Latest
How do I prevent updates to specific attributes in DS when synchronizing data in IDM (All versions)?
The purpose of this article is to provide information on preventing updates to all attributes in DS when performing a synchronization operation (reconciliation, LiveSync or implicit sync) in IDM. For instance, implicit sync is designed to update the entire object in the target system (all attributes) even if the change only affects a single attribute, but this article shows how you can remove this behavior from specific attributes.
Where can I find useful logs for troubleshooting ForgeRock products?
The purpose of this article is to provide information on finding logs across ForgeRock products (AM, DS, IDM and IG) for troubleshooting purposes. This article shows default log locations, although most of them can be changed.
What Java versions are ForgeRock products supported on?
The purpose of this article is to provide information on the supported Java® versions across the ForgeRock platform (AM, DS, IDM and IG).
Log4j Security Advisory #202111
The purpose of this advisory is to provide information on whether ForgeRock products (Identity Cloud, AM, DS, IDM, IG, Agents and Autonomous Identity) are vulnerable to recent Log4j 2 vulnerabilities: RCE (Remote Code Execution) CVE-2021-44228, DoS (Denial of Service) CVE-2021-45046, DoS CVE-2021-45105 and ACE (Arbitrary Code Execution) CVE-2021-44832. These vulnerabilities allow an attacker to remotely execute code in certain circumstances.
How do I disable a user account in DS using IDM (All versions)?
The purpose of this article is to provide information on disabling a user account in DS when the user is disabled in IDM. This article assumes you are using the LDAP connector.
How do I synchronize hashed passwords from IDM (All versions) to DS (All versions)?
The purpose of this article is to provide information on how to pass pre-hashed passwords values within IDM to DS.
FAQ: General IDM
The purpose of this FAQ is to provide answers to commonly asked general questions regarding IDM.
Checking your product versions are supported
The purpose of this article is to provide EOSL dates for the specific ForgeRock products and versions you are running so you can check that the version you are on is still supported. This also includes dates for Identity Cloud downloadable components.
Public key not found error and cannot log in to Admin UI after upgrading to IDM 7.1
The purpose of this article is to provide assistance if you receive a "Public key not found" error, and cannot log in to the Admin UI or use the REST API after upgrading to, or installing IDM 7.1.
SSLHandshakeException or ClassCastException when using an HSM and Java 11 with ForgeRock products
The purpose of this article is to provide assistance if you encounter an SSLHandshakeException or ClassCastException when using a Hardware Security Module (HSM) via the PKCS11 module with Java® 11 (11.0.1 to 11.0.5). This issue affects all ForgeRock products that are compatible with Java 11 (versions 6.5 and later of AM, DS, IDM and IG).
Books
Security Advisories
This book provides security advisories for ForgeRock products (AM, DS, IDM and IG).
Administering and configuring IDM
This book provides information on administering and configuring IDM, including frequently asked questions and known issues.
Upgrading IDM
This book provides information on upgrading IDM including recommended procedures for different upgrade scenarios and known issues.
Synchronization in IDM
This book provides information on synchronization in IDM including Reconciliation, LiveSync and Implicit synchronization.
Using the REST API in IDM
This book provides information on using the REST API in IDM and includes known issues (including solutions).
Platform compatibility
This book provides information on compatibility between ForgeRock products (AM, DS, IDM and IG).
SSL in IDM
This book provides information on SSL in IDM, including connections and certificates.
Scripts in IDM
This book provides information on scripts in IDM, including troubleshooting them.
Source code in ForgeRock products
This book provides information on source code and binaries in ForgeRock products (AM, DS, IDM and IG).
Security Advisories
Log4j Security Advisory #202111
The purpose of this advisory is to provide information on whether ForgeRock products (Identity Cloud, AM, DS, IDM, IG, Agents and Autonomous Identity) are vulnerable to recent Log4j 2 vulnerabilities: RCE (Remote Code Execution) CVE-2021-44228, DoS (Denial of Service) CVE-2021-45046, DoS CVE-2021-45105 and ACE (Arbitrary Code Execution) CVE-2021-44832. These vulnerabilities allow an attacker to remotely execute code in certain circumstances.
Java JDK Security Advisory #202109
ForgeRock are aware of a serious vulnerability in the implementation of certain cryptographic operations in Java JDK versions 15 and later. This affects Oracle® Java® and OpenJDK, including other JDKs derived from OpenJDK. You should follow the advice in this advisory to secure your deployments at the earliest opportunity.
ICF Security Advisory #202102
ForgeRock has discovered two security vulnerabilities in the Identity Connector Framework (ICF).
IDM Security Advisory #202002
A security vulnerability has been discovered in an IDM component. This issue is present in version 7.0.0 of ForgeRock Identity Management.
IDM/OpenIDM Security Advisory #201705
Security vulnerabilities have been discovered in IDM/OpenIDM components. These issues may be present in IDM 5.0 and OpenIDM 2.1.x, 3.x, 4.x. The OpenIDM Community Edition 2.1.2 is also affected.