UnboundID LDAP SDK for Java is a Java-based API for interacting with LDAP directory servers and performing other LDAP-related processing. The project has just released version 6.0.8, which includes the following changes:

• Added a DN.getDNRelativeToBaseDN method
• Added LDAPConnectionPool.getServerSet and LDAPThreadLocalConnectionPool.getServerSet methods
• Updated the Filter class to add more convenient methods for constructing search filters from their components
• Added support for encrypted PKCS #8 private keys
• Increased the default PBKDF2 iteration count for PassphraseEncryptedOutputStream
• Added the ability to create a PassphraseEncryptedOutputStream with a PassphraseEncryptedStreamHeader to reuse an already-computed secret key
• Added an ObjectTrio utility class
• Updated the documentation to include RFC 9371 and the latest revisions of draft-howard-gssapi-aead, draft-ietf-kitten-scram-2fa, draft-melnikov-scram-bis, and draft-reitzenstein-kitten-opaque

LdapRecord aims to provide a simple way to interact with LDAP entries using PHP. The project has released version 2.20.3, which appears to revert a change that caused problems with changing passwords or altering account state in Active Directory.

LDAPjs is a JavaScript library that provides LDAP protocol support for the Node.js environment. The project has just released version 3.0.1, and the most significant change in this release seems to be a fix that allows alternative names for search scopes.

LdapRecord aims to provide a simple way to interact with LDAP entries using PHP. The project has released version 2.20.2, which appears to fix an issue with the API’s use of caching.

LDAPjs is a JavaScript library that provides LDAP protocol support for the Node.js environment. The project has just released version 3.0.0, which appears to include the following changes:

• Updated the library to break out common modules (attribute, change, controls, dn, messages, and protocol) so that they can be separately installed.
• Forked the and improved the filter and asn1 modules.
• Updated all DN parsing to be strict. Lenient parsing is no longer available.
• Updated modify processing to require change objects. Plain objects can no longer be used as change descriptors.
• Updated the server so that it defaults to a listen address of 127.0.0.1 rather than 0.0.0.0 if no host parameter is specified.
• Although originally planned, support for the virtual list view control was not included in this release, but it appears to be expected for a future release.

The LDAP Tool Box project offers a number of tools, scripts, and other niceties for working with LDAP. The project has released Linux packages for OpenLDAP versions 2.6.4 and 2.5.14, including RPMs for distributions like Red Hat and CentOS, as well as DEBs for distributions like Debian and Ubuntu. The packages are available for download from https://ltb-project.org/download.html.

The LDAP Tool Box project provides a set of LDAP-related applications, administrative tools, and other utilities. They have just released version 3.0 of their slapd-cli tools (formerly called openldap-initscript), which provide a set of command-line tools for OpenLDAP. This release includes the following changes:

• Added an option to configure the names of the associated systemd services
• Fixed an issue with the way the checksync tool uses CSNs for checking replication status

LdapRecord aims to provide a simple way to interact with LDAP entries using PHP. The project has released version 2.20.0, which appears to include the following changes:

• Added a Password::nthash method
• Added HasMany::detachOrDeleteParent and HasMany::detachAllOrDelete methods
• Added the ability to run chunks in separate connections to allow simultaneous requests in LDAP servers that do not support concurrent requests for a single connection

The OpenLDAP project has announced the release of versions 2.6.4 and 2.5.14 of their LDAP directory server. Changes included in these releases include:

• Fixed a variety of memory management issues (both versions)
• Fixed a few potential deadlock issues (both versions)
• Fixed a potential crash that could occur when replicating the cn=config subtree (both versions)
• Fixed a potential crash when the pcache overlay is enabled (both versions)
• Fixed a potential crash in slapadd (both versions)
• Fixed an issue with ordering searches on timestamps with trailing zeroes (both versions)
• Fixed an issue LDAP compare processing when using slapo-dynlist (both versions)
• Eliminated an unnecessary search performed by slapo-dynlist (both versions)
• Updated client tool usages to remove references to the -h and -p arguments (both versions)
• Updated back-mdb to increase the maximum number of indexes from 128 to 256 (both versions)

The 389 Directory Server project has announced new releases of versions 2.3.2, 2.2.6, and 2.1.7. From the release announcements, it appears that the most significant changes include:

• Fixed a potential crash that could occur as a result of an invalid replication configuration (all three versions)
• Fixed a potential crash that could occur in dsconf monitor (version 2.3.2)
• Fixed a potential crash that could occur when importing data into an LMDB backend (version 2.3.2)
• Fixed an issue that could prevent the server from starting as a non-root user after changing the default password storage scheme (version 2.3.2)
• Added an option to create a private key and certificate signing request from dsconf or Cockpit (all three versions)
• Updated dsidm to make it possible to perform a bulk update of entries identified by search criteria (all three versions)
• Improved the performance of the automember plugin when the memberof plugin is also enabled (version 2.3.2)
• Updated the server to make it possible to have multiple non-overlapping MemberOf fixup tasks running concurrently (versions 2.3.2 and 2.1.7)
• Fixed an issue in which dsidm could incorrectly prompt for the current password when performing an administrative reset (versions 2.3.2 and 2.1.7)
• Added support for saslauthd when using SASL authentication (all three versions)
• Fixed issues with PAM pass-through authentication (versions 2.3.2 and 2.1.7)
• Fixed an issue that could allow indexes to be created fir virtual attributes (version 2.3.2)
• Added an argument to confirm deleting a backend (version 2.3.2)
• Fixed various issues in the UI and CLI (all three versions)
• Fixed an issue in which dscreate could incorrectly require superuser privileges (version 2.3.2)
• Increased the default TTL for administrative tasks from 1 hour to 12 hours (versions 2.3.2 and 2.1.7)