Results 1 to 8 of 8

Thread: Breaking News: eDirectory 9.0 released!

Threaded View

  1. Lightbulb Breaking News: eDirectory 9.0 released!

    I didn't see any announcement yet, but today I found that eDirectory 9 release and available for download!

    New Features
    The eDirectory 9.0 includes new features, enhancements, and support for latest platforms across eDirectory components.
    • Suite B Support

    This release introduces support for configuring eDirectory to use the cryptographic algorithms that Suite B mandates. Suite B is a set of cryptographic algorithms standardized by the National Security Agency (NSA) to allow commercial products to protect traffic that is classified at secret or top secret levels. The Suite B algorithms ensure the security of classified and unclassified information passed through public networks.

    Note: Suite B standard is subject to change. Be aware that NSA (National Security Agency) may change their recommendations in future. Suite B support in eDirectory 9.0 is based on our interpretation of NSA recommendations.

    • Enhanced Background Authentication

    This release introduces a standards-based background authentication mechanism, called Enhanced Background Authentication for single sign on within eDirectory. This mechanism enables you to overcome the limitations of proprietary Background Authentication material. Using EBA, eDirectory issues users an X.509 certificate as the BA material and the BA protocol uses TLS version 1.2 for mutual authentication. EBA will be disabled by default.

    • Federal Information Processing Standard 140-2 Certification

    eDirectory 9.0 leverages the Federal Information Processing Standards (FIPS) 140-2 compliant features to meet the security requirements of U.S. Federal agencies and customers with highly secure environments.

    • Proxied Authorization Control

    eDirectory now provides you the flexibility for controlling proxy authorization through the LDAP protocol as mentioned in the RFC 4370. Proxied authorization control allows a client to request that an operation be processed under a provided authorization identity instead of under the current authorization identity associated with the connection. The Proxied Authorization Control provides a mechanism for specifying an authorization identity on a per-operation basis, benefiting clients that need to perform operations efficiently on behalf of multiple users.

    • Monitoring

    This release introduces a LDAP search method to retrieve the real time statistics for eDirectory subsystems and background processes such as Threadpool, Connection Table, Dclient, DS Agent, and LDAP Server. By using this common interface, an eDirectory administrator can monitor the status of eDirectory modules and operations. eDirectory supports this feature on LDAP protocol and only an LDAP client can place requests for monitoring data.

    • Container Readiness

    eDirectory 9.0 no longer allows automatic containerization of attribute however, it provides you the flexibility for controlling the containerization of attributes to separate attribute containers. If you searched for an attribute during the movement of that attribute to the attribute containers, LDAP search displayed 6029 error for that attribute. Also, the automatic containerization of attributes could delay the movement of attributes depending on the size of the database. An administrator now can schedule the attribute containerization as required.

    • Enhanced Nested Groups

    The enhanced Nested Groups feature allows a dynamic group or a nested group to be a member of another dynamic group to be nested to many levels. It is also possible to assign the ACL rights to the member objects of the nested groups.

    • eDirectory Enhancements

    Performance Enhancement in Nested Groups
    This release improves the performance of searching large number of nested groups that do not have any nested group members associated with them.

    • Replication Performance Enhancements

    To communicate among various servers, eDirectory uses Netware Core Protocol (NCP) as the communication protocol. In previous releases, the maximum packet size that NCP allowed was 64 KB, which limited the maximum throughput when data was transferred over NCP. This release improves the ability of NCP to handle packet size up to 1 MB, which enables eDirectory to synchronize up to 1 MB data in a single packet. eDirectory starts synchronizing with 64 KB packet size and increases the packet size based on the remaining data to be synchronized. This significantly improves the replication performance.

    • Change Cache Rebuild

    This release maximizes CPU utilization that significantly reduces the rebuild time of the change cache.

    • Immediate Data Synchronization Process

    In previous releases of eDirectory, eDirectory accumulated data changes for five minutes or longer before the Skulker process was scheduled. With eDirectory 9.0, Skulker has been enhanced to schedule immediately after the data transaction completes successfully.

    • Optimized Janitor Thread for Inherited ACL Calculation

    In this release, the Janitor thread is enhanced to process the ACLs sequentially from the partitions. This enables the Janitor thread to immediately release the DIB lock. When the DIB is optimally locked, it remains available for other operations. For more information about inherited ACLs, see eDirectory Rights in the NetIQ eDirectory Administration Guide.

    For a complete list of the new features and enhancements in 9.0 and previous releases, see eDirectory 9.0 What's New Guide.
    Last edited by al_b; 23-Feb-2016 at 04:00 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts