389 Directory Server 2.0.4

The 389 Directory Server project has released version 2.0.4. Some of the changes in this release appear to include:

  • Fixed a couple of potential crashes
  • Fixed a regression in winsync replication
  • Fixed an issue that could cause negative wtime values to appear in compare operation log messages
  • Fixed an issue with bind chaining in servers that disallow anonymous binds
  • Fixed an issue with inconsistent response control behavior when a password is expired based on whether grace logins are available
  • Fixed an issue in which a monitor entry could display the wrong start timestamp for an established connection
  • Fixed a lookthroughlimit issue with paged searches
  • Added support for the pwdReset attribute
  • Added support for importing schema from OpenLDAP
  • Improved migration support for OpenLDAP plugins

go-ldap 3.3.0

The go-ldap project has released version 3.3.0 of its LDAP API for Go. Changes in this release include:

  • Fixed an issue that could cause a panic during NTLMChallengeBind processing
  • Added support for the Who Am I? extended operation as described in RFC 4532
  • Added support for the LDAP_SERVER_LINK_TTL_OID control
  • Added an appropriate error message and result code for network timeouts
  • Added isClosing to the client interface for mocking

LdapRecord 2.4.1

LdapRecord aims to provide a simple way to interact with LDAP entries using PHP. The project has released versions 2.4.0 and 2.4.1. These releases provide new methods for constructing DNs and RDNs, and also offer additional nested match query expressions for Active Directory.

UnboundID LDAP SDK for Java 5.1.4

UnboundID LDAP SDK for Java is a Java-based API for interacting with LDAP directory servers and performing other LDAP-related processing. The project has just released version 5.1.4, which includes the following changes:

  • Fixed an issue with the fewest connections and round-robin server sets that could leave a background thread running if a server that had been becomes permanently unavailable.
  • Improved the TLS cipher suite selector’s compatibility with the IBM JDK and other JVMs that use an “SSL_” prefix for all cipher suites and not just legacy suites associated with the SSL protocol.
  • Improved the order in which the TLS cipher suite selector returns cipher suite names.
  • Added support for a FIPS 140-2-compliant mode using the Bouncy Castle FIPS provider.
  • Updated manage-certificates to support BCFKS key stores.
  • Updated ldifmodify to support ignoring certain kinds of errors, like deleting an entry multiple times or modifying or renaming an entry that does not exist int the LDIF file.
  • Added an option that can help improve performance when using the proprietary “get user resource limits” request control in directories with large numbers of dynamic groups.

    Symas OpenLDAP Gold

    Symas has released version of their OpenLDAP Gold product, which is an enhanced version of OpenLDAP with additional features and commercial support. According to the release announcement and the release notes, it looks like the changes in this release include:

    • Fixed a potential crash that could occur when receiving a malicious packet
    • Fixed a memory management issue in connection handling
    • Fixed an issue that could cause syncrepl to recreate an entry that had been deleted
    • Fixed a deadlock detection issue when using the Berkeley DB database backend
    • Fixed various issues in the slapd-asyncmeta backend, including a hang and a memory leak
    • Updated to OpenSSL version 1.1.1j

    389 Directory Server and

    The 389 Directory Server project has announced new releases of versions and From the release announcements, it looks like some of the changes in these versions are:

    • Fixed a crash that could occur when trying to replicate a modify DN operation (version
    • Fixed a changelog caching issue when processing large updates (version
    • Fixed a backwards compatibility issue in the replication CLI (both versions)
    • Fixed an issue with the monitor start date (both versions)
    • Fixed an issue that prevented adding an object class without the X-ORIGIN extension (both versions)
    • Added the ability to import OpenLDAP schemas (version
    • Automatically restart after performing an OpenLDAP migration to enable plugins (version
    • Updated the server to log a message if a persistent search causes a connection thread limit to be exceeded (version