The LDAP Tool Box project provides a set of LDAP-related applications, administrative tools, and other utilities. They have just released the version 1.8 of their password policy module for OpenLDAP, which is an overlay that can check the quality of passwords whenever they are changed. The main improvement in the 1.8 release is that it fixes an issue that could cause OpenLDAP to crash if checking to ensure that the password does not match a value in the entry’s RDN, and it encounters an RDN with very short values.
Registration is now open for LDAPCon 2019, which is to be November 4–7 in Sofia, Bulgaria. Early bird pricing is available through September 30, and the site has information about the venue, travel, and accommodations.
And as a final reminder, the call for participation is open through this Sunday, August 18.
ForgeRock engineer Warren Strange has written about changes to their ForgeOps repository to help with Deploying the ForgeRock platform on Kubernetes using Skaffold and Kustomize. This includes ForgeRock Directory Services, as well as other products like Access Manager, Identity Manager, and Identity Gateway.
On Monday, Ping Identity announced the launch of a new offering, PingCloud Private Tenant. Although both the website landing page for the product and the associated press release do a shockingly terrible job of describing the service, it’s basically a hosted version of the Ping Identity Directory Server (and/or PingFederate). You can get the performance, functionality, and feature set of the Directory Server without having to run it yourself (managing the hardware, OS, software, backups, security, etc.). It looks to be a similar offering to what JumpCloud provides, but with the Ping Identity Directory Server rather than OpenLDAP or ActiveDirectory behind the scenes.
The 389 Directory Server version 126.96.36.199 has been released. According to the release page, updates in this release include a fix for the server’s behavior when a search included “1.1” as a requested attribute along with other attributes, an update to the order in which password policy controls may be returned, and an update to the UI for configuring a password policy.
Symas has released version 2.4.48-1 of their OpenLDAP Gold product, which is an enhanced version of OpenLDAP with additional features and commercial support. According to the release announcement, this release adds support for replicating from Oracle DSEE, makes it possible to improve search performance by tuning the IDL size for the MDB backend, and includes a number of security fixes. The complete release notes are also available.
Red Hat Enterprise Linux version 7 has updated its packages for the 389 Directory Server to version 188.8.131.52-25.1. According to a security advisory, this release addresses two security issues, including the potential for malicious TLS-based clients to make the server unresponsive, and the potential to crash the server when attempting to bind as a nonexistent user with a PAM plugin in place.
The Open Identity Platform project has released version 4.4.3 of the OpenDJ Directory Server. The comparison of changes between this and the previous 4.4.2 release indicates that the new version removes support for TLSv1.3, fixes an issue in the DSML servlet, updates argument processing for command-line tools, and makes a couple of Docker-related changes.
The Fedora Linux distribution has updated its 389-ds-base package for the 389 Directory Server to version 184.108.40.206-1.fc30. The release announcement includes a list of the changes over the previous 220.127.116.11 version, including TLS fixes, adds a security tab to the UI, adds support for upgrading a password hash when performing a bind, and updating a memory allocation library.