Ludovic Poitou, Product Management Director for ForgeRock Directory Services and Identity Gateway, has written a Directory Services — Docker, Kubernetes: Friends or Foes? blog post about the current and planned support for these container technologies in the ForgeRock product.
Information security firm Packet Storm published a blog post about the LDAP Swiss Army Knife, a simple LDAP server (implemented using the UnboundID LDAP SDK for Java) that can be used for LDAP security-related testing, including intercepting plaintext credentials, forwarding NTLM credentials, and exploiting various LDAP-related vulnerabilities. They also posted a PDF document from pentesting firm SySS that describes a number of ways to use it for LDAP security-related testing.
Ping Identity Directory Server versions 22.214.171.124 and 126.96.36.199 have been released. These updates address an issue with the previous 188.8.131.52 and 184.108.40.206 release that could adversely affect the ability to use the web-based administration console. No other changes are included in these releases.
Fraser Tweedale works on identity management solutions at Red Hat, focusing on X.509. He has just published a blog post titled “A Distinguished Name is not a string” in which he discusses distinguished names (DNs), both in LDAP and X.509 certificates. It describes what DNs are and how to avoid some of the common pitfalls that may arise from the different string representations that equivalent DNs may have.