- Q. Can the DS database be stored on a virtual VMware® server?
- Q. Is antivirus software compatible with DS?
- Q. Does DS support PostgreSQL®?
- Q. Can I use the Amazon Web Services™ (AWS™) snapshot feature to quickly provision new DS instances?
- Q. Is DS FIPS 140-2 compliant?
- Q. Why can't I use the ControlPanel.app in the Mac® OS X® operating system?
A. Yes, you can use virtual VMware servers for the database and DS will work with this in the same way as if the database was stored on a local disk.
You should refer to Very high CPU seen on ForgeRock products running on VMware for advice on hosting our products on VMware.
A. Antivirus and intrusion detection systems are not compatible with DS file access. Scanning DS files may impact performance and cause system reliability problems because of file locking. At a minimum, you should whitelist the DS database files to exclude them from antivirus scanning, which will prevent interference with normal file access.
See Antivirus Interference for further details on whitelisting and potential problems to consider before running DS with antivirus software.
When submitting a Support ticket, ensure ForgeRock support are aware that there is an Antivirus system running on the DS servers. Support will initially troubleshoot any issues with the antivirus software enabled. However, ForgeRock has the right to request that you temporarily disable the antivirus software if we suspect it is interfering with normal operations and as a result impeding efforts to determine root cause.
A. No, DS uses its own BerkeleyDB™ JE backend, which cannot be substituted for anything else.
A. Yes, you can. See How do I use the AWS snapshot feature to quickly create DS 5.x or 6.x instances? for further information on doing this in pre-DS 7.
A. ForgeRock supports customers using FIPS 140-2 certified cryptographic modules, which can be used for securing communications (SSL), messages and assertions (for example, SAML assertions, OIDC ID tokens), and credential storage. Most ciphers and other cryptographic algorithms are configurable, and support FIPS-compliant options. ForgeRock can make use of a FIPS 140-2 certified cryptographic module through a standard PKCS#11 interface.
A. There are two known issues with the ControlPanel.app:
- OPENDJ-1261 (Mac OS X 10.9.1 sees OpenDJ Control Panel as damaged)
- OPENDJ-1224 (App bundles are considered "corrupt" and don't run in Mavericks)
In DS 5.x, you can start the DS Control Panel from the command line instead to overcome these issues.
The DS Control Panel has been deprecated and removed with the release of DS 6 You should use the command-line tools provided with DS for performing administrative tasks and operations instead. See DS 6 Removed Functionality for further information.