IBM Support

ibm-svdi-10.0.0.1

Fix Readme


Abstract

This Fix Pack contains fixes for ISVDI 10.0.0.

Content

IBM Security Verify Directory Integrator Version 10.0.0 Fix Pack 1

Contents
ABOUT THIS FIXPACK

This fix pack can be applied over ISVDI 10.0.0 GA on all supported platforms for ISVDI 10.0.0.

Consult the readme file ibm-svdi-10.0.0.1_README.html for complete instructions and information.


Prerequisites and corequisites

  • ISVDI 10.0.0 GA should be installed.
  • IBM JVM 17 is required for applying the fix pack.
 

Notes about updates made in ISVDI Fix Pack 1

  • ISVDI Fix Pack 1 onwards, added support of Windows Server 2019 Datacenter operating system.
  • ISVDI Fix Pack 1 onwards, RXA 2.3 jars shipped in ISVDI have been updated to the RXA fix pack version 2.3.0.16.
  • ISVDI Fix Pack 1 onwards, If Configuration Editor is updated then you can see the upated SDI CE version under the Help menu. If CE is not updated in the fixpack, previous updated SDI CE version is displayed under the Help menu.

TADDM Connector and log4j

  • The TADDM Connector depends on TADDM SDK.
  • The TADDM API JAR files are not shipped with IBM Security Verify Directory Integrator, and must be installed separately.
  • The TADDM API jar files depends on log4j v1. This may not interoperate with ISVDI, which is using log4j v2.

Properties

  • The property com.ibm.di.suppressSchema=true will not save schema items in the configuration file.
    • The schema items are mainly used for building the solution. When an attempt is made to transfer with RMI a ISVDI configuration file having large number of schema items, a stack overflow error may be thrown.
    • This could happen e.g. between the Configuration Editor and the server.
    • See http://www.ibm.com/support/docview.wss?uid=swg21623396. for description.

    • ## ----------------------------------
      ## Suppress Schema
      ## ----------------------------------
      com.ibm.di.suppressSchema=true
  • The property com.ibm.di.SSLProtocols and com.ibm.di.SSLServerProtocols will enable only those protocols mentioned against these properties.
    • Setting these property to TLSv1.2, TLSv1.3 will ensure that TLS protocol cannot be negotiated down to SSL. These properties should be added to the existing solution.properties.
    • For maximum security, only TLSv1.3 should be used, if possible.

    • ## ----------------------------------
      ## Protocols to use for SSL
      ## ----------------------------------
      com.ibm.di.SSLProtocols=TLSv1.2, TLSv1.3
      com.ibm.di.SSLServerProtocols=TLSv1.2, TLSv1.3
  • Property named com.ibm.di.logging.close. It is boolean type. Its value can be true or false. Follows the description when to use it.
    • If there are no logging-related issues, it is unnecessary to add the property com.ibm.di.logging.close to the etc/global.properties file found in Fix pack 11 onwards. The default value for this property is true.
    • In a scenario where a single logger is consistently used by a single assembly line (AL) running under the ISVDI server instance at any given time, if the AL explicitly closes this logger before adding a new one, including the line com.ibm.di.logging.close=true in the etc/global.properties file will result in the ISVDI shutting down the currently opened single logger.

    • ## ----------------------------------
      ## Logging close property
      ## ----------------------------------
      com.ibm.di.logging.close=true

    • If there are multiple loggers used by either multiple or single AL(s) running under the ISVDI server instance, it is advisable to append the line com.ibm.di.logging.close=false in the etc/global.properties file. By adding this property, ISVDI will ensure the logger(s) are shutdown during the JVM shutdown process.
      ## ----------------------------------
      ## Logging close property
      ## ----------------------------------
      com.ibm.di.logging.close=false

  • List of fixes

  • Security Fixes in FEDERATED DIRECTORY SERVER
    Security Fixes in Enhanced existing password encryption method in password synchronization plugin
    DT247588            Logging was not working properly
    DT240782            {solution_directory}/etc/log4j2.xml is not recognized
    DT237908            ISVDI can't establish connection to Maximo 7.6.1.3
    DT237747            Delta store has naming issues when invalid characters in the delta store name
    DT272034            Error while connecting to Maximo using TPAE IF connector
    DT271991            Fixed HTTPParser

[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSXZ8BA","label":"IBM Security Directory Integrator"},"ARM Category":[{"code":"a8m0z0000001hGKAAY","label":"@Readme"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"10.0.0"}]

Product Synonym

ISVDI SDI TDI

Document Information

Modified date:
03 April 2024

UID

ibm17145511

Page Feedback