Symas has just released a new product: Directory Traffic Manager (DTM). It’s an LDAP proxy server that provides high availability and load balancing for LDAP directory servers (although it sounds like they’ve only tested it against OpenLDAP servers). For more information, see the release announcement.
The Ping Identity Directory Server offers a retain identity request control that allows you to process a bind without changing the connection’s authentication/authorization identity. It’s very useful for applications that need to process a mix of bind and non-bind operations. I wrote about it on my personal blog.
Adldap2 is a PHP package that provides LDAP authentication and directory management tools. The project has just released version 10.0.0. Highlights from the list of changes seem to include support for event dispatching and logging, the ability to get information about the connected server, new exceptions in exceptional conditions, a case sensitivity fix, and improved access to diagnostic messages in error responses.
William Brown, who recently joined SUSE to work on the 389 Directory Server, has written a blog post about using the latest 389-ds on OpenSUSE, including support for running in a Docker instance. He notes that these are bleeding edge builds and aren’t production ready, but it’s a good way to get a preview of what’s coming.
He also mentions that there’s a new quickstart guide on the 389-ds website.
The Open Identity Platform project has released version 4.3.2 of the OpenDJ Directory Server. The comparison of changes between this and the previous 4.3.1 release indicates that it includes a fix for a potential denial-of-service exploit in one of its dependencies (Apache Commons FileUpload), there are changes in the ordering of attributes in the LDIF representations of entries or change records, and some Docker-related updates.
The Ping Identity Directory Server provides a get password quality requirements extended operation that allows clients to programmatically retrieve the conditions that a new password must satisfy so that they can be displayed to the user, and so the client can potentially perform some client-side validation on a proposed password. There’s also a password validation details control that makes it possible to see which requirements were satisfied on a password change attempt. I write about these features on my personal blog.