ForgeRock Identity Platform
Does not apply to Identity Cloud

FAQ: DS compatibility with third-party products

Last updated Jun 15, 2021

The purpose of this FAQ is to provide answers to commonly asked questions regarding DS compatibility with third-party products.

Frequently asked questions

Q. Can the DS database be stored on a virtual VMware server?

A. Yes, you can use virtual VMware servers for the database and DS will work with this in the same way as if the database was stored on a local disk.

You should refer to Very high CPU seen on ForgeRock products running on VMware for advice on hosting our products on VMware.

Q. Is antivirus software compatible with DS?

A. Antivirus and intrusion detection systems are not compatible with DS file access. Scanning DS files may impact performance and cause system reliability problems because of file locking. At a minimum, you should whitelist the DS database files to exclude them from antivirus scanning, which will prevent interference with normal file access. 

See Antivirus Interference for further details on whitelisting and potential problems to consider before running DS with antivirus software. 


When submitting a Support ticket, ensure ForgeRock support are aware that there is an Antivirus system running on the DS servers. Support will initially troubleshoot any issues with the antivirus software enabled. However, ForgeRock has the right to request that you temporarily disable the antivirus software if we suspect it is interfering with normal operations and as a result impeding efforts to determine root cause.

Q. Does DS support PostgreSQL?

A. No, DS uses its own BerkeleyDB™ JE backend, which cannot be substituted for anything else.

Q. Can I use the AWS snapshot feature to quickly provision new DS instances?

A. Yes, you can. See How do I use the AWS snapshot feature to quickly create DS 5.x or 6.x instances? for further information on doing this in pre-DS 7.

Q. Is DS FIPS 140-2 compliant?

A. ForgeRock supports customers using FIPS 140-2 certified cryptographic modules, which can be used for securing communications (SSL), messages and assertions (for example, SAML assertions, OIDC ID tokens), and credential storage. Most ciphers and other cryptographic algorithms are configurable, and support FIPS-compliant options. ForgeRock can make use of a FIPS 140-2 certified cryptographic module through a standard PKCS#11 interface.

Q. Why can't I use the ControlPanel.app in the Mac OS X operating system?

A. There are two known issues with the ControlPanel.app:

In DS 5.x, you can start the DS Control Panel from the command line instead to overcome these issues.

The DS Control Panel has been deprecated and removed with the release of DS 6 You should use the command-line tools provided with DS for performing administrative tasks and operations instead. See DS 6 Removed Functionality for further information.

See Also

FAQ: Installing and configuring DS

FAQ: Upgrading DS

FAQ: Passwords in DS

Installing and Administering DS

Related Training

ForgeRock Directory Services Core Concepts (DS-400)

Copyright and Trademarks Copyright © 2021 ForgeRock, all rights reserved.