LDAP Tool Box slapd-cli 2.9

The LDAP Tool Box project provides a set of LDAP-related applications, administrative tools, and other utilities. They have just released version 2.9 of their slapd-cli tools (formerly called openldap-initscript), which provide a set of command-line tools for OpenLDAP. This release includes the following changes:

  • Removed support for OpenLDAP version 2.4
  • Added support for the logfile feature in OpenLDAP 2.6
  • Updated data templates for the new password policy module in OpenLDAP version 2.6
  • Enabled password policy module checks by default
  • Improved handling of differences between OpenLDAP versions 2.5 and 2.6

LDAP Tool Box Password Policy Module for OpenLDAP 2.2

The LDAP Tool Box project provides a set of LDAP-related applications, administrative tools, and other utilities. They have just released the version 2.2 of their password policy module for OpenLDAP, which is an overlay that can check the quality of passwords whenever they are changed. The primary change in this release appears to be that it is now possible to specify a maximum number of characters that passwords may have from a given character set.

UnboundID LDAP SDK for Java 6.0.5

UnboundID LDAP SDK for Java is a Java-based API for interacting with LDAP directory servers and performing other LDAP-related processing. The project has just released version 6.0.5, which includes the following changes:

  • Fixed an issue that could cause a StartTLS failure to use a less useful error message than intended
  • Fixed an issue that could cause ldifsearch to display a malformed message
  • Improved support for validating and comparing telephone numbers with varying levels of strictness
  • Fixed a bug in which ldapcompare did not properly close an output file
  • Fixed an issue with the properties file created with the –generatePropertiesFile argument in some command-line tools
  • Added support for encoding and decoding controls to an from JSON objects
  • Added support for JSON-formatted request and response controls for use with the Ping Identity Directory Server
  • Updated ldapsearch and ldapmodify to support JSON-formatted request and response controls
  • Fixed an issue with assured replication request controls created by the parallel-update tool
  • Updated the topology registry trust manager to support trusting issuer certificates
  • Updated the topology registry trust manager to add an option to ignore the certificate validity window

    OpenLDAP 2.6.2 and 2.5.12

    The OpenLDAP project has announced the release of versions 2.6.2 and 2.5.12 of their LDAP directory server. Changes included in these releases include:

    • Fixed a potential crashes in several backends (both versions)
    • Fixed a potential crash when replicating with DSEE and an unknown attribute type is encountered (both versions)
    • Fixed a potential crash in the slapo-translucent overlay with substring filters (both versions)
    • Fixed memory leaks in the back-meta backend (both versions)
    • Fixed an issue with memberOf searches (both versions)
    • Fixed an issue with connections with outstanding operations when starting a bind (both versions)
    • Fixed a syncrepl issue with new sessions (both versions)
    • Fixed an issue with idle timeout handling (both versions)
    • Fixed an issue with pwdChangedTime handling (both versions)
    • Fixed an issue with filter escaping in the back-sql backend (both versions)
    • Updated libldap to terminate a connection after receiving non-LDAP data (both versions)
    • Updated ldapdelete to support LDAP subentries (version 2.6.2)
    • Added support for OpenSSL 3.0 (version 2.6.2)
    • Fixed an issue with thread-local counters (both versions)
    • Fixed an libldap with blank lines at the end of a file (both versions)

    LdapRecord 2.12.0

    LdapRecord aims to provide a simple way to interact with LDAP entries using PHP. The project has released version 2.12.0, which includes the following changes:

    • Added a method for retrieving an array of a model’s original attributes in a JSON-encodable form
    • Fixed an issue with model serialization using json_encode

    389 Directory Server 2.1.1 and 2.0.15

    The 389 Directory Server project has released versions version 2.1.1 and 2.0.15. Changes in these releases appear to include:

    • Fixed a security issue in which a user with an expired password would still be allowed to authenticate (both versions)
    • Fixed a potential crash due to a double-free in virtual attribute processing in a persistent search (both versions)
    • Fixed an issue in which a database update could fail if the filesystem page size was greater than 8KB (both versions)
    • Fixed a potential race condition in disk monitoring (both versions)
    • Fixed an issue that could arise when trying to import a certificate chain (both versions)
    • Fixed an issue in memberOf excluded subtrees handling for modify DN operations (both versions)
    • Fixed an issue in which the memberOf plugin did not work properly with multiple include scopes (both versions)
    • Fixed an issue in which a container may fail to start with a bare uid or gid (both versions)
    • Fixed an issue in which the server could return an incomplete RUV (both versions)
    • Fixed a schema parsing issue for schema elements with names starting with “x-” (both versions)
    • Fixed an issue that could crash the UI in some attribute uniqueness configurations (both versions)
    • Fixed a dsconf issue that prevented specifying a backend by name rather than base DN (both versions)
    • Fixed an issue with dsctl dbgen (both versions)
    • Fixed a UI issue that prevented manually configuring the entry cache (both versions)
    • Fixed a UI issue that prevented testing a SASL mapping regular expression (both versions)
    • Fixed UID issues with the LDAP editor (version 2.0.15)
    • Added support for recursively deleting subentries (version 2.1.1)
    • Added the ability to abort an automatic member rebuild task (both versions)
    • Added the ability to set TCP FIN timeout and keepalive time values (both versions)
    • Added the ability flatten the tree when synchronizing with Active Directory (version 2.1.1)
    • Added CLI support for managing entryUUID generation (version 2.0.15)
    • Added entry and group types to the LDAP editor (both versions)
    • Added CoS and role functionality to the UI (both versions)
    • Added temporary password rules functionality to the UI (version 2.0.15)

    LDAP Tool Box Password Policy Module for OpenLDAP 2.0 and 2.1

    The LDAP Tool Box project provides a set of LDAP-related applications, administrative tools, and other utilities. They have just released versions 2.0 and 2.1 of their password policy module for OpenLDAP, which is an overlay that can check the quality of passwords whenever they are changed. The changes introduced in these releases appear to be

    • Added support for rejecting a password if it contains content from an attribute in the same entry (version 2.1)
    • Removed support for imposing a maximum password length (version 2.0)
    • Added a pwdCheckModule argument (version 2.0)
    • Updated the README and documentation (version 2.0)