTER_ERROR)

APAR IO06711 (CMVC 98818)
TDS logs of SQL "state" (like db2cli.log) may contain garbage in
DBCS/MBCS locales

APAR IO06730 (CMVC 92479)
memory leak in client API after calling
ldap_set_iconv_local_charset()

APAR IO06746 (CMVC 99747 99877)
idsicrt,idsxinst does not recognize alias IP address on AIX

APAR IO06841 (CMVC 99722)
AE IO05042 FIX COMPLETION: Missing attributes after migration

APAR IO06912 (CMVC 99238)
Long delays when using SSL/TLS connections to LDAP

APAR IO06918 (CMVC 99237 99364)
PROXY server is unstable if started w/ "idsslapd" command

APAR IO06919 (CMVC 99385)
[AIX Only] GLPWRP002E error when starting proxy server instance

APAR IO06920 (CMVC 95054)
ldapsearch gives duplicate results when attribute cache is on

APAR IO06921 (CMVC 98804)
Server may crash if pwdPolicy is enabled w/ pwdSafeModify=TRUE

APAR IO06922 (CMVC 98640)
Do not display schema modify options to non-admin users

APAR IO06926 (CMVC 99139)
User template displays attribute as both MAY and MUST

APAR IO06929 (CMVC 99372)
[6.0.0.33-36 only] idscfgdb fails with GLPCTL036E in non-english
locale

APAR IO06936 (CMVC 99444)
TDS webadmin user template attribute order not retained

APAR IO07121 (CMVC 92995 93018)
Server leaks memory when deleting subtree

APAR IO07124 (CMVC 99421)
GLPRPL033E Error Timed out occurred for replica ...

APAR IO07127 (CMVC 99443)
[AIX only] Add handlers for SIGDANGER and SIGUSR1

APAR IO07131 (CMVC 99016)
Proxy server can allow access to malicious client

APAR IO07170 (CMVC 99602)
IDSWEBAPP IN FULL WAS ENVIRONMENTS - SSL CONFLICT

APAR IO07289 (CMVC 99622)
Server won't start if slapd.pid is empty

APAR IO07290 (CMVC 99632)
Possible slow replication when replication table is large

APAR IO07309 (CMVC 99672 99751 99753)
[Linux only] Error GLPCOM027E starting proxy on privileged port

APAR IO07317 (CMVC 93395)
Event processing can send event messages to closed connections

APAR IO07370 (CMVC 99670)
cn=monitor may show opsinitiated < opscompleted

APAR IO07528 (CMVC 99649)
pwdChangedTime attribute not updated when admin changes password

APAR IO07529 (CMVC 99746 99750)
idsicrt,idsxinst does not recognize alias IP address on Linux

APAR IO07530 (CMVC 99682)
Infinite loop in get_filter_list()

APAR IO07533 (CMVC 99684)
web admin tries to overwrite SSLTLS value

APAR IO07535 (CMVC 99864)
AE IO05197 FIX COMPLETION: passwords in config file corrupted
after migration to TDS 6.0

APAR IO07536 (CMVC 99346)
[AIX Only] anonymous DIGEST-MD5 bind from openldap client may
crash TDS 6.0 proxy server on AIX

APAR IO07551 (CMVC 99860)
Error GLPSRV064E starting with "-a" if change log is enabled

APAR IO07556 (CMVC 99092)
AE IO07131 FIX COMPLETION: CRAM-MD5 bind crashes server (SEGV)

APARs from 6.0.0-TIV-ITDS-FP0004 (6.0.0.33 / 3.0011)
--------------------------------------------------------

APAR IO04810 (CMVC 95981)
replication conflict on peers after bind failure w/ pwdPolicy

APAR IO04842 (CMVC 94196 95094)
Various problems with ibm-nestedGroup & ibm-memberGroup

APAR IO05020 (CMVC 94532)
Deadlocks in DynamicGroups W/ACLs

APAR IO05022 (CMVC 94404 94848)
Change Autolock wait processing (linux only)

APAR IO05042 (CMVC 94194 96489 96490)
migration to 6.0: "Memory Fault" (ABEND) from idsimigr command

APAR IO05046 (CMVC 95836)
time stamp errors replicating multiple updates per second

APAR IO05147 (CMVC 94548)
Changing encryption from AES 256 to SHA causes secretkey
attributes to display in encrypted format

APAR IO05336 (CMVC 94655 94970 95038)
Add search limit to dynamic group searches

APAR IO05376 (CMVC 94910)
Server does not reject integer values < -2,147,483,648

APAR IO05400 (CMVC 94931)
Paged search returns incorrect number of entries

APAR IO05440 (CMVC 95061)
ldapmodrdn uses shortest alternate name for new RDN attribute

APAR IO05448 (CMVC 95028)
Invalid DN in modrdn can trap server.

APAR IO05474 (CMVC 95099)
ITIM 4.6 fp25 ldapUpgrade tool kills ibmslapd (itds v60fp3)

APAR IO05479 (CMVC 94580)
Error "NO MEMORY, EXITING.." from bulkload

APAR IO05499 (CMVC 95181 95474)
pwdChangedTime set to future date results in password expired

APAR IO05508 (CMVC 95227)
Correct proxy supportedcontrol and ibm-supportedcapabilities

APAR IO05509 (CMVC 95673 96292 96416)
proxy server cores (ABEND) when backend server is down

APAR IO05579 (CMVC 94945)
Proxy server leaks 48 bytes per operation

APAR IO05580 (CMVC 96116)
Bind or compare using lower or mixed-case "{CRYPT}" tag fails

APAR IO05588 (CMVC 94176)
Saving an empty attribute cache list requires server restart

APAR IO05591 (CMVC 95133)
increase default page size of DIT table from 20 to 200

APAR IO05592 (CMVC 94757)
Webadmin cannot modify attributes if RDN is in UPPERCASE

APAR IO05596 (CMVC 95142)
user cannot change expired/reset password from webadmin login if
anon bind is disabled on 6.0 server

APAR IO05638 (CMVC 95369)
There is no password stash files for jks files.

APAR IO05731 (CMVC 95518)
ldap client using GSSAPI doesn't fail over to alternate servers
if first bind fails

APAR IO05736 (CMVC 95607)
Proxy may not respond to Bind request

APAR IO05740 (CMVC 95622)
member attribute disappears after modifying entryowner

APAR IO05744 (CMVC 93929)
server may ABEND (SEGV) or return incorrect search results if
attribute cache is enabled

APAR IO05747 (CMVC 95276 95596)
Allow '.'s in attribute type names

APAR IO05748 (CMVC 95651)
Proxy will ABEND on compare operation if trace is enabled

APAR IO05766 (CMVC 95614)
TDS V6.0 - SSL enabled webadmin not able to promote replica
to a master

APAR IO05863 (CMVC 96086)
Server cores (ABEND) during ITIM 4.6FP25 LDAPUPGRADE

APAR IO05903 (CMVC 96056 96142)
Server fails modify request w/ rc=90 (LDAP_NO_MEMORY)

APAR IO05972 (CMVC 96503)
Conflict resolution requiring a re-add of an entry leaks the
entire entry structure.

APAR IO05974 (CMVC 96542)
64-bit replica supplier cannot move failed replication change to
REPLERROR table (change is not skipped and blocks queue)

APAR IO06031 (CMVC 95283)
AE IO04203 FIX COMPLETION: Digest-Md5 bind using credentials
containing French characters may ABEND server

APAR IO06034 (CMVC 95495)
Server ABEND performing search operation

APAR IO06040 (CMVC 96041)
mod_replace pwdAccountLockedTime fails w/ rc = 94 LDAP_NO_RESULTS_RETURNED

APAR IO06042 (CMVC 96792)
Webadmin cannot expand entry DN's containing "/" characters

APAR IO06055 (CMVC 96625 96661)
Return empty sequence as controlValue for password policy when
there is no warning or error in passwordPolicyResponse control

APAR IO06057 (CMVC 96878)
AE IO02432 FIX COMPLETION: SOLARIS ONLY - ibmslapd (supplier)
leaks connections when consumer is down.

APAR IO06068 (CMVC 96891)
Server fails modify request w/ rc=32 (LDAP_NO_SUCH_OBJECT)

APAR IO06107 (CMVC 97205)
ldapadd with "do not replicate" control gets replicated

APAR IO06148 (CMVC 97297)
SQL0405N errors in db2cli.log

APAR IO06165 (CMVC 97473 97488 97510)
TDS v6.0 fix install overwrites DST patched Java (except HP-UX)

APAR IO06198 (CMVC 97391)
server cannot create core if started from webadmin or ibmdirctl

APAR IO06200 (CMVC 97476)
ibmslapd takes long time to start after db2 reorg / runstats

APAR IO06216 (CMVC 95307 97453 97487)
TDS Client connect may fail on Linux w/ errno 9
(EBADF: INVALID FILE DESCRIPTOR)

APAR IO06289 (CMVC 95848 96173 97690)
Usability enhancements to "Users and Realm" webadmin tasks

APAR IO06296 (CMVC 96109)
time-units in Password Lockout panel are wrong in translation

APAR IO06300 (CMVC 96062)
Add/Edit referral panel displays irrelevant search filter fields

APAR IO06306 (CMVC 96144)
Edit filter button does not work on Add/Edit Referral panel

APAR IO06307 (CMVC 96276)
View server status panel is not displayed to anonymous user

APAR IO06316 (CMVC 96892)
server does not send any result code to client when used with
ITDI password plugin, during a password modify.

APAR IO06318 (CMVC 97209)
Memory leak if "Replication conflict... entry is too large"

APAR IO06321 (CMVC 96494)
mod_replace to delete pwd policy attributes fails with rc 94
(LDAP_NO_RESULTS_RETURNED) if the attribute has no values

APAR IO06323 (CMVC 96777)
Proxy server may hang (deadlock)

APAR IO06324 (CMVC 93483)
Values in aclEntry cannot be deleted for replication context

APAR IO06325 (CMVC 97200)
Error - gethostbyname_r, failed errno=0

APAR IO06327 (CMVC 97676)
idsinstall.sh does not validate machine architecture

APAR IO06328 (CMVC 92379)
Server returns error during ldap modify operation using JNDI.

APAR IO06332 (CMVC 95168)
NullPointerException from com.ibm.ldap.dsml.DsmlValue

APAR IO06342 (CMVC 97813)
idsinstall -u fails dependency check for pdksh on SLES10/RHEL5

APARs from 6.0.0-TIV-ITDS-FP0003 (6.0.0.19 / 3.0007)
--------------------------------------------------------

APAR IO04349 (CMVC 93479)
Cannot edit attr in WebAdmin if IBMLDAP_ATTRLOWERCASE=FALSE

APAR IO04587 (CMVC 93597 93898)
User cannot change expired/reset password from WebAdmin login

APAR IO04714 (CMVC 93861)
TDS 6.0 does not replicate SHA encrypted passwords correctly

APAR IO04794 (CMVC 93820)
IBMAttributeTypes w/ REVERSE are lost in 6.0 schema migration

APAR IO04857 (CMVC 93730)
AE IO02301 FIX COMPLETION: not able to change the attribute
definition from MAY to MUST.

APAR IO04868 (CMVC 93912 94211)
Server does not respond during transaction ex-op

APAR IO04873 (CMVC 93297)
idscfgsuf allows invalid suffixes

APAR IO04884 (CMVC 93920)
multi-threaded replication may ABEND 6.0 repl supplier

APAR IO04891 (CMVC 93991)
AE IO03290 FIX COMPLETION: Adding conflicting schema returns
error 53 instead of error 20

APAR IO04950 (CMVC 93945)
TDS 6.0 multithreaded replication not working

APAR IO04961 (CMVC 94165)
Enable trace files > 2GB

APAR IO04969 (CMVC 94545)
AE IO03338 FIX COMPLETION: Search filters using NOT (!) may not
return correct results

APAR IO04986 (CMVC 93960)
Asynchronous requests to a TDS 6.0 server may fail w/
LDAP_OPERATIONS_ERROR (rc=1)

APAR IO04991 (CMVC 92679 93720 93800)
6.0 webadmin only shows 1st 200 entries or users

APAR IO04996 (CMVC 93803)
WebAdmin add user/group panel does not enforce required realm

APAR IO05019 (CMVC 94387)
AE IO04868 FIX COMPLETION: Memory leak in transactions

APAR IO05039 (CMVC 94493)
Unable to get server id when click on "GET SERVER ID" and
SSL is enabled in webadmin tool

APAR IO05040 (CMVC 94362)
delete or modrdn via proxy may return LDAP_INSUFFICIENT_ACCESS

APAR IO05044 (CMVC 94410)
Improve search performance under heavily concurrent loads

APAR IO05065 (CMVC 94504)
Server ABEND on Solaris 10 (SPARC) when modifying schema

APAR IO05092 (CMVC 94179)
"ldap_delete: operations error" deleting entry on proxy server

APAR IO05145 (CMVC 94624)
TDS V6.0 - SPARCSOLARIS 10 - ITIM ADAPTER IMPORT KILLS IBMSLAPD

APAR IO05197 (CMVC 93839 94553 94560)
server does not recognize upper case encryption scheme: {CRYPT}

APAR IO05200 (CMVC 93954 94520)
Delete action allowed w/ no members selected in webadmin

APAR IO05204 (CMVC 93875)
Search results not refreshed after deleting an entry

APAR IO05241 (CMVC 92750)
Enhancements to Add/Edit Referral panels

APAR IO05251 (CMVC 93871)
Refresh button on View Worker Status panel does not work

APAR IO05252 (CMVC 93950)
Disable actions when advanced option is not selected

APAR IO05257 (CMVC 94035)
Cannot edit single-valued, naming attribute (RDN) of an entry

APAR IO05260 (CMVC 94257)
Expanding an entry to show its children displays blank table

APAR IO05261 (CMVC 94527 94531)
Proxy server on Windows uses high CPU if back end server down

APAR IO05269 (CMVC 93494)
Audit operation id to map proxy requests to back end operations

APAR IO05274 (CMVC 94191 94230 94492 94578)
Slapi API enhancements for preop plugins

APAR IO05276 (CMVC 93728)
proxy server leaks memory processing modify ops

APAR IO05278 (CMVC 94002)
ldap_compare does not report locked account if bound as admin

APAR IO05284 (CMVC 94235)
"livethreads" attribute of cn=monitor <= 0

APAR IO05287 (CMVC 94374)
Proxy server may ABEND performing bind operation

APARs from 6.0.0-TIV-ITDS-FP0002 (6.0.0.14 / 3.0006)
--------------------------------------------------------

APAR IO02167 (CMVC 92558)
TDS 6.0 server starts in config mode when started from
the services panel after installing ldap and db2.

APAR IO02432 (CMVC 92524 92812)
60:ldap clients fail to resolve localhost if IPv6 is enabled

APAR IO02450 (CMVC 92584 92594)
Subtree replication using AES password encryption and correct
KSF synchronization fails with error GLPCRY008E on the replica

APAR IO02479 (CMVC 92542)
multithreaded search with complex filters may ABEND server

APAR IO02714 (CMVC 92601 92617)
SLAPD incorrectly binds using SASL EXTERNAL

APAR IO02753 (CMVC 92635 92692)
Modifying schema via the webadmin changes owner of V3.Modifiedschema
from ldap:ldap to root:root

APAR IO02853 (CMVC 92661)
Add support for JNDI fetchSchema() method

APAR IO02945 (CMVC 92254)
NULL based subtree search does not chase named reference

APAR IO02946 (CMVC 92461)
Directory server performance could be degraded when using the
unique attribute extended operation

APAR IO02955 (CMVC 92512)
If transaction size limit is set very high (or unlimited) and the
number of operations contained in a transaction is high (in the
thousands), the server may crash when the transaction is completed

APAR IO02957 (CMVC 92459)
By mixing aclentry and ibm-filteraclinherit you can create an
invalid ibm-filteraclentry w/o any filter

APAR IO02959 (CMVC 92456)
Global ibm-slapdTimeLimit and ibm-slapdTimeLimit may not be enforced
if size or time limit sent with search request is < 0.

APAR IO02960 (CMVC 92453 92590)
Server may appear hung after migration from IDS V4 due to use of
un-indexed DB2 column in replication migration when server starts.

APAR IO02961 (CMVC 92607)
Server will deadlock when deleting an entry which is a member of the
same group(s) as the Bind_DN

APAR IO02962 (CMVC 92673)
Memory leak in LDAP client library if SSL operation fails with return
code 116 (LDAP_SSL_HANDSHAKE_FAILED)

APAR IO02964 (CMVC 92502)
asynchronous unbind may deadlock server

APAR IO02999 (CMVC 92709)
IDS 6.0 server leaks memory in replication conflict resolution

APAR IO03005 (CMVC 92741)
Allow ACLs on cn=changelog

APAR IO03053 (CMVC 93054)
TDS 6.0 db2ldif with -t -k parameters may ABEND

APAR IO03064 (CMVC 92471)
different handling for failed_create_topology msg

APAR IO03068 (CMVC 92473)
editing admin group member on os/400 produces null pointer exception

APAR IO03069 (CMVC 92678)
idswebapp add/edit user creates entries with empty values

APAR IO03076 (CMVC 92760)
When using a webadmin and the language is Portuguese, adding attribute
types of sensitive or critical get translated to "sensativa" and
"critica"

APAR IO03199 (CMVC 92671)
ldapexop skip of nonexistent entry cores server

APAR IO03202 (CMVC 92368)
"ldaptrace -d" without a value gives erroneous error message:
"Insufficient access"

APAR IO03203 (CMVC 92688)
Use FormatMessage() to log winsock error descriptions

APAR IO03206 (CMVC 92751 92835)
New user is able to perform modifies before setting/resetting
their password.

APAR IO03219 (CMVC 92694 92695)
Corrected error in Linux install script that prevented product
install on Linux platforms.

APAR IO03290 (CMVC 89055)
Server allows an objectclass and attribute to have the same OID

APAR IO03292 (CMVC 92745)
ex-ops on log files don't audit the type of file

APAR IO03294 (CMVC 92765)
Problems w/ '#' in DN after migrating from 4.1 or earlier

APAR IO03301 (CMVC 92651)
Failed login which triggers passwordMaxFailure account lock may
receive incorrect error code.

APAR IO03305 (CMVC 92525)
Bulkload load script echo's DB2 user password

APAR IO03306 (CMVC 92608)
ddsetup tool fails reading the first entry in the LDIF file

APAR IO03307 (CMVC 92681)
memory leak in server and admin daemon

APAR IO03308 (CMVC 92698)
Add clause "MINPCTUSED 10 ALLOW REVERSE SCANS" to db2 indexes

APAR IO03309 (CMVC 92719)
Bind using Kerberos may ABEND server after applying IO02391

APAR IO03310 (CMVC 92451 92841)
Webadmin Manage Objectclasses does not FIND first entry

APAR IO03311 (CMVC 92449 92769)
pwdFailureTime is logged twice upon failed login from webadmin

APAR IO03312 (CMVC 92469)
Error adding repl. agreement leaves server in quiesced state

APAR IO03313 (CMVC 92472 92783)
Webadmin fails to change pwd of admin group member

APAR IO03334 (CMVC 91948)
Default connection pool size in Proxy panels should be increased

APAR IO03335 (CMVC 92625)
Log a warning if an unindexed attribute is used in search filter

APAR IO03338 (CMVC 92785)
Improve search performance for "!" filters

APAR IO03339 (CMVC 92825)
log error when write socket times out

APAR IO03376 (CMVC 92833)
SSL handshake from <ip address> failed. Connection denied.

APAR IO03381 (CMVC 92770)
IDS server might exit or not startup if audit log grows >2GB

APAR IO03383 (CMVC 92647)
An invalid search filter could crash or destabilize the server

APAR IO03513 (CMVC 92935)
backup .ksf key stash file created by idsdbback may be corrupt

APAR IO03689 (CMVC 92868)
"idsicrt" fails on Windows after applying APAR IO02167

APAR IO03691 (CMVC 92794 93154)
ldap_compare does not report expired pwd if bound as admin

APAR IO03692 (CMVC 92300)
Server may not return correct referral in some situations

APAR IO03693 (CMVC 92867)
Improve search performance for "!" filters (part 2)

APAR IO03697 (CMVC 92911)
db2ldif -j should not export operational pwdPolicy attributes

APAR IO03698 (CMVC 92923)
Improve performance for searches on "objectclass" attribute

APAR IO03710 (CMVC 92444)
slapi_XXX_internal() updates are not logged to the change log

APAR IO03711 (CMVC 92761)
Password expiration may not account for prior leap years

APAR IO03713 (CMVC 92899)
ldapmodify allows invalid LDIF input

APAR IO03741 (CMVC 92546 92554 92562 92603 92711 92749 92758)
Enable a configuration procedure to allow for zLinux a 64-bit DB2 server
to operate as the LDAP server back-end repository.

APAR IO03759 (CMVC 93041 93070)
Bugtraq ID: 16593 "... LDAP Memory Corruption Vulnerability"
http://www.securityfocus.com/bid/16593/info

APAR IO03760 (CMVC 93080)
out-of-memory error may go undetected in filter processing

APAR IO03783 (CMVC 93316 93564 93647 93650 93663)
"rc=-1 Unknown error" starting slapd w/ ibmdirctl

APAR IO03861 (CMVC 93362)
Proxy does not return DN if ibm-allGroups is requested

APAR IO03882 (CMVC 93039)
ABEND adding admin group member leaves 0 byte ibmslapd.conf

APAR IO03885 (CMVC 92805)
Proxy does not update global admin group when members are del

APAR IO04000 (CMVC 93234)
conflict resolution removes replica ACLs

APAR IO04199 (CMVC 93290)
v60 migration fails with error GLPRB001E

APAR IO04202 (CMVC 93116)
LDAP_OPERATIONS_ERROR when setting aclpropagate incorrectly

APAR IO04203 (CMVC 93246 93513)
DIGEST-MD5 bind fails for username containing French characters

APAR IO04206 (CMVC 93023)
Attribute cache may not find entry after moddn with new superior

APAR IO04208 (CMVC 93119)
proxy returns wrong value of opscompleted in monitor search

APAR IO04209 (CMVC 93137)
-u option should not be required for idsdnpw command

APAR IO04210 (CMVC 93293)
Minimum supported GSKit level is 7.0.3.24

APAR IO04214 (CMVC 93140 93398 93400 93412 93423)
Error reading ldap_user_info file across 32bit/64bit mode

APAR IO04227 (CMVC 93224)
"Error code 67" when changing RDN in "Modify Entry" panel

APAR IO04251 (CMVC 93323)
ibm-allGroups may return rc=90 (LDAP_NO_MEMORY)

APAR IO04277 (CMVC 92991)
6.0 Proxy should not send updates to "forwarder" servers

APAR IO04317 (CMVC 93383)
modify-delete & modify-add in 1 operation fails on 64-bit server

APAR IO04546 (CMVC 93475 93636)
s390_linux_2_sl9_x86 build missing certain file and address the
compile flag (-D_GCC3) was missing from makefile.ex

APAR IO04733 (CMVC 93336)
admin password policy should not be disabled in safe mode

APAR IO04739 (CMVC 93428)
memory leak in server and admin daemon

APAR IO04742 (CMVC 93458)
leading TABs in Binary values may be corrupted

APAR IO04744 (CMVC 93498)
some audit log records may be corrupted/missing on windows

APAR IO04761 (CMVC 93640)
LDAP server fails converting DN from UTF8 to local code page due
to failure in locking a mutex

APAR IO04765 (CMVC 93685 93688)
As an enhancement to serviceability for the Proxy Server, log a
message for each successful TCP connection opened

APAR IO04781 (CMVC 93447)
ldif2db load time grows exponentially if replication is
configured

APAR IO04783 (CMVC 93437 93445)
Data Linkage Table (+z) overflow on HP-UX

APAR IO04787 (CMVC 93774 93838)
multi-threaded replication may ABEND 6.0 repl supplier

APAR IO04808 (CMVC PXY_LIB)
Proxy server may crash (ABEND) under stress

APARs from 6.0.0-TIV-ITDS-FP0001 (6.0.0.1 / 3.0001)
--------------------------------------------------------

APAR IO01169 (CMVC 92037)
OnExpand throws "Administrative limit exceeded" exception.

APAR IO01480 (CMVC 91960)
Web Admin Manage Memberships - Browse Groups is broken.

APAR IO01481 (CMVC 92026)
Automatic creation of replication topology fails when 6.0 web admin is
connected to pre 6.0 server and replica is added.

APAR IO01482 (CMVC 91968)
Web Admin is unable to create an SSL connection.

APAR IO01484 (CMVC 92133)
Web Admin console connection to LDAP Server over SSL does not work.

APAR IO01485 (CMVC 92114)
Invalid characters displayed for percentage of cache used in web admin.

APAR IO01486 (CMVC 92108)
Web Admin adding servers with a colon as part of the hostname causes
failure in future login attempts.

APAR IO01488 (CMVC 92036)
Web Admin user template for a realm may display duplicate attribute names.

APAR IO01558 (CMVC 92251)
If missing TDS 6.0 definitions for Tivoli Access Manager specific attributes,
the server will not start after a migration.

APAR IO02274 (CMVC 91795)
An attribute name in an entry is changed to lower case after a modify.

APAR IO02275 (CMVC 91904)
Password Policy used 30 days in a month for password expiration.

APAR IO02276 (CMVC 91937)
LDAP server leaks memory if incoming search requests include non-existing
attributes in the search filter.

APAR IO02277 (CMVC 92125)
TDS dynamic tracing does not properly close the output trace file.

APAR IO02278 (CMVC 91946)
Use WINSOCK API to report communications errors on Windows.

APAR IO02279 (CMVC 91981)
Remove exception handler routine introduced as resolution to IR54428.

APAR IO02280 (CMVC 92017)
Modifying ibm-slapdAdminGroupMember objects causes the LDAP server to abend.

APAR IO02281 (CMVC 92020)
Java LDAP clients fail to establish an SSL connection if socket read is
non-blocking.

APAR IO02284 (CMVC 92021)
Java LDAP clients attempting an SSL connection using LDAP V2 protocol
fail with rc=116.

APAR IO02285 (CMVC 92055)
Paged search abends the LDAP server if running with trace enabled.

APAR IO02286 (CMVC 92067)
LDAP unbind operation is slow to complete.

APAR IO02287 (CMVC 92084)
Modify-replace with a NULL value is replicated as an empty string.

APAR IO02288 (CMVC 92100)
For certain extended operations, the LDAP server audits an invalid
return code.

APAR IO02289 (CMVC 92105)
Using the C LDAP client library, a client is limited to PTHREAD_KEYS_MAX
connections.

APAR IO02290 (CMVC 92115)
LDAP Server abends if running with audit log enabled.

APAR IO02291 (CMVC 92131 92429)
Improved formats for AIX debug output and trace flow output.

APAR IO02292 (CMVC 92149)
Requests to unbind a connection by IP should return no such object
if the IP is invalid.

APAR IO02293 (CMVC 92153)
LDAP server hangs (deadlock) when processing an LDAP transaction
containing 2 or more ADD operations.

APAR IO02294 (CMVC 92165)
Internal modifies are not replicated if changelog is enabled.

APAR IO02295 (CMVC 92183)
Return non-normalized DNs for an ibm-allGroups and ibm-allMembers
search.

APAR IO02296 (CMVC 92189)
LDAP server hangs (deadlock) if there is a failure normalizing values and
the associated cached entries are not removed.

APAR IO02297 (CMVC 92193)
LDAP server is unstable if REOPT=4 is set in DB2CLI.INI using DB2 8.1/8.2
Fix Pack 9.

APAR IO02298 (CMVC 92194)
When auditing is enabled the LDAP server abends on an add operation with
a null DN, or with other malformed ber.

APAR IO02299 (CMVC 92209)
Modify-delete and Modify-add of INTEGER values fail in finding the specified
value in the database backend.

APAR IO02300 (CMVC 92220 92252)
ibm-allmembers is not evaluated for a nested group.

APAR IO02301 (CMVC 92241)
Modify-delete or Modify-replace of an object class from the schema is slow
for a large directory.

APAR IO02302 (CMVC 92260)
ldap_unbind function sleep is longer than the intended duration.

APAR IO02303 (CMVC 92263)
LDAP server abends if modrdn is in a transaction.

APAR IO02304 (CMVC 92275)
ibmdiradm process abends when ldaptrace is executed.

APAR IO02305 (CMVC 92280)
SSL handshake does not timeout correctly.

APAR IO02306 (CMVC 92288)
With anonymous binds not allowed, SASL EXTERNAL authentication with DN from client
certificate fails stating Invalid Credentials.

APAR IO02307 (CMVC 92290)
When a transaction fails, the LDAP server leaks memory.

APAR IO02308 (CMVC 92334)
LDAP server leaks memory performing an unbind operation.

APAR IO02318 (CMVC 92400 92441)
Audit Log does not include all entries that it should.

APAR IO02321 (CMVC 92477)
SSL timeout introduced as resolution for IO02305 must be configurable.

APAR IO02323 (CMVC 82652)
STRUCTURAL objectclass schema definition with no SUP should identify superior as top.

APAR IO02329 (CMVC 91893)
LDAP server memory leak occurs when the Emergency Thread runs.

APAR IO02333 (CMVC 91942)
On Linux RH4 ibmdiradm returns error in all cases upon starting the LDAP server.

APAR IO02343 (CMVC 91965)
LDAP server memory leak occurs when modifying the server configuration.

APAR IO02346 (CMVC 91988)
APIs in the C-client library on AIX query DNS even if IP address is provided.

APAR IO02351 (CMVC 92038)
Installation fails for server and client packages on Linux (RHEL 4).

APAR IO02353 (CMVC 92063)
Replication of cn=ibmpolicies replication topology entries should not occur if
replicating to downlevel servers.

APAR IO02355 (CMVC 92119)
Modifying an aclentry value which has many characters results in a corrupted ACL
in the LDAP server.

APAR IO02356 (CMVC 92132)
Replication add conflict resolution can fail with entrycache size set to zero.

APAR IO02360 (CMVC 92147)
Admin daemon (ibmdiradm) on AIX is not recording the correct client IP address.

APAR IO02365 (CMVC 92148)
Client package must pre-req ksh on Linux

APAR IO02366 (CMVC 92151)
LDAP server will not start after migration from 4.1 due to duplicate entries in
the schema files.

APAR IO02367 (CMVC 92160)
Replication schedule events do not work correctly.

APAR IO02368 (CMVC 92212)
LDAP server through internal subroutine calls truncates ACL strings.

APAR IO02369 (CMVC 92216)
Enhance the proxy server to allow modifications of split container entries when
there is only 1 partition.

APAR IO02370 (CMVC 92218)
Password policy attributes are missing on replica after a refresh add due to
replication conflict.

APAR IO02371 (CMVC 92219)
ldap_rename in a transaction causes the renamed entry to become unusable in
subsequent operations.

APAR IO02372 (CMVC 92221)
Objectclass type changes are allowed even though entries using that objectclass
are present.

APAR IO02373 (CMVC 92158 92223)
DDsetup tool fails to create file greater than 2GB on solaris 10.

APAR IO02374 (CMVC 92232)
ACL resolution using groups is not operating correctly through the proxy server.

APAR IO02375 (CMVC 92233)
Pre-reqing of X11 fileset has moved from AIX client packages and now is in the
ldap.java package.

APAR IO02376 (CMVC 92247)
Replication fails with insufficient access during recovery after a replication
conflict.

APAR IO02377 (CMVC 92248 92249 92250)
Compare, delete, and modrdn operations do not correctly operate through proxy if
called by a non-administrative user.

APAR IO02378 (CMVC 92255 92335)
Proxy server abends processing an ibm-allgroups search.

APAR IO02379 (CMVC 92256)
LDAP server hangs (deadlock) if number of add operations in a transaction exceed
maximum number of operations.

APAR IO02380 (CMVC 92269)
LDAP server hangs (deadlock) if modifying the cn=pwdpolicy entry in a transaction.

APAR IO02381 (CMVC 92271)
AIX Server package might not install DB2 license - packaging now pre-reqs the DB2
package.

APAR IO02382 (CMVC 92299)
LDAP server memory leak occurs when server is replica and is processing search or
compare operations.

APAR IO02383 (CMVC 92301)
LDAP server referral cache is not updated when processing modrdn operations.

APAR IO02384 (CMVC 92312 92313)
Provided support for SASL authentication CRAM-MD5 and DIGEST-MD5 must have means
to be disabled.

APAR IO02385 (CMVC 92321)
Proxy server abends when processing a DIGEST-MD5 authentication.

APAR IO02386 (CMVC 92322)
Prior to unlocking an admin account lockout, make sure admin bind from Web Admin
includes source ip control.

APAR IO02387 (CMVC 92329)
Proxy server does not correctly process attribute only searches.

APAR IO02388 (CMVC 92347)
Event notification requests are not audited if the event notification plugin is
not loaded.

APAR IO02389 (CMVC 92392)
LDAP server experiences memory corruption with base scoped paged searches or with
filter cache configured.

APAR IO02390 (CMVC 92414 92483)
Add an environment variable named IBMSLAPD_REPL_RESTRICTED_ACCESS used to restrict
access to replication objects.

APAR IO02391 (CMVC 92435)
LDAP server memory leak after DIGEST-MD5 bind fails.

APAR IO02392 (CMVC 92437)
LDAP server memory leak on Window in message writing routine slapi_printmessage().

APAR IO02393 (CMVC 92443)
LDAP server abends when processing a transaction which includes multiple updates.

APAR IO02394 (CMVC 92457)
DDsetup tool makes all DNs uppercase in the output LDIF files.

Created/Revised by	Date of Creation/Update	Summary of Changes
brookh	2012/12/28	document created