Adldap2 is a PHP package that provides LDAP authentication and directory management tools. The project has just released version 10.2.0, which fixes an issue that could yield different results across different types of directory servers, improved support for user account control on Active Directory, and made it easier to interact with the Active Directory userPrincipalName attribute.
Following his workshop on Monday, Clement Oudot gave an LDAPCon 2019 today on LemonLDAP::NG 2.0 covering multi-factor authentication, identity federation, and web service and API protection.
- Fix a potential crash when retrieving information about nonleaf entries (all three versions)
- Fix a potential crash on SUSE Linux with SELinux (versions 126.96.36.199 and 188.8.131.52)
- Fix a potential crash in SASL bind processing (version 184.108.40.206)
- Fix an etime formatting issue in access log messages (all three versions)
- Fix an issue in which the server may fail to log an error message when failing to parse an object class (all three versions)
- Ensure that the requested base DN is logged when a search is rejected because of an invalid attribute (version 220.127.116.11)
- Improve task handling during shutdown (all three versions)
- Add support for subtree searches with a base DN of the null DN (version 18.104.22.168)
- Improve performance when trying to retrieve information about nonleaf entries (all three versions)
- Clean up CLI error output (all three versions)
- If an attempt to establish an outbound LDAP connection failed, the server could leak a small amount of memory. Over time, these small allocations could accumulate and could cause the JVM to run out of memory.
- In a Directory Proxy Server configured to use entry balancing, a search that spanned multiple backend sets could incorrectly return a result of success if all search attempts within one of the backend sets failed with a timeout. It now returns a result of unavailable.