This document summarizes the features in Oracle Communications Unified Communications Suite 7 Update 4 that are new or have been enhanced since Oracle Communications Suite Unified Communications Suite 7 Update 4 for the following components:
Oracle Communications Unified Communications Suite Products and Components Version 7 Update 4
|Oracle Communications Messaging Server||7 Update 5 (Patch 28)|
|Oracle Communications Instant Messaging Server||9 (Patch 3)|
|Convergence||2 (Patch 6)|
|Oracle Communications Calendar Server||7 Update 3 (Patch 10)|
|Delegated Administrator for Oracle Communications Unified Communications Suite||7 (Patch 7)|
|Connector for Microsoft Outlook for Oracle Communications Unified Communications Suite||8|
|Indexing and Search Service for Oracle Communications Unified Communications Suite||1 Update 4 (Patch 16)|
|Messaging Server HA Agent (MS_SCHA)||7|
|Instant Messaging HA Agent (IM_SCHA)||7.3|
|Dssetup for Oracle Communications Unified Communications Suite (comm_dssetup)||6.4 Patch 24|
Check Communications Suite Component Patches for current patches that have shipped since the initial Communications Suite 7 Update 4 release.
This document contains the following sections:
- New Features in Messaging Server 7 Update 5
- New Features in Messaging Server 220.127.116.11.0
- New Features in Convergence 2 Patch 6
- New Features in Calendar Server 7 Update 3 Patch 10
- New Features in Indexing and Search Service 1 Update 4 Patch 16
- New Features in Instant Messaging 9
- New Features in Delegated Administrator 7 Patch 7
- New Features in Connector for Outlook 8
- New Features in DSsetup 6.4 Patch 24
Messaging Server 7 Update 5 includes the following new features:
- Messaging Server Minor Features
- Unified Configuration
- ICU 4 Support
- Password Aging Support
- Scan Message Store for Newly Discovered Viruses and Spam
- Enhanced Support for Microsoft Exchange 2007 Journaling Format
- Support for Sieve Vacation Seconds Extension
- iMIP Support
- Messaging Multiplexor Now Honors Most Authentication and LDAP-Related configutil Settings
- Support for IMAP STARTTLS when Proxies Connect to Back-end
- Support for IMAP Response Codes
- Store Options to Support Third-Party Authentication Co-process
- MTA OSYNC Option
- Support for -size Option in imsimta test -rewrite
- New Rewrite Rule Metacharacters $, and $>
- SMTP Client Trace Level Debugging Support
- SMS Gateway Server Can Deliver Content in Subject Header Line
- MMP and IMAP Performance Improved on Solaris by Use of Solaris Event Ports
- MMP Scalability Improvements: mmp.numprocesses
- Updates to the Sieve Address Test
- Enhanced SPAMFILTERx_RECEIVED (x=1,8) MTA Options
- MTA Rejects UIDs That Begin With a Hyphen (-)
- Enhanced V Transaction Log Entries
- Some LDAP URL and DNs Errors Ignored
- IMAP Authentication Messages Now Include Session ID
- ENS Events Include Quota Information
- smtps: Negotiation Failures Produce O and C Records
- MMP, watcher, and msprobe Scalability and Performance Improvements
- ugldapport Option
- Diagnostic Improvements to nslog (Message Store and MMP)
- Increase Default Log File Rollover Size Limits (Message Store and MMP)
- Enable IMAP CONDSTORE extension by default
- The IMAP Non-Standard XSERVERINFO Extension Is Now Disabled by Default
- Support for Extended IMAP Access Control List (ACL; RFC4314) Has Been Added
- Access to a Disabled User's Shared Folders Is Now Prevented
Unified Configuration is an improved facility to configure and administer Messaging Server. Unlike with the legacy configuration method (Messaging Server 7 Update 4 and prior releases), Unified Configuration uses validation to verify configuration accuracy and employs a single tool to configure the entire Messaging Server configuration (with a few exceptions). It features improved security, with obfuscated password stored in separate file from the configuration file. Unlike the legacy method, with Unified Configuration, most of the settings are stored in one file. The automation of configuration management tasks is supported using a programming language-like interface.
New installations use the legacy configuration method by default. However, a Unified Configuration can optionally be generated and used instead. If you use Unified Configuration in a new installation and later decide to revert to the legacy method, configuration changes made to the Unified Configuration are not back ported to the legacy configuration. There is no migration path to convert a Unified Configuration to a legacy configuration.
Upgraded installations can also convert from the legacy configuration method to Unified Configuration.
Unified Configuration is only supported on 64-bit platforms.
For more information, see: Overview of Messaging Server Unified Configuration
To better support some international characters, Messaging Server now includes support for ICU 4 (library which provides Unicode and Globalization support). Because this version of the library is not currently available on Solaris 10 or Linux, it is bundled with the Messaging Server package instead of depending on a version installed with the operating system.
The Messaging Server now honors LDAP password policies. It sends an IMAP ALERT when a user's LDAP password is about to expire. Refer to Directory Server documentation for setting this up (see Oracle Identity Management documentation). You can use MeterMaid to limit the frequency of warnings.
You can configure the Message Transport Agent (MTA) to scan the message store for newly discovered viruses and spam. To do this, set the ENABLE_SIEVE_BODY parameter to 1 in option.dat.
Messaging Server can be configured to generate Microsoft Exchange 2007 format journaling messages using the JOURNAL_FORMAT attribute.
You can specify minimum values for vacation :days and :seconds parameters using the new VACATION_MINIMUM_TIMEOUT parameter.
iMIP is now supported to provide better integration between Calendar and Messaging Servers. (Refer to RFC2447.) See Using the iSchedule Channel to Handle iMIP Messages for more information.
The Messaging Multiplexor (MMP) honors most authentication and LDAP-related configutil settings (such as sasl.*, local.ugldaphost, and local.ugldapbinddn) if the equivalent setting is not also set in the separate MMP configuration file. As a result, there is no longer a need for the files ImapProxyAService-def.cfg, PopProxyAService-def.cfg, and SmtpProxyAService-def.cfg in the configuration directory.
When service.imap.plaintexmincipher is set to a non-zero value, the back-end IMAP server will not permit password authentication without use of SSL or STARTTLS. The MMP, mshttpd and IMAP shared folder functions now detect this situation and attempt to negotiate SSL/TLS prior to authenticating. SSL must still be enabled for the relevant proxy (although the client is not required to negotiate SSL for this to work, nor does the proxy have to be configured to require SSL for authentication). For example, ImapProxyAService.cfg should contain "default:SSLEnable yes".
(MMP, mshttpd, IMAP Shared Folders)
IMAP response code support (RFC5530) is implemented in both the IMAP Server and MMP.
Support for third-party authentication co-processes such as MMP has been added through the new options sasl.default.authenticationserver and sasl.default.authenticationldapattributes. See examples/tpauth/authserver.txt for more information.
The OSYNC MTA option has been added enable the use of O_SYNC when creating queue entries. If OSYNC is set to 1, the O_SYNC flag is set when creating queue entries. The default is 0.
The MTA option -size=n simulates the SMTP SIZE extension to verify size-based restrictions.
Two new metacharacters in rewrite rules, $, and $>, are available to validate top-level domains.
You can now enable trace level debugging (TRACE_LEVEL=2) for certain SMTP clients. To do this, specify $G in the PORT_ACCESS mapping entry.
Gateway profiles may now request that the SMS Gateway Server place the entire content of an SMS message gatewayed to email only in the email message's Subject: header line. No content is placed in the email message's body.
Set the new TEXT_TO_SUBJECT option to 1 to enable this behavior.
When TEXT_TO_SUBJECT=1, the EMAIL_BODY_CHARSET option is ignored for that gateway profile. The default value of the PARSE_RE_0 option becomes [\t]([^(])[ \t](.).
On Solaris, event ports are now used by default instead of the poll() system call. This improves MMP and IMAP scalability.
A single MMP process is not as effective as multiple MMP processes in using the resources of a multicore processor. To create multiple MMP processes, set mmp.numprocesses to the number of processes you want. The default value of mmp.numprocesses is 1.
For installations using the legacy configutil configuration method instead of Unified Configuration, the only way to change the value of mmp.numprocesses is to use the service.mmp.numprocesses configutil setting.
Note that setting mmp.numprocesses to a value greater than 1 is incompatible with POP before SMTP and that POP before SMTP is now deprecated (see Deprecated and Removed Features for Messaging Server).
The Sieve address test now uses the heuristic address parser instead of the strict parser.
SPAMFILTERx_RECEIVED (x=1,8) options now accept a value in the range of 0-2.
- 0: don't add a synthetic Received: field to the message content passed to the spam filter
- 1: add a synthetic Received: field to the message content passed to the spam filter (default value)
- 2: add an additional clause of the form
to the header. This clause is used by some SpamAssassin configuration as a source of MAIL FROM addresses instead of using the standards-compliant Return-path: field.
The MTA now rejects UIDs that begin with a hypen (-) because they conflict with IMAP ACL formats. The Message Store also continues to perform this validation.
V transaction log entries now contain a reason field specifying at what point in the transaction the failure occurred and the routine that logged the failure.
Errors in LDAP URLs or DNs encountered during group access check or EXPN command processing are now ignored
Previously, such errors halted the expansion process.
IMAP Authentication messages now include the session ID. You can optionally include the session ID in the IMAP response text using imap.logauthsessionid (for Unified Configuration) or local.imap.logauthsessionid (for the legacy configuration method).
ENS Events triggered from modifications to the message store now include quota information.
smpts: negotiation failures now produce O and C records in the connection log and affect the associated counters.
The MMP now tracks when it is stressed due to either a shortage of file descriptors or during a backlog of LDAP connections. When stressed in these situations, the MMP notifies the watcher, which prevents a request from msprobe to restart the MMP from taking effect. (An MMP restart is likely to exacerbate a stress situation). If the MMP stops making progress (connecting incoming users to their mailhost), the stress state expires and an msprobe restart request becomes viable again. How long the process remains stressed is controlled by the Unified Configuration base.stressperiod option, which defaults to 20 seconds. This setting is not available for legacy configuration.
When the MMP becomes stressed, it stops accepting new connections until it is no longer stressed. If desired, you can disable this feature by setting the base.stressfdwait Unified Configuration option (local.stressfdwait for legacy configuration) to 0.
If the ugldapport option is set to 636, SSL LDAP is always used, regardless of value of the ugldapusessl option.
During startup, errors are sent both to stderr and the log file. After startup, stderr errors from non-Messaging Server libraries (such as assert()) are recorded in the primary nslog log file.
The default log file size limit used in determining when log rollover occurs has been increased from 2 MB to 20 MB. The maximum space allowed to be used by all log files for a specific service has also been increased accordingly. That is, the log file option logfile..maxlogfilesize now defaults to 20 MB, and the option logfile..maxlogsize defaults to 200 MB.
The IMAP CONDSTORE extension has now been enabled by default. The Mozilla Thunderbird client currently uses the CONDSTORE extension if available and provides for significant data transfer reduction on large folders.
Since the server no longer provides any useful information to clients, the mere presence of the XSERVERINFO capability still causes clients such as Mozilla Thunderbird to issue an XSERVERINFO command. This wastes a full client-server roundtrip.
The following are new rights:
k: create sub-folder
x: delete folder
t: delete message (set deleted flag)
e: expunge folder
When a user is disabled, the IMAP operations SELECT, EXAMINE, APPEND, and COPY are denied using IMAP response code UNAVAILABLE.
When a user is forced off, all the IMAP sessions accessing the user's folders are also forced off.
Messaging Server 18.104.22.168.0 includes the following new features:
- Access to Intermediate Address Information in Forward Mapping
- New Destination-Channel Keyword for Reducing Message Headers to a Specified Number of Bytes
- New USE_REVERSE_DATABASE Bit Settings Allow Originator-Based Restrictions
- Logging Has Been Enhanced to Include Individual Conversion Tags in Filter Log Entries
Bit 7 (value 128) of USE_FORWARD_DATABASE, if set, now includes the initial address presented for alias processing in the FORWARD mapping probe. Bit 8 (value 256), if set, now includes the current intermediate address in the FORWARD mapping probe. These addresses appear immediately before the final recipient address.
A new destination-channel keyword, headercut, has been added. If specified, headercut cuts the current message header down to no more than a specified number of bytes, using a heurestic algorithm that removes or truncates header fields based on their relative importance. headercut requires a single nonnegative integer argument. A value of 0, the default, disables header cutting.
Bits 13 (value 8192) and 14 (value 16384) in the USE_REVERSE_DATABASE MTA option have been defined so that, if set, they disable source block and recipient limit settings and capture actions based on the envelope from (MAIL FROM) address (bit 13) and authenticated sender address (bit 14).
If the LOG_FILTER MTA option is set, a conversion tag added with either the setconversiontag or the addconversiontag Sieve action is now logged in mail.log*.
Convergence 2 Patch 6 includes the following changes and new features:
Convergence 2 Patch 6 provides support for standard 9-inch or 10-inch tablets.
Convergence 2 Patch 6 now supports Safari on iPad iOS, starting with 6.1.1, and Chrome on Android Jellybean, starting with 4.2.
Calendar Server 7 Update 3 Patch 10 includes the following changes and new features:
- Authenticating Against a Directory External to the Calendar Server Environment
- Booking Window for Calendars
- Changes to the davadmin Command
- Enable and Disable Account Autocreation
- LDAP Pools
- New Configuration Parameters
- New Languages
- New populate-davuniqueid Utility
- New Schema Objects
- Non-active Calendar Accounts Are No Longer Searched or Fetched
- Remote Document Store Authentication
Calendar Server 7 Update 3 Patch 10 enables authentication against a separate, LDAP directory external to the Calendar server environment. Such a configuration is useful in hosted environments for delegating one administrative aspect to a provider (managing the Calendar Server front- and back-end hosts and LDAP directory with non-sensitive data), while maintaining control over the LDAP user passwords in the internal, corporate network. In this setup, Calendar Server would use the external directory for authentication.
For more conceptual information on Calendar Server and external authentication, see Calendar Server and Directory Server Integration. To configure Calendar Server for authentication against an external Directory Server, see Configuring External Authentication.
Calendar Server 7 Update 3 Patch 10 supports the use of a system-wide minimum booking window for calendars through the use of the new davcore.scheduling.minbookingwindow configuration parameter. This new parameter compliments the existing maximum booking window support (davcore.scheduling.maxbookingwindow) parameter. In addition, starting in Calendar 7 Update 3, you can set account-level minimum and maximum booking window properties through the davadmin account command or clients that use the WCAP set_accountprops command. The minimum and maximum booking window values define a window of time relative to current time, between which Calendar Server allows the account to be scheduled. Calendar Server enforces the booking window by returning a busy response to the free/busy check done by the scheduling agent if the requested time is outside the booking window. In addition to setting the booking window, you should also set the account's scheduling flag to "decline on conflict" for the window to take effect. The booking window setting also affects calendars configured to auto accept invitations. In the case where auto decline is also configured, it takes precedence over auto accept.
To configure both the minimum and maximum booking windows for accounts, you can use either the davadmin command or the set_accountprops.wcap interface. In absence of an account property, Calendar Server defaults to using the corresponding system-wide booking window configuration.
Upfront Free/busy Check for Control of Doublebooking and Booking Window During Scheduling
A scheduling attempt requested for an account that has its attendance flag set to "decline on conflict" (the attendance flag is set either by a CommSuite:set_accountprops.wcap command or davadmin account command), triggers Calendar Server to perform a special free/busy check. This check happens as part of the scheduling process for both CalDAV and WCAP clients. Because scheduling is an asynchronous process, the event organizers are made aware of an error only after they have made the booking. However, for clients that use the WCAP protocol, the same check is performed upfront. This enables the organizer to get an immediate error if the event request results in a conflict for the calendar.
(Bug: 12310347, SR: 1-742597505)
In Calendar Server 7 Update 3 Patch 10, the davadmin command has been updated with the following changes:
- The passfile option has been updated to accommodate setting a password on the remote document store and corresponding password entry in Calendar server front end that needs to communicate with the document store.
- A new command, davadmin ldappool, has been added to support LDAP pools, which are used in configuring external Directory Server authentication.
- The davadmin account list command now displays a list of all users in the database and their details.
For more information, see CommSuite:Calendar Server 7 Command-Line Utilities.
Calendar Server 7 Update 3 Patch 10 provides the capability to enable or disable, on a system-wide basis, the calendar account autocreation, either on login or invite. For more information, see the davcore.autocreate.enableautocreate parameter in Calendar Server 7 Configuration Parameters.
Starting with Calendar Server 7 Update 3 Patch 10, you can create LDAP pools for use in authenticating against an external directory. For more information, see the davadmin ldappool command and also Configuring External Authentication.
Calendar Server 7 Update 3 Patch 10 introduces the following configuration parameters:
- davcore.autocreate.rescalcomponents: Assigns the default autocreation setting for supported calendar components for a new resource calendar
- davcore.scheduling.allowownerdoublebooking: If set, owners of resource calendars can double book even if the resource account prevents doublebooking
- davcore.scheduling.minbookingwindow: Specifies the start of a booking window, in days, from the time of scheduling, from which a calendar can be booked in advance
For more information, see Calendar Server 7 Configuration Parameters.
Calendar Server 7 Update 3 Patch 10 also includes the service.host parameter for the document store ashttpd.properties file.
For Calendar Server 7 Update 3 Patch 10, the product configuration program and all notifications that are sent by the server have been localized into the following additional languages: German, Spanish, Korean, Simplified Chinese, and Traditional Chinese.
Calendar Server 7 Update 3 Patch 10 introduces a new LDAP attribute named davUniqueId. This attribute replaces the problematic nsUniqueId attribute, whose value is lost when an LDAP entry is deleted and then recreated. (See Changing User uuid for more information about the issues with the nsUniqueId attribute.)
To set the value of the davUniqueId attribute to the current value of the nsUniqueId attribute for existing LDAP entries, use the new populate-davuniqueid utility.
For more information, see Calendar Server Unique Identifier.
The following LDAP schema objects are added to Calendar Server 7 Update 3 Patch 10 to support authentication against an external Directory Server:
- externalAuthPreUrlTemplate: This attribute is used for authentication by using external Directory Servers. Its value is an LDAP URL that defines how users must be searched for in the external Directory Server against which authentication is performed.
- externalAuthPostUrlTemplate: This attribute is used for finding the internal Directory Server entry for a user who authenticated by using external Directory Servers. Its value is an LDAP URL that must be used to map the external Directory Server authenticated user to a user in the internal Directory.
The following LDAP schema attribute is also added:
- davUniqueId: This attribute can be used to define a unique ID for any davEntity user, group, and resource object, much like the operational attribute nsUniqueId. It is recommended that davUniqueId be used as the value of the davcore.uriinfo.permanentuniqueid configuration parameter.
These new elements are required by Calendar Server 7 Update 3 Patch 10. Schema changes are applied to Directory Server when you run the comm_dssetup script. When upgrading to Calendar Server 7 Update 3 Patch 10, you need to first apply the comm_dssetup 6.4 patch (at least 6.4-24.02) and run the updated comm_dssetup script against your Directory Server instances. See Upgrading Calendar Server for more information.
Starting with Calendar Server 7 Update 3 Patch 10, if a calendar account's LDAP icsStatus attribute is populated and is not set to active, the account is not searched nor are any results fetched for that account when running Calendar Server davadmin or WCAP commands. That is, Calendar Server returns search results only for active accounts and does not return unusable data such as inactive calendars.
Calendar Server 7 Update 3 Patch 10 provides enhanced security for remote document stores. A remote document store now requires password authentication for the connection between the Calendar Server and the remote document store server. The password needs to be known by both the document store client (which runs in the Calendar Server itself) and the remote document store server (which runs on the remote host where the store is located). The password is stored in a password file (called a wallet) on each of the hosts.
For information on configuring the remote store password, see To Configure Remote Document Store Authentication.
Indexing and Search Service 1 Update 4 Patch 16 includes the following changes and new features:
(Bugs: 13517733, 13257862, SR: 3-5561340981)
This feature checks every ISS account against Messaging Server accounts at regular intervals to detect differences, for example, from a reconstructed folder or lost event notifications, that ISS can then automatically correct.
Two items control this periodic check:
- Periodic auto-sync: A periodic scan to check that all active ISS accounts are in sync.
- Periodic auto-bootstrap: A scan for accounts unknown to ISS and adding these accounts to a list to be automatically bootstrapped. It is the bootstrap action that is periodic, not the error scanning. The scanning for accounts that need to be bootstrapped occurs continuously as new events arrive and errors are detected. ISS adds the unknown accounts to the auto-bootstrap "to-do" list whenever trigger conditions are met. The periodic nature of the auto-bootstrap prevents too many accounts from being bootstrapped simultaneously, should many errors show up at once. This process enables the workload to be spread out among the Messaging Server and ISS hosts, instead of trying to correct every such error immediately.
For more information, see Administering Periodic Automatic Synchronization for Indexing and Search Service Accounts.
This feature fixes an issue where ISS becomes out-of-sync when a folder has been reconstructed on Messaging Server. When the reconstruct command runs, it may cause the UID validity value and/or UIDs assigned to emails in a folder to change, but does not trigger event notifications to notify ISS of the change. ISS now detects the UID validity mismatch while processing events and re-bootstraps the folder to get it back in sync.
This feature is designed for the implementation of highly available (HA) ISS nodes, however the service itself is useful even when you do not use HA (which is why it is included in this release). The watcher service provides local host monitoring of ISS services and alerts you, with log file messages and email warnings, when it detects a service outage. Once alerted, you can take the appropriate corrective action, such as restarting a service. The services that are monitored are dependent on the type of ISS installation on which the watcher is running. The iss.cluster.install parameter in the jiss.conf configuration file defines the ISS installation type:
For more information, see Administering the ISS Watcher Service.
Additionally, one of the HA improvements is to enable the cluster search service to run on the back-end nodes, making exposing NFS to the web tier unnecessary. For more information, see Configuring Indexing and Search Service for clusterv2.
The following performance improvements for this release are targeted at both general memory and time reductions, and to speed up specific styles of search queries:
- Search service: Email folder manager optimization reduces the number of indexReaders opened during search
- jmqconsumer process: Candidate file write optimization reduces the IO overhead during event processing of candidate file writing
- Index service: folderflag optimization reduces the average size of flag records for folders containing a large number of emails
Starting with this release of Indexing and Search Service, Java 7 is recommended, as Java 6 is entering end of life. If you generated your ISS indexes while on Java 6, once you upgrade to Java 7, you should regenerate the indexes. See Upgrading Indexing and Search Service for more information.
Instant Messaging 9 Patch 1 includes the following changes and new features:
You can configure Instant Messaging so that end users can send a message to an LDAP group, which can be either dynamic or static.
- LDAP dynamic group: Membership, rather than being maintained explicitly in a list, is determined by search criteria using an LDAP URL. Dynamic groups use the groupOfURLs object class and the memberURL attribute to define LDAP URLs with the criteria (search base, scope, and filter) to be used for determining members of the group.
- LDAP static group: A static group is one whose entry contains a membership list of explicit DNs. You can define a static group by using the groupOfUniqueNames object class and by explicitly specifying the member DNs using the member attribute.
To enable end users to view dynamic and static LDAP groups in search results and add them to their instant messaging client contact list, you need to include groupOfUrls objects in search results.
For more information about Group Messaging, see Managing Instant Messaging's LDAP Access Configuration.
When the offline chat message delivery feature is enabled on the Instant Messaging Server, regular instant messages (chat messages) that are sent to offline users are not discarded. They are available on the Instant Messaging Server, and delivered to the user when the user comes online. This feature can be enabled at deployment level or at domain level using the whitelisting facility. This feature can be disabled using the blacklisting facility.
However, Instant Messaging alerts are managed differently. The feature is enabled or disabled at the user level. Similar to offline chat messages, the Instant Messaging Server stores the alerts for the offline recipient, and delivers them when the user logs in next time. This is, if the user has configured to receive offline alerts during the next login.
If you install Calendar Server with Instant Messaging, you can configure your deployment such that you receive Instant Messaging alerts about your calendar todos and events, as pop-up messages. As long as you are logged in to Instant Messaging (you are online), you receive Calendar Server HTML pop-up reminders on your desktop. If you are offline, you receive the alerts the next time you login, if you have configured to receive offline alerts during the next login.
For more information about Offline Messaging, see Managing Instant Messaging Messages for Offline Users.
Starting with Instant Messaging 9 Patch 1, the default value for password configuration properties is random.
Starting in Instant Messaging Server 9 Patch 1, you can manually configure httpbind connections to "follow through" by using this command:
Starting with version 9 Patch 1, Instant Messaging deployments are more secure. In previous versions of Instant Messaging, the server listened to connections on the port defined by the iim_server.port parameter (the default value is port 5269) in various situations. These situations include a peer in a server pool, components such as external gateways, cal-agent, sms-agent, httpbind, and so on. In Instant Messaging 9 Patch 1, the server now listens to this port only when at least one of these options is configured.
The gwdomain-id.multihosting parameter in the httpbind.conf file, if set to true, allows a packet destined to a domain, which is not pre-configured in httpbind.conf, to be sent to Instant Messaging Server. You use this parameter for a hosted domain setup. The default value for this parameter is true. For more information, see Gateway Domain ID Key Parameters for httpbind.
Instant Messaging 9 Patch 3 includes the following changes and new features:
- New Configuration Properties
- DIGEST-MD5 SASL Authentication
- Support for GlassFish 3
- Changes for Bug 15958098
Instant Messaging Server 9 Patch 3 provides the following new configuration properties:
- iim_server.sasl.usemechanism.DIGEST-MD5: Enables the DIGEST-MD5 authentication mechanism
- iim_ldap.plaintextpasswords: Specifies if the passwords in LDAP are stored in clear text
- iim_server.filter.enable: Specifies if the file filter providers should be enabled or disabled
- iim_server.filters: Specifies the list of file filter providers
Starting with version 9 Patch 2, Instant Messaging Server supports the DIGEST-MD5 SASL authentication method for password-based authentication. DIGEST-MD5 is a challenge/response authentication mechanism defined in RFC 2831.
Prerequisite: To use the DIGEST-MD5 authentication mechanism, the passwords in LDAP should be in plain text.
- Use the imconfutil command to set the iim_server.sasl.usemechanism.DIGEST-MD5 to true and to set the iim_ldap.plaintextpasswords property to true.
- Restart Instant Messaging Server.
Starting with version 9 Patch 2, Instant Messaging Server supports the use of GlassFish Server 3 as the web container.
A ByteStreamFilter is a server plugin module that can be used to control, alter or discard all byte stream data going through the server. Starting with Instant Messaging Server 9 Patch 2, these filters can be specified and enabled by using the new configuration properties, iim_server.filter.enable and iim_server.filters.
This version of Delegated Administrator 7 (Patch 7) in Communications Suite 7 Update 4 includes bug fixes only.
Delegated Administrator 7 Patch 7 includes the following changes and new features:
Starting with Delegated Administrator 7 Patch 7, you can enable LDAP over SSL (LDAPS) for Delegated Administrator communications with Directory Server. This applies only to Direct LDAP mode. For more information, see Configuring Delegated Administrator for LDAPS.
Delegated Administrator 7 Patch 7 includes the following new configuration parameter (applies to Direct LDAP mode only):
- ldaphost-usessl: When set to true, this parameter enables LDAP over SSL (LDAPS) for Delegated Administrator communications with Directory Server.
Delegated Administrator 7 Patch 7 includes the following new option to the config-commda initial configuration command:
- -relaxugcheck: Bypasses the LDAP check on if the default organization RDN is the same as the User/Group suffix. This check was performed to work around an issue in Access Manager mode. However, if your existing directory structure is such that the default organization RDN is the same as the User/Group suffix, and you plan to use Direct LDAP mode, then you would use this option to bypass the restriction.
Microsoft Connector for Outlook 8 includes the following changes and new features:
- Support for Microsoft Outlook 2010 (32-bit)
- Connector for Microsoft Outlook Profile Conversion and Upgrade Support
This version of Connector for Outlook provides support for Microsoft Outlook 2010.
In Connector for Microsoft Outlook 7.3 and earlier versions, you had to create a new profile to modify or upgrade user profiles linked to Connector for Microsoft Outlook 7.1 and later versions.
A new hidden configuration parameter, ModifySun71PlusProfile, located in the setupfilename.ini file, enables or disables the conversion of Connector for Microsoft Outlook 7.1 (and later versions) user profiles. To not modify the Connector for Microsoft Outlook 7.1 (or later version) user profile, set the ModifySun71PlusProfile parameter equal to 0. To modify the user profile with the configured values, set the ModifySun71PlusProfile parameter equal to 1
The ModifySun71PlusProfile=0/1 parameter is not enabled if the Create new user profile without conversion/upgrade option is chosen in the user profile settings of the Connector for Microsoft Outlook configuration program.
In this release of DSsetup new attributes and object classes have been added for use by Calendar Server 7 Update 3 Patch 10. See New Schema Objects for more information. Also, the nabStatus, nabDomainAcl, nabDomainNames, and nabStore objects have been assigned for future use with Network Address Book.
In addition, Dssetup no longer automatically removes 71sun-am.ldif if Access Manager schema is found in 99user.ldif.