OpenText Directory Services 20.4.2 - Release Notes

Open Text Directory Services
Release Notes
20.4.2
Product Released: 2020-11-30
Release Notes Revised: 2021-02-23

Contents
1 Introduction .................................................................................................................................... 4
1.1 Release Notes revision history .................................................................................................. 4
2 About Open Text Directory Services ............................................................................................ 6

2.1 New features.............................................................................................................................. 6
New Features in OTDS 20.4.2 ..................................................................................... 6
2.2 Discontinued and deprecated features .................................................................................... 10
3 Packaging and documentation ................................................................................................... 10

3.1 Packaging and delivery information ........................................................................................ 10
3.2 Related documentation ............................................................................................................ 10
3.3 Documentation errata .............................................................................................................. 11
4 Supported environments and compatibility .............................................................................. 11

4.1 Supported systems .................................................................................................................. 11
Java Environment ....................................................................................................... 11
Open Text Directory Services 20.4.2 Release Notes 2

Apache Tomcat ........................................................................................................... 12
IBM WebSphere ......................................................................................................... 12
Enterprise Directories and Third-party Web Access Management Products ............. 12
Supported Operating Systems ................................................................................... 13
Supported Virtualization Platforms ............................................................................. 14
Supported Browsers ................................................................................................... 14
4.2 OpenText product compatibility ............................................................................................... 14
4.3 Language support .................................................................................................................... 15
5 Installation and upgrade notes ................................................................................................... 15

5.1 Installation notes ...................................................................................................................... 15
5.2 Upgrade notes ......................................................................................................................... 16
6 Patches ......................................................................................................................................... 16
6 Hotfixes ......................................................................................................................................... 16
7 Fixed Issues .................................................................................................................................. 17
8 Known issues ............................................................................................................................... 28
9 Contact information ..................................................................................................................... 29

1 Introduction
These Release Notes provide an overview of Open Text Directory Services 20.4.2, including new
features, delivery information, and supported platforms.
OpenText recommends that you read these Release Notes in conjunction with the documentation
included with the software package. If any conflicts exist, the Release Notes supersede the other
documentation.
We also recommend that you check OpenText My Support (https://support.opentext.com) for any
patches or documentation updates that may have been posted after the initial release of this product.
1.1 Release Notes revision history

Revision date Sections revised Description of revisions
2016-03-15 First release. All new content.
2016-03-31 Installation Notes, Note about an upgrade conflict on Windows

Known Issues when files are in use.
2016-04-12 Supported Environments Added Oracle Access Manager to the WAM

support list
2016-05-26 Patches, Fixed & Known Updates for OTDS 16.0.1 (OTDS-1600-001)
Issues
2016-09-24 Patches, Fixed & Known Updates for OTDS 16.0.2 (OTDS-1602)
Issues
2016-10-14 All sections. Edits to formatting.
Issues
Issues
2017-04-28 All sections. Edits to formatting and version fixes.
2017-06-01 Patches, Fixed & Known Updates for OTDS 16.2.1 (OTDS-1621-EP2)
Issues
2017-06-21 Documentation Errata Added a new documentation update.
2017-09-06 Patches, Fixes & Known Updates for OTDS 16.2.2 (OTDS-1622-EP2)
Issues
2017-12-06 Patches, Fixes & Known Updates for OTDS 16.2.3 (OTDS-1623-EP2)
Issues

2018-03-13 Patches, Fixed & Known Updated for OTDS 16.2.4 (OTDS-1624-EP2)
Issues
Virtualization support for ESXi Windows Server
Updated Platform 2016
support
2018-06-15 Patches, Fixed & Known Updated for OTDS 16.4.1 (OTDS-1641)
Issues
TomEE Support added directly for clarification.
Updated Platform Support present since OTDS 16.0.1.
Support
2018-08-27 Known Issues Updated Issue with JDK 8U181
Issues
Issues
Added deprecated support of Java 7 to section
2.2.
Issues
Updated Java support versions to be clearer
Issues
2019-09-20 Supported Operating Updated for OTDS 16.6.2 (OTDS-1662)

Systems, Patches, Fixes
& Known Issues
2019-12-20 Patches, Fixes, & Updated for OTDS 16.6.3 (OTDS-1663)

Known Issues, Notes
2020-01-14 Supported Systems Note regarding Load Balancing and

Synchronization

2020-02-18 Patches, Fixes, Known Update for OTDS 20.1.1 (OTDS-2011),

Issues, and Support Deprecation of HPUX and AIX support.
Systems
2020-03-20 Patches, Fixes, Known Update for OTDS 20.2.1 (OTDS-2021)

Issues
2020-05-08 Patches, Fixes, Known Update for OTDS 20.2.2

Issues

Issues, Supported AD

Issues

Issues
2020-10-30 Section 2.2 OTDS no longer runs OpenDJ internally.

Discontinued and
deprecated features
2020-11-30
2 About Open Text Directory Services

Open Text Directory Services 20.4.2 manages user and group identity information for OpenText
components. OTDS contains services for identity synchronization and provides single sign on for
other OpenText components.
2.1 New features

All OTDS updates are cumulative and include the features and fixes from previous updates. Open
Text Directory Services 20.4.2 includes the following new features
New Features in OTDS 20.4.2

• Container Enhancements

• Support for scheduled backup of containers
• Licensing support for ExStream 20.4

• Enhanced container support

• Support for Active Directory 2019
• Support for 2-factor authentication for service accounts
• Partition consolidation notifications
• Password blacklist support (block defined common passwords)
• Email notification upon manually created accounts (non-synchronized)

• Configurable option to redirect non-existing users to a configured URL
• SCIM enhancements
• Audit forgot password requests
• Container enhancements

• Configurable option for Duo username format
• Single user consolidation now restores group memberships

• Added ability to set SameSite attribute on OTDS cookies
• Shareable unique ID per OTDS cluster (replicated instance)
• Configurable “Allowed domains setting” for specific authentication domain bindings
• Password configuration message enhancements
• Ability to enable multi-factor auth based on external IP Address
• Symantec VIP 2-Factor Authentication Support
• Support for empty roots for naming context (eDirectory 9.1.2)
• Web Admin now shows an action spinner when items are loading

• Display password expiry date in OTDS Admin UI
• New OTDS default administrative group name: otdsbusinessadmins

• Confirmed support for Windows Server 2019
• Support SAML2 and JWT profiles for obtaining OAuth tokens (RFC7521/7522/7523)

• “Keep me signed in” functionality on login page
• Configure custom attributes on OAuth client view
• API to return all members of a group recursively

• LinkedIn and Yahoo authentication handlers use the OAuth 2.0 protocol. Previously, they used the
OAuth 1.0 protocol.

• New partitions attributes options

• Java 11 Support
• SCIM 2.0 Push Connector
• Installation Enhancements

• OpenID Connect Support
• Support of OAuth token exchange
• Login page enhancements for electronic signatures

• Application Roles Support
• Java 9 Support
• OAuth Enhancements

• Reporting
• System Monitoring
• Advanced Docker Support (YAML)
• Microsoft AzureAD Support (No hotfix required)

• Microsoft Active Directory 2016 Support
• Notifications
• Microsoft AzureAD Support (Hotfix004 required:
https://knowledge.opentext.com/knowledge/llisapi.dll?func=ll&objId=70003809&objAction=browse
&viewType=1)

• Recycle Bin for non-synchronized partitions
• Multi-tenancy improvements
• Support for single sign out
• Support for disabling partitions

• Real time Job Status
• Recycle Bin (User Recovery)
• SCIMv2 Support
• Software Protection Services (SPS)

• SASL LDAP (GSSAPI) Binding Support
• Two-Factor Authentication Enhancements
• REST API Enhancements
• Support of static attribute mappings in Active Directory
• Performance Enhancements to OpenDJ

• Tomcat 8.5 and Tomcat 9 support.
• Support for the import of users and/or groups using XML.
• New email customization options.
• New display columns (User ID and User Name).
• Enhancements to OTDS REST API and SAML.
• Added new system attribute “directory.auth.BaseURL” to allow a configurable OTDS login page.
• Support for javascript in the Format column of a resource.

• New OAuth client configuration option.
• New user and group attribute filter in a synchronized user partition.
• New feature to create a duplicate synchronized user partition.
• Support for Department mapping for Content Server resources.
• New AccountDisabled attribute mapping has been added to the Content Server resource.
• Support for IP address and subnet filtering for the Negotiate authentication handler.
• Support for SiteMinder-generated SAML metadata.
• Support for TomEE+ 8.0.0 or newer.

• OpenText replaces Content Server Directory Services in Content Server V16. Administrators of
Content Server now select whether to install an internal version of OTDS or configure an external,
stand-alone version.

• OTDS has implemented the OpenText Global Help Server, available from the web-based
administration page. This provides users with live access to the latest version of the OTDS online
help.
• Support for OpenText licenses. OTDS now ships with Software Protection Services to handle
OpenText licenses. Currently only Archive Center 16 is supported for licensing.
• New options available to customize the OTDS login page.
2.2 Discontinued and deprecated features

The following features are discontinued in this release:
• Java 7 is not supported with OTDS 16.4.3 and above.

• Support for the OpenText Administration Client was withdrawn with the release of OpenText
Directory Services 16.0.0. The OTDS web-based administration has been available since the
OTDS 10.5.0 SP1 release. Please refer to the OTDS Installation and Administration guide for
more details.
• Beginning with OTDS 20.2.1, to allow for a more secure deployment, OTDS will no longer run
OpenDJ internally. This separation allows you to choose to run OpenDJ under one account, while
OTDS under Tomcat runs under a more restricted account that has more limited rights and
permissions. For more information, see the OTDS Installation and Administration guide.
• As of OTDS 20.1.1, HPUX and AIX installation files will no longer be posted to MySupport.
• OpenText recommends the use of RESTAPIs for all OTDS integrations rather than older
mechanisms such as SOAP.
3 Packaging and documentation

Downloads and documentation for Open Text Directory Services are available on OpenText My
Support (https://support.opentext.com).
Note
Documentation that is installed with the product or packaged with the
product download is current at the time of release. Documentation
updates made after a release are available for download on OpenText
My Support (https://support.opentext.com).
3.1 Packaging and delivery information

The software and documentation for Open Text Directory Services includes:
• OpenText Directory services 20.4.2 is available for download from MySupport.
3.2 Related documentation

For additional information about Open Text Directory Services, or for supplemental information about
related products, refer to the following documents, which are available on OpenText My Support
(https://support.opentext.com).

3.3 Documentation errata
There are currently no documentation issues
4 Supported environments and compatibility

This section provides details about supported platforms, systems, and versions.
4.1 Supported systems

Note: Only the products and versions specified in the Release Notes are supported. Other versions
have not been tested and are therefore not officially supported for this version. The Release
Notes contain the definitive list of supported versions. Any other versions mentioned in the
product documentation are superseded by the versions specified in the Release Notes.
If no service pack, maintenance level, patch level or similar is explicitly mentioned for a
specific software version, then OpenText supports all released by the manufacturer for this
version, unless explicitly stated otherwise. However, new major releases of platform
components are not automatically supported.
Note: OTDS does not support load balancers for Enterprise Sync. Load balancers are only
supported for authentication requests.
Java Environment
JDK/JRE downloads are available at: http://www.oracle.com/technetwork/java/javase/downloads/index.html.
Note: 64-bit release of JDK/JRE is required.
Java Edition Supported Version
Java 8 Java 2 Platform Standard Edition Development

Kit 8.0 (JDK 8.0) or
Java 2 Platform Standard Edition Runtime
Environment 8.0 (JRE 8.0) – Update 65 or later.
Java 9 Java 2 Platform Standard Edition Development

Kit 9.0 (JDK 9.0) or
Java 2 Platform Standard Edition Runtime
Environment 9.0 (JRE 9.0)
Java 11 Support for Oracle Java 11
OpenJDK OpenJDK 8.0 can be used with all supported

Linux Windows platforms – Update 66 or later
for Linux
OpenJDK 11 Support for OpenJDK 11

Apache Tomcat
Apache Tomcat 8.0 downloads are available at: http://tomcat.apache.org/download-80.cgi.
Note: 64-bit release of Apache Tomcat is required.
Apache Tomcat Edition Supported Version
Apache Tomcat 8 Apache Tomcat 8.0.28 is supported as of the

initial release of OTDS 16. Subsequent Tomcat
8.0 releases will also be supported, unless
otherwise stated.
Apache Tomcat 8.5 Supported
Apache Tomcat 9.0 Supported
Apache TomEE+ 8.0.0 or newer Beginning with the OTDS 16.0.1 release, OTDS
supports the TomEE+ 8.0.0 or newer application
server.
IBM WebSphere
IBM WebSphere 8.5.5 is supported as of the initial release of OTDS 16.0.0.
Enterprise Directories and Third-party Web Access Management

Products
OpenText Directory Services 16 was successfully tested and is supported for user synchronization
and authentication with the following Enterprise Directories:
Vendor Enterprise Directory Version Type

Microsoft Active Directory Domain Services 2003-2019 AD
Active Directory LDS LDAPv3
Oracle Directory Server Enterprise Edition 11g LDAPv3
Internet Directory (OID) 11g
Novell eDirectory 8.8 LDAPv3
IBM Domino 8.5 LDAPv3
Tivoli Directory Server 6.3
Apache Directory Server 2.0 LDAPv3

Note: When using Oracle Internet Directory (OID), “Notifications/Search” (Search Method) within the
partition configuration must be set to “unlimited”. This is a defect within OID itself and can be
referenced here:
https://support.oracle.com/epmos/faces/BugDisplay?id=25178637&_adf.ctrl-
state=17kljknnwp_4&_afrLoop=485596843187863
The following third-party Web Access Management (WAM) products are supported by OpenText
Directory Services 16 and newer.
Vendor Web Access Management Product Product Version(s)
Computer Associates SiteMinder v12
Entrust GetAccess, TruePass 8.0
EMC2 Corporation RSA Access Manager 6.1
Oracle Access Manager 11g
Other third-party WAM products might work but they are not supported by OpenText Directory
Services 16 and newer.
Supported Operating Systems

All supported Operating Systems and Database Systems are 64-bit. All types of zones (whole, global,
sparse) are supported on Solaris 11 (SPARC). OTDS will work on any 64-bit Linux OS with glibc,
kernel 2.6.32.49 or newer and the required Java version.
Vendor Operating System
Microsoft Windows Server 2008 R2 (x86-64)
Windows Server 2012, 2012 R2 (x86-64)
Windows Server 2016

Windows Server 2019
Oracle Solaris 11 (SPARC)
Red Hat Red Hat Enterprise Linux 6.x (x86-64)
Red Hat Enterprise Linux 7.x (x86-64)
CentOS

Vendor Operating System
Novell SuSE Linux Enterprise Server 11 (x86-64)
• OTDS 16.6.3 was the final release version for AIX and HPUX installers. Beginning with
version 20.1.1, only Solaris, Linux, and Windows versions are available.
Supported Virtualization Platforms

All supported Virtualization Platforms are based on 64-bit Operating Systems. Only English versions
of the Operating Systems are supported.
Vendor Virtualization Platform Host Operating System
EMC ESXi 5.0 or newer Windows Server 2008 R2
Windows Server 2012, 2012 R2
Windows Server 2016
Red Hat Enterprise Linux 6,

Red Hat Enterprise Linux 7
Microsoft Hyper-V R2 Windows Server 2008 R2
Windows Server 2012, 2012 R2
Windows Server 2016
Supported Browsers
This list of supported browsers is for the web-based administration.
Vendor Browser
Microsoft Internet Explorer 11+
Mozilla Firefox ESR
Google Chrome (latest version)
4.2 OpenText product compatibility

The section provides details about which versions of other OpenText products are compatible with this
release of Open Text Directory Services 20.4.2.

Note
For the latest compatibility information for OpenText products, refer to the
Compatibility Matrix (https://knowledge.opentext.com/go/matrix) on
OpenText My Support.
Note
For Enterprise Directory Synchronization integration, it is highly
recommended to use the same corresponding OTDS version. In
cases OTDS version can be higher than Enterprise Directory
Synchronization due to OTDS’ backward compatibilities. It is
considered best practice to use the latest versions whenever
possible.
4.3 Language support

Open Text Directory Services is currently localized in the following languages. Additional languages
may be available in future releases.
Component Languages
EN DE JA FR IT ZH ES RU
Installation B
Administration B
Login Page UI UI UI UI UI UI UI UI
UI = user interface only

B = both user interface and online help
5 Installation and upgrade notes

This section provides additional installation and upgrade information, including related or third-party
product information and any required critical patches.
5.1 Installation notes

Before you install Open Text Directory Services, review these additional installation notes and verify
related product or third-party product requirements.
• When patching Directory Services, it is crucial that the patch is executed from an elevated
command line as outlined in the OpenText Directory Services Installation and Administration
Guide.
For OTDS versions 20.2.1 or newer:

To allow for a more secure deployment, OTDS will no longer run OpenDJ internally. This separation
allows you to choose to run OpenDJ under one account, while OTDS under Tomcat runs under a
more restricted account that has more limited rights and permissions.
• On Windows, an OpenDJ Server service will be created. You can now choose to run OpenDJ
under a LocalSystem account, while Tomcat runs under a LocalService account.
• On UNIX and Linux, OpenDJ must be manually started, or a daemon/service must be
registered for it. In addition, the OPENDJ_JAVA_HOME environment variable must be
defined to point to the JDK/JRE to be used to run OpenDJ.
The commands to start and stop the service are:

– /<otds_install_dir>/opendj/bin/start-ds
– /<otds_install_dir>/opendj/bin/stop-ds
5.2 Upgrade notes

Before you upgrade, review these instructions.
• OpenText Directory Services 16 supports direct upgrade from release 10.5.0. For additional
information, please refer to the OpenText Directory Services Installation and Administration
Guide.
6 Patches
A patch is a piece of software that is designed to fix or improve a computer program or its supporting
data. These may include repairs to security vulnerabilities or resolution of bugs, and may also improve
usability or performance. On OpenText My Support you will find two general types of patches.
Hotfixes are also known as quick-fixes or bug fixes. Updates are also known as service packs or
service releases.
The following patches must be applied to Open Text Directory Services 20.4.2. OpenText
recommends that you check OpenText My Support (https://support.opentext.com) for any patches or
documentation updates that may have been posted after this release.
Note: If you are using two-factor authentication functionality provided by OTDS, and you have two-
factor authentication settings configured on a specific group(s), you must run a repair operation on
that group.
In OTDS administration, select Actions->Consolidate-> Verify and Repair on the specific group(s) in
order for the two-factor authentication settings to remain in effect for the users of the group.
If two-factor authentication settings were configured on a partition or on specific users only, no action
is required.
6 Hotfixes
Hotfixes are small patches that address software issues. Typically, there is no new functionality in a
hotfix. Hotfixes can be cumulative. Hotfixes for OTDS can be found:
• https://knowledge.opentext.com/knowledge/llisapi.dll?func=ll&objId=64258665&objAction=bro
wse&sort=name

7 Fixed Issues
Updates consist of a number of fixes combined into a single patch. Typically, the minor version
number of the product will increase, for example from 2.0 to 2.1. An update may also include new
features proactively introduced into the product. In most cases, updates are cumulative.
This section provides information about past issues that have been fixed in this update.
The following issues have been resolved in Open Text Directory Services 20.4.2:
Issue name Issue description

OTDS-8136 Sync of some valid user group memberships failing due
to "Could not locate specified child name" error
OTDS-8088 id_token_hint not being sent to OIDC logout endpoint
OTDS-8075 XSS vulnerability in the OTDS admin UI on the Trusted

Sites page

OTDS-8013 Updating edirsync from 16.x to 20.x shows error "Patch
000 already installed on your machine. You cannot re-
apply this patch"
OTDS-8000 WSM push connectors do not load. Creating/editing or
pushing to a resource configured with a “WSM Delivery
Server” or “WSM Management Server” results in a
NullPointerException
OTDS-7987 Invalid syntax error on OTOriginalDN

OTDS-7961 Auto-provisioned or externally provisioned users should
not be able to reset their password
OTDS-7960 SAML - No valid SubjectConfirmationData Recipient

found exception if auth handler name contains space or
special chars

OTDS-7951 Disabling an account for the first time does not push
the change to resources
OTDS-7928 Unable to create tenants using API in container

deployment
OTDS-7900 2FA not being enforced on OAuth password grant
OTDS-7899 OpenDJ service on Windows not starting after upgrade
OTDS-7866 OTDS can fail to install on some Windows systems
OTDS-7864 Creating users in Content Server leads to duplicate

user in CS if __NAME__ attribute mapping is not
default
OTDS-7855 OpenID Connect handler - issues with id_token

validation through /authentication/token API
OTDS-7852 SCIM: totalResults= -1 even if there are more pages
OTDS-7837 CS push connector cannot consolidate username

change
OTDS-7828 Users deleted from CS during resource consolidation
OTDS-7753 OTDS Docker: GNU Bash Privilege Escalation

Vulnerability for Debian

OTDS-7658 Add API endpoint to get a user's current delegated
admin rights
OTDS-7814 SCIM PATCH - cannot update employeeNumber
attribute
OTDS-7811 Reset password is not clearly displayed in password
reset mail
OTDS-7808 Unable to create tenant in OTDS 20.2.1 or 20.2.2
OTDS-7793 Empty user oTMemberOf mapping for LDAP partitions
OTDS-7789 Report end date filter does not work

OTDS-7788 Fix preferredLanguage attribute handling in Admin UI

OTDS-7786 oAuth clientId case sensitive issue
OTDS-7781 otdsapi service logs warning related to
SPSRestLicenses class
OTDS-7779 OAuth client ID with special characters does not work
OTDS-7775 OTDS 16.6.1 or newer does not work on WebSphere
OTDS-7764 Remove option to disable 2-factor authentication for

API requests
OTDS-7763 Role operation errors
OTDS-7761 3PPT - Vulnerability #3 : Insecure Links
OTDS-7751 SAML - OTDS does not verify SubjectConfirmation

(including 'Recipient' attribute) or Audience restriction
on an assertion
OTDS-7749 HELM CHART: error validating data:

ValidationError(Deployment.spec): unknown field
"serviceName"
OTDS-7744 The entry dc=root specified as the search base does
not exist in the Directory Server error after upgrade to
20.2.2 from 16.6.3
OTDS-7734 NullPointerException when creating a new synced

partition in OTDS 20.2.2
OTDS-7733 Syndication attributes appended to CS license causes
issues for OpenDJ to start after upgrade to 20.2.2
OTDS-7730 Document required catalina.policy rules if Tomcat runs

using Security Manager
OTDS-7729 2-factor auth with a provided code does not work with
Symantec
OTDS-7724 allObjectsNumber does not include roles
OTDS-7720 Error updating or consolidating a synchronized partition
OTDS-7718 Upgrade to 20.2.1 is failing on Linux

OTDS-7717 OT2 access token missing tenant groups
OTDS-7706 OTDS creates duplicate users in Content Server when

__NAME__ attribute mapping uses %l or %u

OTDS-7689 Add grant_types_supported to OIDC metadata
OTDS-7687 Unable to reset or change password on a user

that contains a {ContentServer} password hash
OTDS-7686 tokeninfo call fails when using resourceID in the

scope
OTDS-7675 Consolidate option not available on roles
OTDS-7666 3PPT Vulnerability #7: Software Version Numbers

Revealed (Infrastructure)
OTDS-7662 issuer field is wrong in OIDC metadata
OTDS-7660 email setting SMTP configuration and verification

problems

OTDS-7658 Add API endpoint to get a user's current delegated
admin rights
OTDS-7643 detect tenant at global token endpoint does not work
OTDS-7642 Can't set international email address on users
OTDS-7641 Deploying OTDS fails with OutOfMemoryError
OTDS-7639 Allow bootstrapping a pre-configured resource ID and

secret
OTDS-7637 OTDS bootstrapping does not create resource principal
OTDS-7636 User roles are getting reset on Registration
OTDS-7635 OTDS config environment variables are not POSIX

compliant
OTDS-7634 Cannot consolidate with global resources
OTDS-7632 Add system attribute to allow external sources in

Content Security Policy

OTDS-7629 When oAuth client invokes logout call to OTDS and its
redirect logout URL isn't in Redirect URI's the error
message returned references trusted sites
OTDS-7616 Stack trace when 2FA auth is enabled for Extranet

requests only
OTDS-7607 'scp' claim in access token is missing scopes with
authorization code grant
OTDS-7605 SCIM - specifying a user or group search filter using

"pr" operator results in error
OTDS-7603 SCIM - restrict scope of operations within a partition to

objects created through SCIM
OTDS-7313 OTDS - Mapping AD attribute userAccountControl to

oTExtraAttr with %odn doesn't show the AD attribute
under the user in correct format

OTDS-7589 CS Push Connector fails if Photo or Manager attribute
is mapped
OTDS-7578 Unable to add to top level OU to an access role
OTDS-7576 OAuth authorization code grant fails if user must

change password
OTDS-7575 Added the OpenDJ attribute “employeenumber” to
available partition attributes
OTDS-7570 OTDS sets wrong issuer for tenants in JWT tokens
OTDS-7569 Groups from different paths in AD are overwritten in CS

when _NAME_ mapping has %l or %u
OTDS-7567 Wrong protocol and port used in tomact webapps –

Docker Container
OTDS-7543 Option to configure username format sent to DUO

OTDS-5804 Consolidating a single user should restore its group
memberships

OTDS-7527 500 error in SCIM group search if user UUID doesn't

exist
OTDS-7523 User/group search fails when invoked by a resource

principal when RestrictedReadOnlyAccess is enabled
OTDS-7522 Repeated auth failures when account lockout is not

enabled can result in denial of service
OTDS-7514 SCIM Provisioning - groups attribute not returned on

users
OTDS-7513 SCIM Provisioning - search using multi-valued attribute

does not work
OTDS-7512 SCIM Provisioning - PATCH op on enterprise attributes

does not get processed
OTDS-7494 Resource credentials don't work on tenant
OTDS-7483 /resources/{resourceID}/groupinresource does not work
OTDS-7478 CORS requests are not permitted to the OIDC well-

known endpoint
OTDS-7475 Tenancy 2.0: Salesforce Connected App Callback URL
OTDS-7474 Prevent creation of a tenant that has a conflicting name
OTDS-7468 SCIM - Fails to provision group with " and " or " or " in
the name
OTDS-7461 Listing members that contain a '+' sign does not work
OTDS-7453 OTDS session not working when custom URL is used
OTDS-7451 Tenancy 2.0: subscription detection from scope param

does not work on logout URL
OTDS-7450 Unable add a role to a partition in an inheriting tenant
OTDS-7449 /oauth2/auth redirects to /otdstenant/otds.system/login
OTDS-7443 OT2 tenancy 2.0 - password grant fails when using a

global OAuth client


exist



users

does not work


known endpoint
the name
OTDS-7442 java.util.MissingFormatArgumentException when

__GROUP__ attribute mapping points to a non-existing
attribute
OTDS-7432 OTDS - password Reset still available when disabled

for users
OTDS-7430 Unable to restore more that one user at a time
OTDS-7422 Clicking "Refresh" resets search criterion


exist



users

does not work


known endpoint
the name
OTDS-7418 Unable to login into OTDS when 16.6.3 patch is applied
OTDS-7341 OTDS-Monitoring skipped on duplicated partition
OTDS-7247 Mapping 'cn' to any other attribute does not import it for
new users on monitoring
OTDS-7219 Notification fails to delete resulting in repeating emails
OTDS-7020 illegal reflective access call from jaxb


exist



users

does not work


known endpoint
the name
OTDS-6594 Fix wrong password error when adding connection

parameters
OTDS-6395 Modifiying the "Host name or address" in the

"connection information" of a user partition may lead to
an invalid user partition
OTDS-6376 When monitoring is unchecked, group Memberships in

non-synchronized partition are lost when synchronized
user is moved to a different OU


exist



users

does not work


known endpoint
the name
OTDS-5957 Monitoring skipped on duplicated partition
OTDS-5328 No error displayed when creating connection

parameters from the file
OTDS-5073 Adding a file to an auth handler and removing it results

in the file being added

8 Known issues
There are no known issues with this release.

9 Contact information
OpenText Corporation
275 Frank Tompa Drive
Waterloo, Ontario
Canada, N2L 0A1
OpenText My Support: https://support.opentext.com
For more information, visit www.opentext.com
Copyright © 2020 Open Text. All Rights Reserved.

Trademarks owned by Open Text. One or more patents may cover this product. For more information, please visit https://www.opentext.com/patents.
Disclaimer
No Warranties and Limitation of Liability
Every effort has been made to ensure the accuracy of the features and techniques presented in this publication. However, Open Text Corporation and its affiliates accept
no responsibility and offer no warranty whether expressed or implied, for the accuracy of this publication.
29

OpenText Directory Services 20.4.2 - Release Notes

Uploaded by

Copyright:

Available Formats

You might also like

OpenText Directory Services 20.4.2 - Release Notes

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

OpenText Directory Services 20.4.2 - Release Notes

Uploaded by

Copyright:

Available Formats

Open Text Directory Services

Product Released: 2020-11-30

Release Notes Revised: 2021-02-23

2 About Open Text Directory Services ............................................................................................ 6

3 Packaging and documentation ................................................................................................... 10

4 Supported environments and compatibility .............................................................................. 11

Open Text Directory Services 20.4.2 Release Notes 2

5 Installation and upgrade notes ................................................................................................... 15

8 Known issues ............................................................................................................................... 28

9 Contact information ..................................................................................................................... 29

Open Text Directory Services 20.4.2 Release Notes 3

1.1 Release Notes revision history

2016-03-15 First release. All new content.

2016-03-31 Installation Notes, Note about an upgrade conflict on Windows

2016-04-12 Supported Environments Added Oracle Access Manager to the WAM

2016-10-14 All sections. Edits to formatting.

2017-04-28 All sections. Edits to formatting and version fixes.

2017-06-21 Documentation Errata Added a new documentation update.

Open Text Directory Services 20.4.2 Release Notes 4

2018-08-27 Known Issues Updated Issue with JDK 8U181

2019-09-20 Supported Operating Updated for OTDS 16.6.2 (OTDS-1662)

2019-12-20 Patches, Fixes, & Updated for OTDS 16.6.3 (OTDS-1663)

2020-01-14 Supported Systems Note regarding Load Balancing and

Open Text Directory Services 20.4.2 Release Notes 5

2020-02-18 Patches, Fixes, Known Update for OTDS 20.1.1 (OTDS-2011),

2020-03-20 Patches, Fixes, Known Update for OTDS 20.2.1 (OTDS-2021)

2020-05-08 Patches, Fixes, Known Update for OTDS 20.2.2

2020-06-30 Patches, Fixes, Known Update for OTDS 20.2.3

2020-09-02 Patches, Fixes, Known Update for OTDS 20.3.1

2020-10-23 Patches, Fixes, Known Update for OTDS 20.4.1

2020-10-30 Section 2.2 OTDS no longer runs OpenDJ internally.

2 About Open Text Directory Services

2.1 New features

New Features in OTDS 20.4.2

Open Text Directory Services 20.4.2 Release Notes 6

New Features in OTDS 20.3.1

New Features in OTDS 20.2.3

New Features in OTDS 20.2.2

New Features in OTDS 20.2.1

New Features in OTDS 20.1.1

New Features in OTDS 16.6.3

New Features in OTDS 16.6.2

Open Text Directory Services 20.4.2 Release Notes 7

New Features in OTDS 16.6.1

New Features in OTDS 16.6.0

New Features in OTDS 16.4.3

New Features in OTDS 16.4.2

New Features in OTDS 16.4.1

New Features in OTDS 16.2.3

New Features in OTDS 16.2.2

Open Text Directory Services 20.4.2 Release Notes 8

New Features in OTDS 16.2.0

New Features in OTDS 16.0.3

New Features in OTDS 16.0.2

New Features in OTDS 16.0.1

New Features in OTDS 16.0.0

Open Text Directory Services 20.4.2 Release Notes 9

2.2 Discontinued and deprecated features