OpenLDAP 2.5.0-alpha

The OpenLDAP project has announced a 2.5.0-alpha release. From looking through the list of issues addressed in this release, it looks like some of the enhancements include:

  • Add support for LDIF parsing in a libldif library
  • Add client-side support for retrieving information about the server’s TLS certificate
  • Add an option to specify a maximum entry size
  • Add an option to specify a maximum entry size
  • Add support for the Microsoft LDAP_SERVER_LAZY_COMMIT control
  • Include the operation duration in log records
  • Allow LDAP client tools to run without a configuration file
  • Add client-side support for TLS certificate pinning
  • Add support for acting as an Active Directory replication consumer via DirSync
  • Add support for persistent searches as described in draft-ietf-ldapext-psearch-03
  • Add client-side support for the TLS SNI extension
  • Add support for channel binding when using GSSAPI
  • Add syncrepl status to the monitor
  • Add support for nested group membership
  • Add a tool for monitoring server status
  • Add support for the authorization identity control as described in RFC 3829