The OpenLDAP project has announced a 2.5.0-alpha release. From looking through the list of issues addressed in this release, it looks like some of the enhancements include:
- Add support for LDIF parsing in a libldif library
- Add client-side support for retrieving information about the server’s TLS certificate
- Add an option to specify a maximum entry size
- Add an option to specify a maximum entry size
- Add support for the Microsoft LDAP_SERVER_LAZY_COMMIT control
- Include the operation duration in log records
- Allow LDAP client tools to run without a configuration file
- Add client-side support for TLS certificate pinning
- Add support for acting as an Active Directory replication consumer via DirSync
- Add support for persistent searches as described in draft-ietf-ldapext-psearch-03
- Add client-side support for the TLS SNI extension
- Add support for channel binding when using GSSAPI
- Add syncrepl status to the monitor
- Add support for nested group membership
- Add a tool for monitoring server status
- Add support for the authorization identity control as described in RFC 3829