Configuration Changes Requiring Administrative Action

This page lists the set of configuration properties that require some form of administrative action for changes to take full effect.

Note that any changes to the java.properties file (which is used to specify the Java runtime and JVM options that should be used when running the Identity Data Store and associated tools) require that the dsjavaproperties tool be run to apply those changes. If the changes impact the Java runtime or JVM arguments used to run the Identity Data Store itself, then the server must be restarted.

Attribute Syntax

• require-binary-transfer - The Identity Data Store must be restarted for changes to this configuration property to take full effect. Changes to this property will take effect immediately for new attribute type definitions created after the change, but the change will not take effect for existing attributes with this syntax until the server is restarted.

Integer Attribute Syntax

• enable-compaction - No further action is required for changes to this configuration property but there is other information that administrators should know about this property. Contact UnboundID for more information.

Bit String Attribute Syntax

• enable-compaction - No further action is required for changes to this configuration property but there is other information that administrators should know about this property. Contact UnboundID for more information.

Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

Changelog Backend

• db-directory - The Identity Data Store must be restarted for changes to this configuration property to take full effect. Modification requires that the Identity Data Store be stopped, the database directory manually relocated, and then the Identity Data Store restarted. While the Identity Data Store is stopped, the directory and files pertaining to this backend in the old database directory must be manually moved or copied to the new location.
• db-cache-percent - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• changelog-write-queue-capacity - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• je-property - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect

Backup Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

Task Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

Encryption Settings Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

Monitor Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

LDIF Backend

• ldif-file - The LDIF Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• is-private-backend - The LDIF Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Trust Store Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

Schema Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

Alert Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

Alarm Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

Config File Handler Backend

• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration

JE Backend

• db-directory - The Identity Data Store must be restarted for changes to this configuration property to take full effect. Modification requires that the Identity Data Store be stopped, the database directory manually relocated, and then the Identity Data Store restarted. While the Identity Data Store is stopped, the directory and files pertaining to this backend in the old database directory must be manually moved or copied to the new location.
• is-private-backend - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• index-entry-limit - If any index keys have already reached this limit, indexes must be rebuilt before they will be allowed to use the new limit. Setting a large limit (greater than 10,000) could have a big impact on write performance and database growth on disk.
• exploded-index-entry-threshold - If any index keys have already reached this threshold, indexes need to be rebuilt before they are allowed to use the new threshold. Setting a large limit (greater than 10,000) could have a big impact on write performance and database growth on disk.
• id2children-index-entry-limit - If this limit is increased, then the contents of the backend must be exported to LDIF and re-imported to allow the new limit to be used for any id2children keys that had already hit the previous limit.
• id2subtree-index-entry-limit - If this limit is increased, then the contents of the backend must be exported to LDIF and re-imported to allow the new limit to be used for any id2subtree keys that had already hit the previous limit.
• db-cache-percent - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-cache-size - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-cleaner-min-utilization - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-evictor-lru-only - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-evictor-nodes-per-scan - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-evictor-critical-percentage - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-log-file-max - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-logging-file-handler-on - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-logging-level - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-checkpointer-high-priority - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-num-lock-tables - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-num-cleaner-threads - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-clean-on-explicit-gc - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-txn-no-sync - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-txn-write-no-sync - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• je-property - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• num-recent-changes - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• default-cache-mode - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• id2entry-cache-mode - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• dn2id-cache-mode - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• id2children-cache-mode - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• id2subtree-cache-mode - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• dn2uri-cache-mode - The JE Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Local DB Backend

• uncached-id2entry-cache-mode - The Local DB Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Large Attribute Backend

• enabled - DEPRECATION NOTE: The large attribute backend has been deprecated. It will continue to be supported for existing deployments already using the large attribute feature, but new deployments wishing for similar behavior should configure uncached attributes rather than large attributes.
• base-dn - No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used. Although it is currently supported, the use of multiple base DNs per backend is not recommended and this capability may be removed in the future. If you are considering the use of multiple base DNs in a backend, you should first contact UnboundID support to discuss this configuration
• is-private-backend - The Large Attribute Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• db-cache-percent - The Large Attribute Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• default-cache-mode - The Large Attribute Backend must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Logging Change Subscription Handler

• log-file - The Logging Change Subscription Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

JMX Connection Handler

• listen-port - The JMX Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• use-ssl - The JMX Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• ssl-cert-nickname - The JMX Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

LDAP Connection Handler

• listen-address - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• listen-port - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• use-ssl - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• ssl-cert-nickname - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• allow-tcp-reuse-address - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• max-cancel-handlers - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• num-request-handlers - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• request-handler-per-connection - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• ssl-client-auth-policy - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• accept-backlog - The LDAP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

HTTP Connection Handler

• listen-address - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• listen-port - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• use-ssl - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• http-servlet-extension - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• web-application-extension - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• key-manager-provider - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• trust-manager-provider - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• num-request-handlers - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• disable-tls-renegotiation - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• enable-multipart-mime-parameters - The HTTP Connection Handler must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Crypto Manager

• ssl-cert-nickname - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

File System Entry Cache

• cache-type - The File System Entry Cache must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• cache-directory - The File System Entry Cache must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

FIFO Entry Cache

• min-cache-entry-value-count - The FIFO Entry Cache must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• min-cache-entry-attribute - The FIFO Entry Cache must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Validate TOTP Password Extended Operation Handler

• prevent-totp-reuse - No further action is required for changes to this configuration property but there is other information that administrators should know about this property. Contact UnboundID for more information.

Interactive Transactions Extended Operation Handler

• enabled - No further action is required for changes to this configuration property but there is other information that administrators should know about this property. Contact UnboundID for more information.

Global Configuration

• location - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• check-schema - Schema checking should only be disabled as a last resort since disabling schema checking harms performance and can lead to unexpected behavior in the server as well as the applications that access it. There are less severe options for addressing schema issues: 1. Update the data to conform to the server schema. 2. Modify the server schema to conform to the data. Contact support before modifying the server's default schema. 3. Change the single-structural-objectclass-behavior property to allow entries to have no structural object class or multiple structural object classes. 4. Change the invalid-attribute-syntax-behavior property to allow attribute values to violate their attribute syntax. 5. Change the allow-zero-length-values property of the Directory String Attribute Syntax configuration to allow attributes with this syntax to have a zero length value.
• encrypt-data - Note that enabling and/or disabling data encryption in a server that has existing data will not cause that data to be automatically encrypted or decrypted. That is, existing encrypted data will remain encrypted, and existing unencrypted data will remain unencrypted, until that data has been updated causing it to be rewritten. See the Identity Data Store documentation for information about how to safely apply the new encryption settings for all existing data.
• encryption-settings-cipher-stream-provider - No further action is required for changes to this configuration property but there is other information that administrators should know about this property. Contact UnboundID for more information.
• allow-insecure-local-jmx-connections - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect

HTTP Servlet Extension

• response-header - HTTP Connection Handlers hosting this HTTP Servlet Extension must be disabled and then re-enabled, or the server restarted, in order for this change to take effect.

File Server HTTP Servlet Extension

• base-context-path - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

SCIM HTTP Servlet Extension

• base-context-path - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• debug-enabled - The Identity Data Store debug logger must be enabled and correctly configured for the debug messages to be forwarded.

LDAP Mapped SCIM HTTP Servlet Extension

• oauth-token-handler - The Identity Data Store must be restarted for changes to this configuration property to take full effect. The OAuth Token Handler changes will not take effect until the associated HTTP Connection Handler is disabled and re-enabled, or until the server is restarted.
• basic-auth-enabled - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• include-ldap-objectclass - If you have specified a large number of object classes or used the '*' value you should ensure that the Identity Data Store has been allocated a sufficient amount of memory (typically at least 512MB) to host the HTTP endpoints.

Data View SCIM HTTP Servlet Extension

• base-context-path - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

LDAP SDK Debug Logger

• queue-size - The LDAP SDK Debug Logger must be restarted if this property is changed and the asynchronous property is set to true.
• sign-log - The LDAP SDK Debug Logger must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Local DB Index

• index-entry-limit - If any index keys have already reached this limit, indexes must be rebuilt before they will be allowed to use the new limit. Setting a large limit (greater than 10,000) could have a big impact on write performance and database growth on disk.
• substring-index-entry-limit - If this limit is increased, and any substring index keys have already reached the previous limit, then the substring index must be rebuilt to use the new limit.
• exploded-index-entry-threshold - If any index keys have already reached this threshold, indexes need to be rebuilt before they are allowed to use the new threshold. Setting a large limit (greater than 10,000) could have a big impact on write performance and database growth on disk.
• index-type - If any new index types are added for an attribute, and values for that attribute already exist in the database, the index must be rebuilt before it will be accurate.
• substring-length - The index must be rebuilt before it will reflect the new value.
• cache-mode - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Local DB VLV Index

• base-dn - The index must be rebuilt after modifying this property.
• scope - The index must be rebuilt after modifying this property.
• filter - The index must be rebuilt after modifying this property.
• sort-order - The index must be rebuilt after modifying this property.
• cache-mode - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

JDBC Based Access Log Publisher

• queue-size - The JDBC Based Access Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

Operation Timing Access Log Publisher

• log-file - The Operation Timing Access Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Operation Timing Access Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• sign-log - The Operation Timing Access Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Scripted File Based Access Log Publisher

• log-file - The Scripted File Based Access Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Scripted File Based Access Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• sign-log - The Scripted File Based Access Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

File Based Audit Log Publisher

• queue-size - The File Based Audit Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• log-file - The File Based Audit Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The File Based Audit Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Writer Based Access Log Publisher

• queue-size - The Writer Based Access Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

Admin Alert Access Log Publisher

• queue-size - The Admin Alert Access Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

File Based Access Log Publisher

• log-file - The File Based Access Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The File Based Access Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Third Party File Based Access Log Publisher

• log-file - The Third Party File Based Access Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Third Party File Based Access Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• sign-log - The Third Party File Based Access Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Debug Access Log Publisher

• log-file - The Debug Access Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Debug Access Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• sign-log - The Debug Access Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Writer Based Authorization Log Publisher

• queue-size - The Writer Based Authorization Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

File Based Authorization Log Publisher

• log-file - The File Based Authorization Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The File Based Authorization Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

File Based Error Log Publisher

• queue-size - The File Based Error Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• log-file - The File Based Error Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The File Based Error Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Third Party File Based Error Log Publisher

• log-file - The Third Party File Based Error Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Third Party File Based Error Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• sign-log - The Third Party File Based Error Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Scripted File Based Error Log Publisher

• log-file - The Scripted File Based Error Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Scripted File Based Error Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• sign-log - The Scripted File Based Error Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Syslog Based Error Log Publisher

• queue-size - The Syslog Based Error Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

JDBC Based Error Log Publisher

• queue-size - The JDBC Based Error Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

Detailed HTTP Operation Log Publisher

• log-file - The Detailed HTTP Operation Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The Detailed HTTP Operation Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Detailed HTTP Operation Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

Common Log File HTTP Operation Log Publisher

• log-file - The Common Log File HTTP Operation Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The Common Log File HTTP Operation Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• queue-size - The Common Log File HTTP Operation Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.

File Based Debug Log Publisher

• queue-size - The File Based Debug Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• log-file - The File Based Debug Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The File Based Debug Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

File Based Sync Log Publisher

• queue-size - The File Based Sync Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• log-file - The File Based Sync Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The File Based Sync Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Sync Failed Ops Log Publisher

• queue-size - The Sync Failed Ops Log Publisher must be restarted if this property is changed and the asynchronous property is set to true.
• log-file - The Sync Failed Ops Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• sign-log - The Sync Failed Ops Log Publisher must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Host System Monitor Provider

• enabled - Enabling host system cpu, memory, disk and network interface I/O monitoring requires running an external collector helper process except on Linux systems. Notes: - Enabling the host system monitor does not require restarting the server on Linux systems. - Enabling the host system monitor provider on UNIX (non-Linux) requires restarting the server. Changes to disk-devices and network-devices cannot be validated until the server is restarted. - Host system monitoring is not available on Windows systems.

Password Policy

• idle-lockout-interval - Last login time tracking is required for idle account lockout to work properly. If you are enabling idle account lockout, then you should ensure that the last-login-time-attribute and last-login-time-format properties are also defined and that last login time tracking has been enabled long enough so that user accounts have had time to be marked with last login times. Ideally, last login time tracking should be enabled for at least as long as the idle lockout interval to ensure that users are not incorrectly locked out merely because their accounts do not have last login time information.

Plugin

• plugin-type - The Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Seven Bit Clean Plugin

• plugin-type - The Seven Bit Clean Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Entry UUID Plugin

• plugin-type - The Entry UUID Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Referral On Update Plugin

• plugin-type - The Referral On Update Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Delay Plugin

• plugin-type - The Delay Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Periodic GC Plugin

• plugin-type - The Periodic GC Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

DN Mapper Plugin

• plugin-type - The DN Mapper Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Attribute Mapper Plugin

• plugin-type - The Attribute Mapper Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

SNMP Subagent Plugin

• agentx-address - The SNMP Subagent Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• agentx-port - The SNMP Subagent Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• num-worker-threads - The SNMP Subagent Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Referential Integrity Plugin

• plugin-type - The Referential Integrity Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Unique Attribute Plugin

• plugin-type - The Unique Attribute Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Change Subscription Notification Plugin

• plugin-type - The Change Subscription Notification Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Changelog Password Encryption Plugin

• plugin-type - The Changelog Password Encryption Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Internal Search Rate Plugin

• plugin-type - The Internal Search Rate Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

LDAP Result Code Tracker Plugin

• plugin-type - The LDAP Result Code Tracker Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Periodic Stats Logger Plugin

• log-file - The Periodic Stats Logger Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Stats Collector Plugin

• per-application-ldap-stats - When setting this option to per-application-only, you must also set the separate-monitor-entry-per-tracked-application property in the Processing Time Histogram Plugin to true.

Processing Time Histogram Plugin

• plugin-type - The Processing Time Histogram Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• histogram-category-boundary - The Processing Time Histogram Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. The Metrics Engine can only aggregate response-time data when the boundary values are the same across both time and monitored servers. If you change the boundary values on one monitored server, you should change them on all monitored servers.
• separate-monitor-entry-per-tracked-application - When setting this option to true, you must also set the per-application-ldap-stats property in the Stats Collector Plugin to per-application-only.

SNMP Master Agent Plugin

• listen-address - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• listen-port - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• agentx-listen-address - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• agentx-listen-port - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• notification-target-address - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• notification-target-port - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• agent-snmp-version - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• community-name - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• agent-security-name - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• agent-security-level - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect
• num-worker-threads - The SNMP Master Agent Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Last Mod Plugin

• plugin-type - The Last Mod Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Pass Through Authentication Plugin

• plugin-type - The Pass Through Authentication Plugin must be disabled and re-enabled (or the Identity Data Store restarted) for changes to this configuration property to take full effect. This modification requires that you disable and then re-enable this component for the change to take effect

Replication Server

• replication-db-directory - The Identity Data Store must be restarted for changes to this configuration property to take full effect. Modification requires that the Identity Data Store be stopped, the database directory manually relocated, and then the Identity Data Store restarted. While the Identity Data Store is stopped, the old database directory and its contents must be manually moved or copied to the new location.
• je-property - Changes to this configuration property will only take effect if the associated multimaster replication synchronization provider is disabled and re-enabled (or the Identity Data Store is restarted).

UnboundID TOTP SASL Mechanism Handler

• prevent-totp-reuse - No further action is required for changes to this configuration property but there is other information that administrators should know about this property. Contact UnboundID for more information.

Web Application Extension

• base-context-path - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• war-file - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• document-root-directory - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• deployment-descriptor-file - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• temporary-directory - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• init-parameter - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

Broker Web Application Extension

• service-url - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• oauth-service-url - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• admin-service-url - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• pdp-service-url - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• privacy-service-url - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• oauth-admin-client-id - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• oauth-admin-client-secret - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• trust-store-file - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• log-file - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.
• redirect-url - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

Broker Console Web Application Extension

• dashboard-url - For this modification to take effect, you must either restart the server or else disable and then re-enable any HTTP Connection Handler referencing this component.

UnboundID Work Queue

• num-worker-threads - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• num-write-worker-threads - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• num-administrative-session-worker-threads - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• num-queues - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• num-write-queues - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• max-work-queue-capacity - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect
• queue-type - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect

Wait Notify Work Queue

• num-worker-threads - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect

Traditional Work Queue

• max-work-queue-capacity - The Identity Data Store must be restarted for changes to this configuration property to take full effect. This modification requires that you manually restart the server for the change to take effect