LdapRecord 2.4.5

LdapRecord aims to provide a simple way to interact with LDAP entries using PHP. The project has released version 2.4.5, which delays connection initialization until the time that the connection is established rather than when the connection object is created, which can improve performance when using php artisan commands.

LDAP Tool Box Self Service Password 1.4.2

The LDAP Tool Box project provides a set of LDAP-related applications, administrative tools, and other utilities. They have just released the version 1.4.2 of their Self Service Password tool, which is a PHP application that allows users to change their password in an LDAP directory. This is a bugfix release that appears to fix an issue with captchas and an issue in which a proposed new password could be incorrectly rejected when using SMS-based password reset.

OpenLDAP 2.5

The OpenLDAP project has released version 2.5 of their LDAP directory server. The release announcement lists the following changes included in this version:

  • Added a load balancer daemon
  • Improved support for attributes with large numbers of values
  • Added support for LDAP transactions as described in RFC 5805
  • Added support for new replication protocols, including those used by Active Directory and DSEE
  • Added support for multi-factor authentication options, including HOTP and TOTP
  • Added support for an asynchronous metadirectory backend
  • Added support for a Wiredtiger database backend
  • Added support for deleting configuration objects without restarting the server
  • Added an overlay with support for certain certification authority functions
  • Added an overlay with home directory management support
  • Added an overlay with support for encoding passwords with the Argon2 function
  • Added support for the authorization identity request and response controls as described in RFC 3829
  • Added an overlay with support for storing enumerated values and fixed-size integers
  • Added an overlay with passing authentication requests through to another LDAP server
  • Added an overlay with passing authentication requests through to a radius server
  • Added an overlay with support for improved performance when using Apache Fortress
  • Added an overlay with support for generating usnCreated and usnChanged operational attributes
  • Added an overlay with support for sharing attribute values between several entries
  • Added an overlay with support for the verify credentials extended operation
  • Added additional password validation options
  • Improved support for draft-behera-ldap-password-policy-10
  • Added support for Netscape password expiring and password expired controls
  • Added support for a lazy commit control as used in Active Directory
  • Added support for a Netscape account usability control
  • Added support for dynamically generating an attribute with information about a user’s group membership
  • Improved the unique attribute overlay to avoid the potential for race conditions
  • Improved support for the cache database
  • Added a library for LDIF parsing
  • Made several updates to the LDAP client library, including support for TLS and GSSAPI channel binding, TLS public key pinning, and the TLS SNI extension
  • Added a slapmodify tool for making offline updates to the configuration
  • Made significant performance enhancements throughout the codebase

LDAP Tool Box Self Service Password 1.4

The LDAP Tool Box project provides a set of LDAP-related applications, administrative tools, and other utilities. They have just released the version 1.4 of their Self Service Password tool, which is a PHP application that allows users to change their password in an LDAP directory. Changes in this release include:

  • Added a REST API
  • Added new password policy checks, including forbidden words and forbidden attribute values
  • Added support for multiple question and answer fields
  • Added support for the password modify extended operation
  • Added support for the password policy control
  • Added support for multitenant deployments
  • Provided an official Docker image

LdapRecord 2.4.2

LdapRecord aims to provide a simple way to interact with LDAP entries using PHP. The project has released version 2.4.2, which appears to include the following changes:

  • Fixed issues around DN escaping when performing moves and renames
  • Added utility methods to the DistinguishedName class for exploding DNs and RDNs, and for un-escaping values
  • Added the ability to get UserAccountControl flags from Active Directory

389 Directory Server 2.0.4

The 389 Directory Server project has released version 2.0.4. Some of the changes in this release appear to include:

  • Fixed a couple of potential crashes
  • Fixed a regression in winsync replication
  • Fixed an issue that could cause negative wtime values to appear in compare operation log messages
  • Fixed an issue with bind chaining in servers that disallow anonymous binds
  • Fixed an issue with inconsistent response control behavior when a password is expired based on whether grace logins are available
  • Fixed an issue in which a monitor entry could display the wrong start timestamp for an established connection
  • Fixed a lookthroughlimit issue with paged searches
  • Added support for the pwdReset attribute
  • Added support for importing schema from OpenLDAP
  • Improved migration support for OpenLDAP plugins