Latest
Checking your product versions are supported
The purpose of this article is to provide EOSL dates for the specific ForgeRock products and versions you are running so you can check that the version you are on is still supported. This also includes dates for Identity Cloud downloadable components.
How do I upgrade DS (All versions) if I have the DS Password Sync Plugin for IDM installed?
The purpose of this article is to provide information on upgrading DS if you have the DS Password Sync Plugin for IDM installed. This article refers to the DS server where you have installed the DS Password Sync Plugin.
Generation IDs do not match error after restoring a DS (All versions) replica
The purpose of this article is to provide assistance if a "Generation IDs do not match" error occurs during replication after restoring an old backup or LDIF data to a DS instance.
Where can I find useful logs for troubleshooting ForgeRock products?
The purpose of this article is to provide information on finding logs across ForgeRock products (AM, DS, IDM and IG) for troubleshooting purposes. This article shows default log locations, although most of them can be changed.
What Java versions are ForgeRock products supported on?
The purpose of this article is to provide information on the supported Java® versions across the ForgeRock platform (AM, DS, IDM and IG).
How do I disable TLS 1.3 when running DS 6.5, 6.5.1 or 6.5.2 with Java 11.0.5 and earlier, or Java 1.8.0_272 and later?
The purpose of this article is to provide information on disabling TLS 1.3 when running DS with Java® 11 (11.0.5 and earlier) or Java 8 (1.8.0_272 and later). It is recommended that you upgrade to at least DS 6.5.3 and Java 11.0.6 if you want to use TLS 1.3. On earlier versions of Java 11, you should disable TLS 1.3 because of known issues with Oracle JDK 11 and OpenJDK 11's implementation of TLS 1.3.
Upgrading DS (All versions) fails with UnsupportedClassVersion error
The purpose of this article is to provide assistance if the DS server fails to upgrade to a later version with "Exception in thread "main" java.lang.UnsupportedClassVersionError".
How do I install a DS patch (All versions) supplied by ForgeRock support?
The purpose of this article is to provide information on installing a DS patch that has been supplied by ForgeRock support. The instructions differ depending on whether you are using a standalone DS or an embedded DS (in AM or IDM 6 and later).
How do I avoid common pitfalls when upgrading DS (All versions)?
The purpose of this article is to provide information on common pitfalls you should be aware of before upgrading DS.
Log4j Security Advisory #202111
The purpose of this advisory is to provide information on whether ForgeRock products (Identity Cloud, AM, DS, IDM, IG, Agents and Autonomous Identity) are vulnerable to recent Log4j 2 vulnerabilities: RCE (Remote Code Execution) CVE-2021-44228, DoS (Denial of Service) CVE-2021-45046, DoS CVE-2021-45105 and ACE (Arbitrary Code Execution) CVE-2021-44832. These vulnerabilities allow an attacker to remotely execute code in certain circumstances.
Books
Security Advisories
This book provides security advisories for ForgeRock products (AM, DS, IDM and IG).
Upgrading DS
This book provides information on upgrading DS including recommended procedures for upgrading and known issues.
Migrating from Oracle DSEE to DS
The purpose of this book is to provide information on migrating from DSEE to DS.
Platform compatibility
This book provides information on compatibility between ForgeRock products (AM, DS, IDM and IG).
Installing and Administering DS
This book provides information on installing and administering DS, including frequently asked questions and known issues.
Replication in DS
This book provides information on configuring, managing, troubleshooting and recovering replication in DS. Known issues are included along with solutions.
Indexes in DS
This book provides information on indexing in DS and includes information on troubleshooting and known issues (with solutions).
Passwords in DS
This book provides information on passwords in DS and includes a chapter on the Password Synchronization Plugin.
Source code in ForgeRock products
This book provides information on source code and binaries in ForgeRock products (AM, DS, IDM and IG).
Troubleshooting DS
This book provides information on troubleshooting various issues in DS, including collecting useful troubleshooting information such as heap dumps and stack traces.
Security Advisories
Log4j Security Advisory #202111
The purpose of this advisory is to provide information on whether ForgeRock products (Identity Cloud, AM, DS, IDM, IG, Agents and Autonomous Identity) are vulnerable to recent Log4j 2 vulnerabilities: RCE (Remote Code Execution) CVE-2021-44228, DoS (Denial of Service) CVE-2021-45046, DoS CVE-2021-45105 and ACE (Arbitrary Code Execution) CVE-2021-44832. These vulnerabilities allow an attacker to remotely execute code in certain circumstances.
DS Security Advisory #202108
Security vulnerabilities have been discovered in supported versions of Directory Services (DS). These vulnerabilities affect version 7.1.0 only and are not present in older versions. You should secure your deployments at the earliest opportunity as outlined in this security advisory.
Java JDK Security Advisory #202109
ForgeRock are aware of a serious vulnerability in the implementation of certain cryptographic operations in Java JDK versions 15 and later. This affects Oracle® Java® and OpenJDK, including other JDKs derived from OpenJDK. You should follow the advice in this advisory to secure your deployments at the earliest opportunity.
DS/OpenDJ Security Advisory #202001
ForgeRock has discovered two Medium-level security vulnerabilities and one Low-level security vulnerability present in supported versions of ForgeRock Directory Services (DS) and OpenDJ. The vulnerabilities also affect embedded DS/OpenDJ in AM 5.x, AM 6.x and OpenAM 13.x as well as IDM 6.x.
DS/OpenDJ Security Advisory #201803
ForgeRock has discovered a Medium-level security vulnerability in ForgeRock Directory Services (DS) 5.0.0, 5.5.0, 5.5.1, 6.0.0 and in OpenDJ 3.0.0, 3.5.0, 3.5.1, 3.5.2, 3.5.3. The vulnerability also affects embedded DS/OpenDJ in AM 5.x, AM 6.0 and OpenAM 13.x as well as IDM 6.0.
DS/OpenDJ Security Advisory #201706
Security vulnerabilities have been discovered in ForgeRock Directory Services (DS) 5.0, 5.5 and in OpenDJ versions 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 3.0.0, 3.5.0, 3.5.1, 3.5.2. The OpenDJ Community Edition 2.6.4 is also affected.