- Created a volume mount point for data in Docker containers
- Support compression for rotated log files
- Fixed an issue involving the increment modification type
The Apache Directory Project has released Apache DS 2.0.0.AM26, which is a preview of their upcoming 2.0.0 release. Although they don’t seem to have actually announced it on their mailing lists or on Twitter, the News section of their website (which doesn’t seem to support RSS or ATOM to allow subscribing for updates, nor does it provide permalinks to allow direct linking to a particular news item) indicates that it was released on Saturday, March 7. According to that post, some of the changes in this release include:
- Added support for LDAP transactions as described in RFC 5805
- Added support for the increment modification type as described in RFC 4525
- Added the ability to customize the TLS cipher suites the server will use
- Include the structuralObjectClass operational attribute in all entries
- Include the hasSubordinates operational attribute in all entries
- Performance improvements for add and bind operations
- Fixed an entry cache configuration issue
- Fixed an issue with modify DN operations that could prevent old RDN values from being removed
- Fixed an issue in which write operations could interfere with ongoing searches
- Fixed an issue that caused the server to use very small TCP send and receive buffers
- Fixed an issue with the handling of hex-encoded RDN values
LdapRecord aims to provide a simple way to interact with LDAP entries using PHP. It’s a pretty new framework, and they seem to be following the “release early, release often” principle, so it looks like they release a new version any time they make a change. I’ve been hesitant to post about each new release in the past because they’ve been pretty frequent (even multiple in the same day in a couple of cases) and I don’t want to flood the site with posts about it. On the other hand, it’s not fair to not mention it at all. So I’ll try to cover them with a reasonable frequency.
The 1.2.5 release came out earlier today, but here’s a list of recent releases with a summary of what has changed:
- v1.2.5 — Added a Connection::getCache method
- v1.2.4 — Added support for Laravel 7.0
- v1.2.3 — Fixed an error that could arise if a null DN was provided to a query builder. Fixed an issue that could prevent correct handling of custom attributes. Added the ability to pass a DN into Model::getName and Model::getRdn methods. Added the ability to pass null into Model::getParentDn to retrieve the parent DN for the model.
- v1.2.2 — Fixed issues that could arise when calling Model::getQuery or Model::getModifications multiple times.
- v1.2.1 — Wrap selected columns in an array when building a query.
- v1.2.0 — Added the ability to restore deleted entries from Active Directory. Added the ability to listen to model events, and created events for modify DN operations.
UnboundID LDAP SDK for Java version 5.0.0 has been released. The biggest change in this release is that the LDAP SDK is now available under the terms of the Apache License, Version 2.0, which is more permissive and more broadly compatible than the previous GPLv2, LGPLv2.1, and UnboundID LDAP SDK Free Use License options (although you can still use the LDAP SDK under those licenses if you wish).
There are also a number of code changes in this release of the LDAP SDK, including improved support for creating connections and connection pools from definitions provided in a JSON file, improvements in support for TLS and certificates, a fix for GSSAPI authentication, logging and debugging improvements, and support for new functionality in the Ping Identity Directory Server. I wrote about these changes in more detail on my personal blog.
GLAuth is a simple LDAP server that positions itself as a lightweight alternative to OpenLDAP or Active Directory. The project has just released version 1.1.2, which appears to include the following changes:
- Added support for nested groups.
- Added application-specific password support.
- Added an option to configure the format used for generated entry DNs.
- Added shadow account support.
- Added experimental ownCloud backend support.
- Exposed LDAPS ports in Docker containers.
- Fixed an issue that could cause format strings to be logged with unreplaced tokens.
- Fixed an issue with port forwarding in Docker.
The Open Identity Platform project has released version 4.4.4 of the OpenDJ Directory Server. The comparison of changes doesn’t provide much information in the commit message summaries, but it looks like some of the changes include:
- Updated dependencies.
- Removed support for TLSv1.3 because it was seen to cause high CPU utilization.
- Updated Debian packages to remove a dependency on the full Java runtime, allowing it to be with a headless JRE.
- Fixed an issue that could affect replication of symmetric keys between instances.
- Updated certificate generation to use SHA-256 digests instead of SHA-1.
- Reduced the likelihood of out-of-memory errors during LDIF import and index rebuilds.
- Fixed a Windows build error.
The LDAP Synchronization Connector (LSC) is an open source tool that can help synchronize data between an LDAP directory server and other types of data sources. The project has released version 2.1.5 of the connector, which appears to include the following changes:
- Updated the way the system account is created if the connector is installed as a package
- Added support for mapping binary attribute values
- It has been updated to work with Java 8
- Fixed an issue in which it did not properly handle unexpected connection termination
- Fixed an issue that could interfere with the ability to load multiple plugins on Windows systems
- Fixed a potential null pointer exception when synchronizing via JDBC
- Fixed an issue that could prevent values from being removed via JDBC
- Disabled GSSAPI debugging support that had been inadvertently left enabled
- Fixed an issue related to log file rotation
- Fixed an issue related to the order in which XSD files are loaded
- Updated the embedded HSQLDB database to only listen on the loopback interface
- Improved a log message that is generated when no source object is found