New Features

Skip to end of metadata
Go to start of metadata

New Features in Oracle Communications Unified Communications Suite
Version 7 Update 4

This document summarizes the features in Oracle Communications Unified Communications Suite 7 Update 4 that are new or have been enhanced since Oracle Communications Suite Unified Communications Suite 7 Update 4 for the following components:

Oracle Communications Unified Communications Suite Products and Components Version 7 Update 4

Product Version
Oracle Communications Messaging Server 7 Update 5 (Patch 28)
Oracle Communications Instant Messaging Server 9 (Patch 3)
Convergence 2 (Patch 6)
Oracle Communications Calendar Server 7 Update 3 (Patch 10)
Delegated Administrator for Oracle Communications Unified Communications Suite 7 (Patch 7)
Connector for Microsoft Outlook for Oracle Communications Unified Communications Suite 8
Indexing and Search Service for Oracle Communications Unified Communications Suite 1 Update 4 (Patch 16)
Messaging Server HA Agent (MS_SCHA) 7
Instant Messaging HA Agent (IM_SCHA) 7.3
Dssetup for Oracle Communications Unified Communications Suite (comm_dssetup) 6.4 Patch 24

Check Communications Suite Component Patches for current patches that have shipped since the initial Communications Suite 7 Update 4 release.


This document contains the following sections:

New Features in Messaging Server 7 Update 5

Messaging Server 7 Update 5 includes the following new features:

Messaging Server Minor Features

Features Introduced in Messaging Server 7 Update 5

Unified Configuration

Unified Configuration is an improved facility to configure and administer Messaging Server. Unlike with the legacy configuration method (Messaging Server 7 Update 4 and prior releases), Unified Configuration uses validation to verify configuration accuracy and employs a single tool to configure the entire Messaging Server configuration (with a few exceptions). It features improved security, with obfuscated password stored in separate file from the configuration file. Unlike the legacy method, with Unified Configuration, most of the settings are stored in one file. The automation of configuration management tasks is supported using a programming language-like interface.

New installations use the legacy configuration method by default. However, a Unified Configuration can optionally be generated and used instead. If you use Unified Configuration in a new installation and later decide to revert to the legacy method, configuration changes made to the Unified Configuration are not back ported to the legacy configuration. There is no migration path to convert a Unified Configuration to a legacy configuration.

Upgraded installations can also convert from the legacy configuration method to Unified Configuration.

Note
Unified Configuration is only supported on 64-bit platforms.

For more information, see: Overview of Messaging Server Unified Configuration

ICU 4 Support

To better support some international characters, Messaging Server now includes support for ICU 4 (library which provides Unicode and Globalization support). Because this version of the library is not currently available on Solaris 10 or Linux, it is bundled with the Messaging Server package instead of depending on a version installed with the operating system.

Password Aging Support

(Bug: 12093863)

The Messaging Server now honors LDAP password policies. It sends an IMAP ALERT when a user's LDAP password is about to expire. Refer to Directory Server documentation for setting this up (see Oracle Identity Management documentation). You can use MeterMaid to limit the frequency of warnings.

Scan Message Store for Newly Discovered Viruses and Spam

(Bug: 12266635)

You can configure the Message Transport Agent (MTA) to scan the message store for newly discovered viruses and spam. To do this, set the ENABLE_SIEVE_BODY parameter to 1 in option.dat.

Enhanced Support for Microsoft Exchange 2007 Journaling Format

Messaging Server can be configured to generate Microsoft Exchange 2007 format journaling messages using the JOURNAL_FORMAT attribute.

Support for Sieve Vacation Seconds Extension

You can specify minimum values for vacation :days and :seconds parameters using the new VACATION_MINIMUM_TIMEOUT parameter.

iMIP Support

iMIP is now supported to provide better integration between Calendar and Messaging Servers. (Refer to RFC2447.) See Using the iSchedule Channel to Handle iMIP Messages for more information.

Messaging Multiplexor Now Honors Most Authentication and LDAP-Related configutil Settings

The Messaging Multiplexor (MMP) honors most authentication and LDAP-related configutil settings (such as sasl.*, local.ugldaphost, and local.ugldapbinddn) if the equivalent setting is not also set in the separate MMP configuration file. As a result, there is no longer a need for the files ImapProxyAService-def.cfg, PopProxyAService-def.cfg, and SmtpProxyAService-def.cfg in the configuration directory.

Support for IMAP STARTTLS when Proxies Connect to Back-end

When service.imap.plaintexmincipher is set to a non-zero value, the back-end IMAP server will not permit password authentication without use of SSL or STARTTLS. The MMP, mshttpd and IMAP shared folder functions now detect this situation and attempt to negotiate SSL/TLS prior to authenticating. SSL must still be enabled for the relevant proxy (although the client is not required to negotiate SSL for this to work, nor does the proxy have to be configured to require SSL for authentication). For example, ImapProxyAService.cfg should contain "default:SSLEnable yes".

(MMP, mshttpd, IMAP Shared Folders)

Support for IMAP Response Codes

IMAP response code support (RFC5530) is implemented in both the IMAP Server and MMP.

Store Options to Support Third-Party Authentication Co-process

Support for third-party authentication co-processes such as MMP has been added through the new options sasl.default.authenticationserver and sasl.default.authenticationldapattributes. See examples/tpauth/authserver.txt for more information.

MTA OSYNC Option

The OSYNC MTA option has been added enable the use of O_SYNC when creating queue entries. If OSYNC is set to 1, the O_SYNC flag is set when creating queue entries. The default is 0.

Support for -size Option in imsimta test -rewrite

The MTA option -size=n simulates the SMTP SIZE extension to verify size-based restrictions.

New Rewrite Rule Metacharacters $, and $>

Two new metacharacters in rewrite rules, $, and $>, are available to validate top-level domains.

SMTP Client Trace Level Debugging Support

You can now enable trace level debugging (TRACE_LEVEL=2) for certain SMTP clients. To do this, specify $G in the PORT_ACCESS mapping entry.

SMS Gateway Server Can Deliver Content in Subject Header Line

Gateway profiles may now request that the SMS Gateway Server place the entire content of an SMS message gatewayed to email only in the email message's Subject: header line. No content is placed in the email message's body.

Set the new TEXT_TO_SUBJECT option to 1 to enable this behavior.

When TEXT_TO_SUBJECT=1, the EMAIL_BODY_CHARSET option is ignored for that gateway profile. The default value of the PARSE_RE_0 option becomes [\t]([^(])[ \t](.).

MMP and IMAP Performance Improved on Solaris by Use of Solaris Event Ports

On Solaris, event ports are now used by default instead of the poll() system call. This improves MMP and IMAP scalability.

MMP Scalability Improvements: mmp.numprocesses

A single MMP process is not as effective as multiple MMP processes in using the resources of a multicore processor. To create multiple MMP processes, set mmp.numprocesses to the number of processes you want. The default value of mmp.numprocesses is 1.

For installations using the legacy configutil configuration method instead of Unified Configuration, the only way to change the value of mmp.numprocesses is to use the service.mmp.numprocesses configutil setting.

Note that setting mmp.numprocesses to a value greater than 1 is incompatible with POP before SMTP and that POP before SMTP is now deprecated (see Deprecated and Removed Features for Messaging Server).

Updates to the Sieve Address Test

The Sieve address test now uses the heuristic address parser instead of the strict parser.

Enhanced SPAMFILTERx_RECEIVED (x=1,8) MTA Options

SPAMFILTERx_RECEIVED (x=1,8) options now accept a value in the range of 0-2.

  • 0: don't add a synthetic Received: field to the message content passed to the spam filter
  • 1: add a synthetic Received: field to the message content passed to the spam filter (default value)
  • 2: add an additional clause of the form
    (envelope-sender <MAIL-FROM-ADDRESS>)
    to the header. This clause is used by some SpamAssassin configuration as a source of MAIL FROM addresses instead of using the standards-compliant Return-path: field.

MTA Rejects UIDs That Begin With a Hyphen (-)

The MTA now rejects UIDs that begin with a hypen (-) because they conflict with IMAP ACL formats. The Message Store also continues to perform this validation.

Enhanced V Transaction Log Entries

V transaction log entries now contain a reason field specifying at what point in the transaction the failure occurred and the routine that logged the failure.

Some LDAP URL and DNs Errors Ignored

Errors in LDAP URLs or DNs encountered during group access check or EXPN command processing are now ignored

Previously, such errors halted the expansion process.

IMAP Authentication Messages Now Include Session ID

IMAP Authentication messages now include the session ID. You can optionally include the session ID in the IMAP response text using imap.logauthsessionid (for Unified Configuration) or local.imap.logauthsessionid (for the legacy configuration method).

ENS Events Include Quota Information

ENS Events triggered from modifications to the message store now include quota information.

smtps: Negotiation Failures Produce O and C Records

smpts: negotiation failures now produce O and C records in the connection log and affect the associated counters.

MMP, watcher, and msprobe Scalability and Performance Improvements

The MMP now tracks when it is stressed due to either a shortage of file descriptors or during a backlog of LDAP connections. When stressed in these situations, the MMP notifies the watcher, which prevents a request from msprobe to restart the MMP from taking effect. (An MMP restart is likely to exacerbate a stress situation). If the MMP stops making progress (connecting incoming users to their mailhost), the stress state expires and an msprobe restart request becomes viable again. How long the process remains stressed is controlled by the Unified Configuration base.stressperiod option, which defaults to 20 seconds. This setting is not available for legacy configuration.

When the MMP becomes stressed, it stops accepting new connections until it is no longer stressed. If desired, you can disable this feature by setting the base.stressfdwait Unified Configuration option (local.stressfdwait for legacy configuration) to 0.

ugldapport Option

If the ugldapport option is set to 636, SSL LDAP is always used, regardless of value of the ugldapusessl option.

Diagnostic Improvements to nslog (Message Store and MMP)

During startup, errors are sent both to stderr and the log file. After startup, stderr errors from non-Messaging Server libraries (such as assert()) are recorded in the primary nslog log file.

Increase Default Log File Rollover Size Limits (Message Store and MMP)

The default log file size limit used in determining when log rollover occurs has been increased from 2 MB to 20 MB. The maximum space allowed to be used by all log files for a specific service has also been increased accordingly. That is, the log file option logfile..maxlogfilesize now defaults to 20 MB, and the option logfile..maxlogsize defaults to 200 MB.

Enable IMAP CONDSTORE extension by default

The IMAP CONDSTORE extension has now been enabled by default. The Mozilla Thunderbird client currently uses the CONDSTORE extension if available and provides for significant data transfer reduction on large folders.

The IMAP Non-Standard XSERVERINFO Extension Is Now Disabled by Default

Since the server no longer provides any useful information to clients, the mere presence of the XSERVERINFO capability still causes clients such as Mozilla Thunderbird to issue an XSERVERINFO command. This wastes a full client-server roundtrip.

Support for Extended IMAP Access Control List (ACL; RFC4314) Has Been Added

The following are new rights:
k: create sub-folder
x: delete folder
t: delete message (set deleted flag)
e: expunge folder

Access to a Disabled User's Shared Folders Is Now Prevented

When a user is disabled, the IMAP operations SELECT, EXAMINE, APPEND, and COPY are denied using IMAP response code UNAVAILABLE.

When a user is forced off, all the IMAP sessions accessing the user's folders are also forced off.

New Features in Messaging Server 7.0.5.29.0

Messaging Server 7.0.5.29.0 includes the following new features:

Access to Intermediate Address Information in Forward Mapping

Bit 7 (value 128) of USE_FORWARD_DATABASE, if set, now includes the initial address presented for alias processing in the FORWARD mapping probe. Bit 8 (value 256), if set, now includes the current intermediate address in the FORWARD mapping probe. These addresses appear immediately before the final recipient address.

New Destination-Channel Keyword for Reducing Message Headers to a Specified Number of Bytes

A new destination-channel keyword, headercut, has been added. If specified, headercut cuts the current message header down to no more than a specified number of bytes, using a heurestic algorithm that removes or truncates header fields based on their relative importance. headercut requires a single nonnegative integer argument. A value of 0, the default, disables header cutting.

New USE_REVERSE_DATABASE Bit Settings Allow Originator-Based Restrictions

Bits 13 (value 8192) and 14 (value 16384) in the USE_REVERSE_DATABASE MTA option have been defined so that, if set, they disable source block and recipient limit settings and capture actions based on the envelope from (MAIL FROM) address (bit 13) and authenticated sender address (bit 14).

Logging Has Been Enhanced to Include Individual Conversion Tags in Filter Log Entries

If the LOG_FILTER MTA option is set, a conversion tag added with either the setconversiontag or the addconversiontag Sieve action is now logged in mail.log*.

New Features in Convergence 2 Patch 6

Convergence 2 Patch 6 includes the following changes and new features:

Support for Tablets

Convergence 2 Patch 6 provides support for standard 9-inch or 10-inch tablets.

Support for Tablet Browsers and Operating Systems

Convergence 2 Patch 6 now supports Safari on iPad iOS, starting with 6.1.1, and Chrome on Android Jellybean, starting with 4.2.

New Features in Calendar Server 7 Update 3 Patch 10

Calendar Server 7 Update 3 Patch 10 includes the following changes and new features:

Authenticating Against a Directory External to the Calendar Server Environment

(Bug: 13515972)

Calendar Server 7 Update 3 Patch 10 enables authentication against a separate, LDAP directory external to the Calendar server environment. Such a configuration is useful in hosted environments for delegating one administrative aspect to a provider (managing the Calendar Server front- and back-end hosts and LDAP directory with non-sensitive data), while maintaining control over the LDAP user passwords in the internal, corporate network. In this setup, Calendar Server would use the external directory for authentication.

For more conceptual information on Calendar Server and external authentication, see Calendar Server and Directory Server Integration. To configure Calendar Server for authentication against an external Directory Server, see Configuring External Authentication.

Booking Window for Calendars

(Bug: 13064057)

Calendar Server 7 Update 3 Patch 10 supports the use of a system-wide minimum booking window for calendars through the use of the new davcore.scheduling.minbookingwindow configuration parameter. This new parameter compliments the existing maximum booking window support (davcore.scheduling.maxbookingwindow) parameter. In addition, starting in Calendar 7 Update 3, you can set account-level minimum and maximum booking window properties through the davadmin account command or clients that use the WCAP set_accountprops command. The minimum and maximum booking window values define a window of time relative to current time, between which Calendar Server allows the account to be scheduled. Calendar Server enforces the booking window by returning a busy response to the free/busy check done by the scheduling agent if the requested time is outside the booking window. In addition to setting the booking window, you should also set the account's scheduling flag to "decline on conflict" for the window to take effect. The booking window setting also affects calendars configured to auto accept invitations. In the case where auto decline is also configured, it takes precedence over auto accept.

To configure both the minimum and maximum booking windows for accounts, you can use either the davadmin command or the set_accountprops.wcap interface. In absence of an account property, Calendar Server defaults to using the corresponding system-wide booking window configuration.

Upfront Free/busy Check for Control of Doublebooking and Booking Window During Scheduling

A scheduling attempt requested for an account that has its attendance flag set to "decline on conflict" (the attendance flag is set either by a CommSuite:set_accountprops.wcap command or davadmin account command), triggers Calendar Server to perform a special free/busy check. This check happens as part of the scheduling process for both CalDAV and WCAP clients. Because scheduling is an asynchronous process, the event organizers are made aware of an error only after they have made the booking. However, for clients that use the WCAP protocol, the same check is performed upfront. This enables the organizer to get an immediate error if the event request results in a conflict for the calendar.

Changes to the davadmin Command

(Bug: 12310347, SR: 1-742597505)

In Calendar Server 7 Update 3 Patch 10, the davadmin command has been updated with the following changes:

  • The passfile option has been updated to accommodate setting a password on the remote document store and corresponding password entry in Calendar server front end that needs to communicate with the document store.
  • A new command, davadmin ldappool, has been added to support LDAP pools, which are used in configuring external Directory Server authentication.
  • The davadmin account list command now displays a list of all users in the database and their details.

For more information, see CommSuite:Calendar Server 7 Command-Line Utilities.

Enable and Disable Account Autocreation

(Bug: 12263479)

Calendar Server 7 Update 3 Patch 10 provides the capability to enable or disable, on a system-wide basis, the calendar account autocreation, either on login or invite. For more information, see the davcore.autocreate.enableautocreate parameter in Calendar Server 7 Configuration Parameters.

LDAP Pools

Starting with Calendar Server 7 Update 3 Patch 10, you can create LDAP pools for use in authenticating against an external directory. For more information, see the davadmin ldappool command and also Configuring External Authentication.

New Configuration Parameters

Calendar Server 7 Update 3 Patch 10 introduces the following configuration parameters:

  • davcore.autocreate.rescalcomponents: Assigns the default autocreation setting for supported calendar components for a new resource calendar
  • davcore.scheduling.allowownerdoublebooking: If set, owners of resource calendars can double book even if the resource account prevents doublebooking
  • davcore.scheduling.minbookingwindow: Specifies the start of a booking window, in days, from the time of scheduling, from which a calendar can be booked in advance

For more information, see Calendar Server 7 Configuration Parameters.

Calendar Server 7 Update 3 Patch 10 also includes the service.host parameter for the document store ashttpd.properties file.

New Languages

For Calendar Server 7 Update 3 Patch 10, the product configuration program and all notifications that are sent by the server have been localized into the following additional languages: German, Spanish, Korean, Simplified Chinese, and Traditional Chinese.

New populate-davuniqueid Utility

(Bug: 13573588)

Calendar Server 7 Update 3 Patch 10 introduces a new LDAP attribute named davUniqueId. This attribute replaces the problematic nsUniqueId attribute, whose value is lost when an LDAP entry is deleted and then recreated. (See Changing User uuid for more information about the issues with the nsUniqueId attribute.)

To set the value of the davUniqueId attribute to the current value of the nsUniqueId attribute for existing LDAP entries, use the new populate-davuniqueid utility.

For more information, see Calendar Server Unique Identifier.

New Schema Objects

The following LDAP schema objects are added to Calendar Server 7 Update 3 Patch 10 to support authentication against an external Directory Server:

  • externalAuthPreUrlTemplate: This attribute is used for authentication by using external Directory Servers. Its value is an LDAP URL that defines how users must be searched for in the external Directory Server against which authentication is performed.
  • externalAuthPostUrlTemplate: This attribute is used for finding the internal Directory Server entry for a user who authenticated by using external Directory Servers. Its value is an LDAP URL that must be used to map the external Directory Server authenticated user to a user in the internal Directory.

The following LDAP schema attribute is also added:

  • davUniqueId: This attribute can be used to define a unique ID for any davEntity user, group, and resource object, much like the operational attribute nsUniqueId. It is recommended that davUniqueId be used as the value of the davcore.uriinfo.permanentuniqueid configuration parameter.
Note
These new elements are required by Calendar Server 7 Update 3 Patch 10. Schema changes are applied to Directory Server when you run the comm_dssetup script. When upgrading to Calendar Server 7 Update 3 Patch 10, you need to first apply the comm_dssetup 6.4 patch (at least 6.4-24.02) and run the updated comm_dssetup script against your Directory Server instances. See Upgrading Calendar Server for more information.

Non-active Calendar Accounts Are No Longer Searched or Fetched

(Bug: 13398830)

Starting with Calendar Server 7 Update 3 Patch 10, if a calendar account's LDAP icsStatus attribute is populated and is not set to active, the account is not searched nor are any results fetched for that account when running Calendar Server davadmin or WCAP commands. That is, Calendar Server returns search results only for active accounts and does not return unusable data such as inactive calendars.

Remote Document Store Authentication

Calendar Server 7 Update 3 Patch 10 provides enhanced security for remote document stores. A remote document store now requires password authentication for the connection between the Calendar Server and the remote document store server. The password needs to be known by both the document store client (which runs in the Calendar Server itself) and the remote document store server (which runs on the remote host where the store is located). The password is stored in a password file (called a wallet) on each of the hosts.

For information on configuring the remote store password, see To Configure Remote Document Store Authentication.

New Features in Indexing and Search Service 1 Update 4 Patch 16

Indexing and Search Service 1 Update 4 Patch 16 includes the following changes and new features:

Periodic ISS Account Check and Synchronization with Messaging Server

(Bugs: 13517733, 13257862, SR: 3-5561340981)

This feature checks every ISS account against Messaging Server accounts at regular intervals to detect differences, for example, from a reconstructed folder or lost event notifications, that ISS can then automatically correct.

Two items control this periodic check:

  • Periodic auto-sync: A periodic scan to check that all active ISS accounts are in sync.
  • Periodic auto-bootstrap: A scan for accounts unknown to ISS and adding these accounts to a list to be automatically bootstrapped. It is the bootstrap action that is periodic, not the error scanning. The scanning for accounts that need to be bootstrapped occurs continuously as new events arrive and errors are detected. ISS adds the unknown accounts to the auto-bootstrap "to-do" list whenever trigger conditions are met. The periodic nature of the auto-bootstrap prevents too many accounts from being bootstrapped simultaneously, should many errors show up at once. This process enables the workload to be spread out among the Messaging Server and ISS hosts, instead of trying to correct every such error immediately.

For more information, see Administering Periodic Automatic Synchronization for Indexing and Search Service Accounts.

Recovery after Messaging Server reconstruct Command

(Bug: 13517733)

This feature fixes an issue where ISS becomes out-of-sync when a folder has been reconstructed on Messaging Server. When the reconstruct command runs, it may cause the UID validity value and/or UIDs assigned to emails in a folder to change, but does not trigger event notifications to notify ISS of the change. ISS now detects the UID validity mismatch while processing events and re-bootstraps the folder to get it back in sync.

Watcher Service and High Availability Improvements

This feature is designed for the implementation of highly available (HA) ISS nodes, however the service itself is useful even when you do not use HA (which is why it is included in this release). The watcher service provides local host monitoring of ISS services and alerts you, with log file messages and email warnings, when it detects a service outage. Once alerted, you can take the appropriate corrective action, such as restarting a service. The services that are monitored are dependent on the type of ISS installation on which the watcher is running. The iss.cluster.install parameter in the jiss.conf configuration file defines the ISS installation type:

  • standalone
  • multi-machine
  • cluster
  • clusterv2

For more information, see Administering the ISS Watcher Service.

Additionally, one of the HA improvements is to enable the cluster search service to run on the back-end nodes, making exposing NFS to the web tier unnecessary. For more information, see Configuring Indexing and Search Service for clusterv2.

Performance Improvements

The following performance improvements for this release are targeted at both general memory and time reductions, and to speed up specific styles of search queries:

  • Search service: Email folder manager optimization reduces the number of indexReaders opened during search
  • jmqconsumer process: Candidate file write optimization reduces the IO overhead during event processing of candidate file writing
  • Index service: folderflag optimization reduces the average size of flag records for folders containing a large number of emails

Java 7 Support

(Bug: 12816657)

Starting with this release of Indexing and Search Service, Java 7 is recommended, as Java 6 is entering end of life. If you generated your ISS indexes while on Java 6, once you upgrade to Java 7, you should regenerate the indexes. See Upgrading Indexing and Search Service for more information.

New Features in Instant Messaging 9

Instant Messaging 9 Patch 1 includes the following changes and new features:

Group Messaging

You can configure Instant Messaging so that end users can send a message to an LDAP group, which can be either dynamic or static.

  • LDAP dynamic group: Membership, rather than being maintained explicitly in a list, is determined by search criteria using an LDAP URL. Dynamic groups use the groupOfURLs object class and the memberURL attribute to define LDAP URLs with the criteria (search base, scope, and filter) to be used for determining members of the group.
  • LDAP static group: A static group is one whose entry contains a membership list of explicit DNs. You can define a static group by using the groupOfUniqueNames object class and by explicitly specifying the member DNs using the member attribute.

To enable end users to view dynamic and static LDAP groups in search results and add them to their instant messaging client contact list, you need to include groupOfUrls objects in search results.

For more information about Group Messaging, see Managing Instant Messaging's LDAP Access Configuration.

Offline Messaging

When the offline chat message delivery feature is enabled on the Instant Messaging Server, regular instant messages (chat messages) that are sent to offline users are not discarded. They are available on the Instant Messaging Server, and delivered to the user when the user comes online. This feature can be enabled at deployment level or at domain level using the whitelisting facility. This feature can be disabled using the blacklisting facility.

However, Instant Messaging alerts are managed differently. The feature is enabled or disabled at the user level. Similar to offline chat messages, the Instant Messaging Server stores the alerts for the offline recipient, and delivers them when the user logs in next time. This is, if the user has configured to receive offline alerts during the next login.

Note
If you install Calendar Server with Instant Messaging, you can configure your deployment such that you receive Instant Messaging alerts about your calendar todos and events, as pop-up messages. As long as you are logged in to Instant Messaging (you are online), you receive Calendar Server HTML pop-up reminders on your desktop. If you are offline, you receive the alerts the next time you login, if you have configured to receive offline alerts during the next login.

For more information about Offline Messaging, see Managing Instant Messaging Messages for Offline Users.

Default Password Changed

Starting with Instant Messaging 9 Patch 1, the default value for password configuration properties is random.

Manually Configuring httpbind

Starting in Instant Messaging Server 9 Patch 1, you can manually configure httpbind connections to "follow through" by using this command:

Protecting Deployed Instant Messaging Components

Starting with version 9 Patch 1, Instant Messaging deployments are more secure. In previous versions of Instant Messaging, the server listened to connections on the port defined by the iim_server.port parameter (the default value is port 5269) in various situations. These situations include a peer in a server pool, components such as external gateways, cal-agent, sms-agent, httpbind, and so on. In Instant Messaging 9 Patch 1, the server now listens to this port only when at least one of these options is configured.

New Configuration Parameter

The gwdomain-id.multihosting parameter in the httpbind.conf file, if set to true, allows a packet destined to a domain, which is not pre-configured in httpbind.conf, to be sent to Instant Messaging Server. You use this parameter for a hosted domain setup. The default value for this parameter is true. For more information, see Gateway Domain ID Key Parameters for httpbind.

New Features in Instant Messaging 9 Patch 3

Instant Messaging 9 Patch 3 includes the following changes and new features:

New Configuration Properties

Instant Messaging Server 9 Patch 3 provides the following new configuration properties:

  • iim_server.sasl.usemechanism.DIGEST-MD5: Enables the DIGEST-MD5 authentication mechanism
  • iim_ldap.plaintextpasswords: Specifies if the passwords in LDAP are stored in clear text
  • iim_server.filter.enable: Specifies if the file filter providers should be enabled or disabled
  • iim_server.filters: Specifies the list of file filter providers

DIGEST-MD5 SASL Authentication

Starting with version 9 Patch 2, Instant Messaging Server supports the DIGEST-MD5 SASL authentication method for password-based authentication. DIGEST-MD5 is a challenge/response authentication mechanism defined in RFC 2831.

To Configure Instant Messaging Server for DIGEST-MD5 SASL Authentication

Prerequisite: To use the DIGEST-MD5 authentication mechanism, the passwords in LDAP should be in plain text.

  1. Use the imconfutil command to set the iim_server.sasl.usemechanism.DIGEST-MD5 to true and to set the iim_ldap.plaintextpasswords property to true.
    For example:
  2. Restart Instant Messaging Server.
    For example:

Support for GlassFish 3

Starting with version 9 Patch 2, Instant Messaging Server supports the use of GlassFish Server 3 as the web container.

Changes for Bug 15958098

A ByteStreamFilter is a server plugin module that can be used to control, alter or discard all byte stream data going through the server. Starting with Instant Messaging Server 9 Patch 2, these filters can be specified and enabled by using the new configuration properties, iim_server.filter.enable and iim_server.filters.

New Features in Delegated Administrator 7 Patch 7

This version of Delegated Administrator 7 (Patch 7) in Communications Suite 7 Update 4 includes bug fixes only.

New Features in Delegated Administrator 7 Patch 7

Delegated Administrator 7 Patch 7 includes the following changes and new features:

Ability to Use LDAPS

Starting with Delegated Administrator 7 Patch 7, you can enable LDAP over SSL (LDAPS) for Delegated Administrator communications with Directory Server. This applies only to Direct LDAP mode. For more information, see Configuring Delegated Administrator for LDAPS.

New Configuration Parameter

Delegated Administrator 7 Patch 7 includes the following new configuration parameter (applies to Direct LDAP mode only):

  • ldaphost-usessl: When set to true, this parameter enables LDAP over SSL (LDAPS) for Delegated Administrator communications with Directory Server.

New config-commda Option

Delegated Administrator 7 Patch 7 includes the following new option to the config-commda initial configuration command:

  • -relaxugcheck: Bypasses the LDAP check on if the default organization RDN is the same as the User/Group suffix. This check was performed to work around an issue in Access Manager mode. However, if your existing directory structure is such that the default organization RDN is the same as the User/Group suffix, and you plan to use Direct LDAP mode, then you would use this option to bypass the restriction.

New Features in Connector for Outlook 8

Microsoft Connector for Outlook 8 includes the following changes and new features:

Support for Microsoft Outlook 2010 (32-bit)

This version of Connector for Outlook provides support for Microsoft Outlook 2010.

Connector for Microsoft Outlook Profile Conversion and Upgrade Support

In Connector for Microsoft Outlook 7.3 and earlier versions, you had to create a new profile to modify or upgrade user profiles linked to Connector for Microsoft Outlook 7.1 and later versions.

A new hidden configuration parameter, ModifySun71PlusProfile, located in the setupfilename.ini file, enables or disables the conversion of Connector for Microsoft Outlook 7.1 (and later versions) user profiles. To not modify the Connector for Microsoft Outlook 7.1 (or later version) user profile, set the ModifySun71PlusProfile parameter equal to 0. To modify the user profile with the configured values, set the ModifySun71PlusProfile parameter equal to 1

Note:
The ModifySun71PlusProfile=0/1 parameter is not enabled if the Create new user profile without conversion/upgrade option is chosen in the user profile settings of the Connector for Microsoft Outlook configuration program.

New Features in DSsetup 6.4 Patch 24

In this release of DSsetup new attributes and object classes have been added for use by Calendar Server 7 Update 3 Patch 10. See New Schema Objects for more information. Also, the nabStatus, nabDomainAcl, nabDomainNames, and nabStore objects have been assigned for future use with Network Address Book.

In addition, Dssetup no longer automatically removes 71sun-am.ldif if Access Manager schema is found in 99user.ldif.

Labels:
reference reference Delete
commsuite commsuite Delete
deprecatedam/opensso deprecatedam/opensso Delete
newfeatures newfeatures Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.

Sign up or Log in to add a comment or watch this page.


The individuals who post here are part of the extended Oracle community and they might not be employed or in any way formally affiliated with Oracle. The opinions expressed here are their own, are not necessarily reviewed in advance by anyone but the individual authors, and neither Oracle nor any other party necessarily agrees with them.