In this section
Make sure you have reviewed all TIDs and Product Updates for the version of the driver you are using.
The new driver shim is intended to work with your existing driver configuration with no changes, but this assumes that your driver shim and configuration have the latest fixes.
The new driver shim replaces the previous one.
Installing the driver shim does not change your existing configuration. Your existing configuration will continue to work with the new driver shim no changes.
However, if you want to take advantage of the new features, you must upgrade your driver configuration, either by replacing your driver configuration with the new sample configuration, or by converting your existing to configuration to Identity Manager format and adding policies to it.
The sample configuration contains all the new features, such as support for Identity Manager Password Synchronization and Role-Based Entitlements.
Źd—v: Because you are upgrading the driver on two separate eDirectory servers, you must complete the upgrade procedures for each server.
If you create a user on the server holding a valid certificate, the user will not be synchronized to the server containing the invalid certificate. You might also see the following error in DSTrace:
SSL handshake failed, X509_V_CERT_HAS_EXPIRED
If you create a user on the server holding an expired certificate, the user will still be synchronized to the server containing a valid certificate. You might also see the following error in DSTrace:
SSL handshake failed, SSL_ERROR_ZERO_RETURN,
Error: 14094415: SSL Routines: SSL_READ_BYTES: sslv3 alert certificate expired.
To fix this issue, create new certificates.