Release Notes

Red Hat Directory Server 11

Updated for Release notes for Red Hat Directory Server 11.0

Marc Muehlfeld

Red Hat Customer Content Services


The release notes provide high-level coverage of the improvements and additions that have been implemented in Red Hat Directory Server 11.0 and document known problems in this release, as well as notable bug fixes, technology previews, deprecated functionalities, and other details.

Chapter 1. General information

This chapter contains general information about Red Hat Directory Server 11, independent of the minor version.

1.1. Software conflicts

Directory Server cannot be installed on any system that has a Red Hat Enterprise Linux Identity Management (IdM) server installed. Likewise, no Red Hat Enterprise Linux IdM server can be installed on a system with a Directory Server instance.

1.2. Notes about migrating to Directory Server 11

This section provides information for users who want to migrate an existing Directory Server 10 environment to Directory Server 11.

Migration procedure

For a procedure about migrating Directory Server 10 to Directory Server 11, see the corresponding chapter in the Red Hat Directory Server Installation Guide.

New command-line utilities in Directory Server 11

Directory Server 11 provides new command line utilities to manage server instances and users. These utilities replace the Perl scripts used for management tasks in Directory Server 10 and earlier versions.

For a list of commands in previous versions and their replacements in Directory Server 11, see the Command-line utilities replaced in Red Hat Directory Server 11 appendix in the Red Hat Directory Server Installation Guide.


The Perl scripts used for management tasks in Directory Server 10 and earlier versions are still available in the 389-ds-base-legacy-tools package. However, Red Hat only supports the new dsconf, dsctl, dscreate, and dsidm command-line utilities.

Chapter 2. Red Hat Directory Server 11.0

2.1. System requirements

This section contains information related to installing Directory Server 11.0, including prerequisites and platform requirements.

2.1.1. Supported platforms for Directory Server

Red Hat supports Directory Server 11.0 on the following platforms:

2.1.2. Supported platforms for the Directory Server user interface in Cockpit

Red Hat supports the browser-based Directory Server user interface in Cockpit in the following environments:

Operating systemBrowser

Red Hat Enterprise Linux 8.1

  • Mozilla Firefox 52 and later
  • Chrome 57 and later

Windows Server 2016

  • Mozilla Firefox 52 and later
  • Microsoft Internet Explorer 11
  • Chrome 57 and later

Windows 10

  • Mozilla Firefox 52 and later
  • Microsoft Edge 16 and later
  • Microsoft Internet Explorer 11
  • Chrome 57 and later

2.1.3. Supported platforms for the Windows Synchronization utility

Red Hat supports the Windows Synchronization utility for Active Directory running on:

  • Microsoft Windows Server 2016

2.2. Highlighted updates and new features

This section documents new features and important updates in Directory Server 11.0.

Directory Server introduces new command-line utilities to manage instances

Red Hat Directory Server 11.0 introduces the dscreate, dsconf, and dsctl utilities. These utilities simplify managing Directory Server using the command line. For example, you can now use a command with parameters to configure a feature instead of sending complex LDIF statements to the server.

The following is an overview of the purpose of each utility:

  • Use the dscreate utility to create new Directory Server instances using the interactive mode or an INF file. Note that the INF file format is different from the one the installer used in previous Directory Server versions.
  • Use the dsconf utility to manage Directory Server instances during run time. For example, use dsconf to:

    • Configure settings in the cn=config entry
    • Configure plug-ins
    • Configure replication
    • Back up and restore an instance
  • Use the dsctl utility to manage Directory Server instances while they are offline. For example, use dsctl to:

    • Start and stop an instance
    • Re-index the server database
    • Back up and restore an instance

These utilities replace the Perl and shell scripts marked as deprecated in Directory Server 10. The scripts are still available in the unsupported 389-ds-base-legacy-tools package, however Red Hat only supports managing Directory Server using the new utilities.

Note that configuring Directory Server using LDIF statements is still supported, but Red Hat recommends using the utilities.

For further details about using the utilities, see the Red Hat Directory Server 11 Documentation.

Directory Server now provides a browser-based user interface

This enhancement adds a browser-based interface to Red Hat Directory Server that replaces the Java-based Console used in previous versions. As a result, administrators can now use the Red Hat Enterprise Linux web console to manage Directory Server instances using a browser.

For further details, see the Red Hat Directory Server 11 Documentation.

Note that the browser-based user interface does not contain an LDAP browser.

Highlighted updates and new features in the 389-ds-base packages

Features in Red Hat Directory Server, that are included in the 389-ds-base packages, are documented in the Red Hat Enterprise Linux 8.1 Release Notes:

2.3. Known issues

This section documents known problems and, if applicable, workarounds in Directory Server 11.0.

Directory Server settings that are changed outside the web console’s window are not automatically visible

Because of the design of the Directory Server module in the Red Hat Enterprise Linux 8 web console, the web console does not automatically display the latest settings if a user changes the configuration outside of the console’s window. For example, if you change the configuration using the command line while the web console is open, the new settings are not automatically updated in the web console. This applies also if you change the configuration using the web console on a different computer. To work around the problem, manually refresh the web console in the browser if the configuration has been changed outside the console’s window.

The Directory Server Web Console does not provide an LDAP browser

The web console enables administrators to manage and configure Directory Server 11 instances. However, it does not provide an integrated LDAP browser. To manage users and groups in Directory Server, use the dsidm utility. To display and modify directory entries, use a third-party LDAP browser or the OpenLDAP client utilities provided by the openldap-clients package.

Appendix A. Revision History

Note that revision numbers relate to the edition of this manual, not to version numbers of Red Hat Directory Server.

VersionDate and changeAuthor


Nov 05 2019: Red Hat Directory Server 11.0 release of this document

Marc Muehlfeld

Legal Notice

Copyright © 2019 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.