by ldapdotcom
Bookmark

OpenLDAP 2.5

The OpenLDAP project has released version 2.5 of their LDAP directory server. The release announcement lists the following changes included in this version:

  • Added a load balancer daemon
  • Improved support for attributes with large numbers of values
  • Added support for LDAP transactions as described in RFC 5805
  • Added support for new replication protocols, including those used by Active Directory and DSEE
  • Added support for multi-factor authentication options, including HOTP and TOTP
  • Added support for an asynchronous metadirectory backend
  • Added support for a Wiredtiger database backend
  • Added support for deleting configuration objects without restarting the server
  • Added an overlay with support for certain certification authority functions
  • Added an overlay with home directory management support
  • Added an overlay with support for encoding passwords with the Argon2 function
  • Added support for the authorization identity request and response controls as described in RFC 3829
  • Added an overlay with support for storing enumerated values and fixed-size integers
  • Added an overlay with passing authentication requests through to another LDAP server
  • Added an overlay with passing authentication requests through to a radius server
  • Added an overlay with support for improved performance when using Apache Fortress
  • Added an overlay with support for generating usnCreated and usnChanged operational attributes
  • Added an overlay with support for sharing attribute values between several entries
  • Added an overlay with support for the verify credentials extended operation
  • Added additional password validation options
  • Improved support for draft-behera-ldap-password-policy-10
  • Added support for Netscape password expiring and password expired controls
  • Added support for a lazy commit control as used in Active Directory
  • Added support for a Netscape account usability control
  • Added support for dynamically generating an attribute with information about a user’s group membership
  • Improved the unique attribute overlay to avoid the potential for race conditions
  • Improved support for the cache database
  • Added a library for LDIF parsing
  • Made several updates to the LDAP client library, including support for TLS and GSSAPI channel binding, TLS public key pinning, and the TLS SNI extension
  • Added a slapmodify tool for making offline updates to the configuration
  • Made significant performance enhancements throughout the codebase