OpenLDAP, 2.5.18 LTS Release Announcement

2.5.18 LTS Release Announcement

A N N O U N C E M E N T -- OpenLDAP 2.5

    The OpenLDAP Project is pleased to announce the availability
    of OpenLDAP Software 2.5, a suite of the Lightweight Directory
    Access Protocol (v3) servers, clients, utilities, and
    development tools.

    This release contains the following major enhancements:

        * Slapd(8) enhancements
            - kqueue support for BSD based OSes
            - cn=config delete support
            - Don't use copy control support
            - Threadpool queues
            - non-blocking TLS support
            - Configurable TCP read and write buffers
               for listeners.
            - LDAP Transaction support
            - MS AD Lazy commit control
            - MS AD replication support
            - DSEE replication support
            - Sun/Netscape draft persistent search support
            - HAProxy proxy protocol v2 support
        * New backends
            - back-wt: Wiredtiger backend to slapd (Experimental)
            - back-asyncmeta: Async version of back-meta
        * Backend updates
            - back-ldap: CANCHAINOPS
            - back-meta META_CLIENT_PR
            - back-monitor is always built as a part of slapd
        * Retired backends
            - back-bdb
            - back-hdb
            - back-shell
        * Deprecated backends
            - back-ndb
            - back-sql
            - back-perl
        * New overlays
            - autoca
            - homedir
            - otp
            - remoteauth
        * New password hashing module
            - argon2
        * Overlay updates
            - pcache can access private DB with control
            - pcache can remove a query from the cache
               with exop
            - back-monitor support for pcache
            - ppolicy updated with password policy
               draft 10 support
            - dynlist can now generate (is)memberOf
            - dynlist do reverse lookups to find all
               groups a user belongs to
            - unique can now do db wide locking to avoid
               race conditions
        * New Library
            - libldif provides an LDIF parsing API
        * Library updates
            - libldap_r has been merged with libldap
            - libldap has TLS channel binding support
            - libldap has TLS public key pinning support
            - libldap has TLS SNI support
            - libldap has GSSAPI channel binding support
        * Clients and tools
            - slapmodify for offline updates to cn=config
        * Significant performance enhancements throughout
            the client and server code base
        * New contrib overlays
            - adremap remaps attributes for PAM/NSS MS AD
            - authzid implements RFC 3829 support
            - datamorph stores enumerated values and fixed
               size integers
            - ppm adds additional password checking criteria
               to the slapo-ppolicy overlay
            - pw-radius allows bind operations to be
               passed to the specified radius server(s)
            - rbac intercepts, decodes and enforces specific
               RBAC policies per the Apache Fortress RBAC
               data formats
            - totp provides one time password support
            - usn adds MS AD usnCreated and usnChanged
               operational attributes to entries
            - variant allows attributes/values to be shared
               between several entries
            - vc provides the verify credentials
               extended operation

    This release includes the following major components:

        * slapd - a stand-alone LDAP directory server
        * lloadd - a stand-alone LDAP load balancing proxy server
        * -lldap - a LDAP client library
        * -llber - a lightweight BER/DER encoding/decoding library
        * LDIF tools - data conversion tools for use with slapd
        * LDAP tools - A collection of command line LDAP utilities
        * Admin Guide, Manual Pages - associated documentation

    In addition, there are some contributed components:

        * LDAPC++ - a LDAP C++ SDK
        * Various slapd modules and slapi plugins


    OpenLDAP Software is developed by the OpenLDAP Project.  The
    Project consists of a team of volunteers who use the
    Internet to coordinate their activities.  The Project is
    an organized activity of the OpenLDAP Foundation.

    OpenLDAP Software is derived from University of Michigan LDAP,
    release 3.3.


    This software is available under the OpenLDAP Public License,
    an non-restrictive, "free", open-source license.  Download
    information is available at:


    OpenLDAP Software is user supported:

    The OpenLDAP Administrator's Guide, which includes quick
    start instructions, is available at:

    In addition, there are also a number of discussion lists
    related to OpenLDAP Software.  A list of mailing lists is
    available at:

    To report bugs, please use project's Issue Tracking System:

    The OpenLDAP home page containing lots of interesting information
    and online documentation is available at this URL:


    This release has been ported to many UNIX (and UNIX-like)
    platforms including Darwin, FreeBSD, Linux, NetBSD, OpenBSD
    and most commercial UNIX systems.  The release has also been
    ported (in part or in whole) to other platforms including
    Apple MacOS X, IBM zOS, and Microsoft Windows NT/2000/etc.

OpenLDAP is a registered trademark of the OpenLDAP Foundation.

Copyright 1999-2024 The OpenLDAP Foundation, Redwood City,
California, USA.  All Rights Reserved.  Permission to copy and
distribute verbatim copies of this document is granted.

© Copyright 2014-2024, OpenLDAP Foundation. Privacy Statement
$Id: 352365f65dcde50a825565ec675b3cf2ad821477 $