AD Bridge 23.3 Release Notes

December 7, 2023


  • Aarch64 systems to install
  • SLES or RHEL with FIPS enabled to install

For installation requirements, please see the following:

New Features and Enhancements:

Add linux.rpm.aarch64 Support

  • AD Bridge can now be installed and used on rpm aarch64. The aarch64 build can be used on AWS Graviton systems.
  • The new installer is

FIPS Compliant Installer

  • A new installer is available to install on FIPS enabled RPM systems.
  • The installer is
  • There is a new installer option to set ‘update-crypto-policies --set FIPS:AD-SUPPORT'. This is required for any RHEL9 system that wants to communicate with Active Directory.

ADTool v2 Usage Output Update

  • Usage output has been cleaned up.
  • A new -examples option has been added to display examples of ADTool commands.

Allow Blank Values in Cell Defaults

  • Default values for cells (Login Shell and Home Directory) can now accept blank/empty values.
  • When the shell/home directory is empty on the shell, the user inherits the values from Group Policy, then local policy.

Remove Java/Tomcat Support

  • Tomcat/Java files were removed from the downloads in v10.1. We will not be building or providing these to customers.

Issues Resolved:

  • Resolved an issue where the tenant rejoin error log message was incorrect. The error is now correct.
  • Resolved an issue where the tenant would not be joined if the nic card was left offline for several hours. Now when an agent machine goes offline, the tenant join will be retained.
  • Resolved an issue where the Home Directory set to default value even after adding a user to an empty default homedir named cell. Now, the user gets the correct home directory.
  • Resolved an issue where btarchive returned an unhandled exception error when trying to run it from Program Files. Now, btarchive can be run from Program Files and does not produce an error.
  • Resolved an issue where the SQL Server was not enabled through the cli tool. Now, SQL server can be enabled with the cli tool using /c and /d options.
  • Resolved an issue where there was a potential leak in SMBCreatePacketAllocator. Now, the leak is no longer happening.
  • Resolved an issue where the AutoFS group policy was not setting the selinux context. Now the selinux contexts have been set properly when applying the AutoFS group policy.
  • Resolved an issue where the logging around pthread_mutext_init() has been improved.
  • Resolved an issue where an upgrade would fail with "ERROR_SERVICE_ALREADY_RUNNING" message. Upgrades now working properly.
  • Resolved an issue where "Cleanup logs reporting no such object cn=Likewise,cn=Program Data" was occurring.

Known Issues:

  • RHEL 9 with fips enabled needs to have the crypto policy updated to allow ad support. We provided a new option to set this during the installation. If this is skipped, AD authentication will not work. The fix is to run ‘update-crypto-policies –set FIPS:AD-SUPPORT' and rejoin the domain.
  • To change an AD user password on a FIPS enabled RHEL9 machine, you must use /opt/pbis/bin/passwd, instead of passwd. This is a known issue that we will address in an upcoming release.

Issues discovered after release can be found within our product Knowledge Base.


  • AD Bridge 23.3.0 supports upgrades from versions 21.1, 22.1, 22.2, 22.3, 23.1, and 23.2.
  • ADB rpm packages signed with key 7237d0ac
  • No zip installer for BIUL will be provided. The upload process for ADBridge will change for the BIUL in the 23.1.1 release.