I wrote a post on my personal blog with some password policy recommendations for the Ping Identity Directory Server. Note that while the post is specific to the Ping Identity Directory Server, particularly with regard to some of the features and a lot of the configuration properties, much of the advice is general enough that it could be applied to other servers as well.
IBM has released a new security bulletin detailing a number of vulnerabilities in the IBM Security Directory Server version 6.4.0. These vulnerabilities, which appear to be fixed in the 126.96.36.199-ISS-ISDS-IF0019 release, include an inadequate account lockout setting that could allow an attacker to attempt to brute force credentials, and the potential disclosure of sensitive information to unauthorized users. There also appear to be vulnerabilities in non-LDAP components, including HTTP open redirects, incomplete XML sanitization, and a cross-site scripting vulnerability in the web-based UI.
Adldap2 is a PHP package that provides LDAP authentication and directory management tools. The project has just released version 10.1.1, which appears to fix an issue that could cause the library to indicate that an attribute was missing from an entry even if it was present, and changes the default pagination size from 50 entries to 1000.
Symas has released version 2.4.48-2 of their OpenLDAP Gold product, which is an enhanced version of OpenLDAP with additional features and commercial support. According to the release announcement, this release fixes an issue when using controls in the back-ldap backend and updates its OpenSSL library to version 1.1.d. The complete release notes are also available.
The Ping Identity Directory Server version 188.8.131.52 has been released. Because of an unfortunate glitch in the way that the documentation was generated for this version, updated release notes are not available on the website but are included with the product download. However, you can find a list of the included changes on my personal blog.
A tentative schedule for LDAPCon 2019 is now available online. The agenda includes talks on OpenLDAP, ForgeRock, Apache, 389, and FusionIAM servers, as well as discussions on replication, access control, cloud-based directory services, identity management in education, LDAP monitoring, LDAP training, and more.
Adldap2 is a PHP package that provides LDAP authentication and directory management tools. The project has just released version 10.1.0, which appears to add support for query caching, pagination, and the ability to free memory after performing a query. It also fixes an issue in which it used an incorrect default port number when trying to establish an LDAPS connection.