1*e670fd5cSchristosA N N O U N C E M E N T -- OpenLDAP 2.5 22de962bdSlukem 32de962bdSlukem The OpenLDAP Project is pleased to announce the availability 4*e670fd5cSchristos of OpenLDAP Software 2.5, a suite of the Lightweight Directory 52de962bdSlukem Access Protocol (v3) servers, clients, utilities, and 62de962bdSlukem development tools. 72de962bdSlukem 82de962bdSlukem This release contains the following major enhancements: 92de962bdSlukem 102de962bdSlukem * Slapd(8) enhancements 11*e670fd5cSchristos - kqueue support for BSD based OSes 12*e670fd5cSchristos - cn=config delete support 13*e670fd5cSchristos - Don't use copy control support 14*e670fd5cSchristos - Threadpool queues 15*e670fd5cSchristos - non-blocking TLS support 16*e670fd5cSchristos - Configurable TCP read and write buffers 17*e670fd5cSchristos for listeners. 18*e670fd5cSchristos - LDAP Transaction support 19*e670fd5cSchristos - MS AD Lazy commit control 20*e670fd5cSchristos - MS AD replication support 21*e670fd5cSchristos - DSEE replication support 22*e670fd5cSchristos - Sun/Netscape draft persistent search support 23*e670fd5cSchristos - HAProxy proxy protocol v2 support 24*e670fd5cSchristos * New backends 25*e670fd5cSchristos - back-wt: Wiredtiger backend to slapd (Experimental) 26*e670fd5cSchristos - back-asyncmeta: Async version of back-meta 27*e670fd5cSchristos * Backend updates 28*e670fd5cSchristos - back-ldap: CANCHAINOPS 29*e670fd5cSchristos - back-meta META_CLIENT_PR 30*e670fd5cSchristos - back-monitor is always built as a part of slapd 31*e670fd5cSchristos * Retired backends 32*e670fd5cSchristos - back-bdb 33*e670fd5cSchristos - back-hdb 34*e670fd5cSchristos - back-shell 35*e670fd5cSchristos * Deprecated backends 36*e670fd5cSchristos - back-ndb 37*e670fd5cSchristos - back-sql 38*e670fd5cSchristos - back-perl 392de962bdSlukem * New overlays 40*e670fd5cSchristos - autoca 41*e670fd5cSchristos - homedir 42*e670fd5cSchristos - otp 43*e670fd5cSchristos - remoteauth 44*e670fd5cSchristos * New password hashing module 45*e670fd5cSchristos - argon2 46*e670fd5cSchristos * Overlay updates 47*e670fd5cSchristos - pcache can access private DB with control 48*e670fd5cSchristos - pcache can remove a query from the cache 49*e670fd5cSchristos with exop 50*e670fd5cSchristos - back-monitor support for pcache 51*e670fd5cSchristos - ppolicy updated with password policy 52*e670fd5cSchristos draft 10 support 53*e670fd5cSchristos - dynlist can now generate (is)memberOf 54*e670fd5cSchristos dynamically 55*e670fd5cSchristos - dynlist do reverse lookups to find all 56*e670fd5cSchristos groups a user belongs to 57*e670fd5cSchristos - unique can now do db wide locking to avoid 58*e670fd5cSchristos race conditions 59*e670fd5cSchristos * New Library 60*e670fd5cSchristos - libldif provides an LDIF parsing API 61*e670fd5cSchristos * Library updates 62*e670fd5cSchristos - libldap_r has been merged with libldap 63*e670fd5cSchristos - libldap has TLS channel binding support 64*e670fd5cSchristos - libldap has TLS public key pinning support 65*e670fd5cSchristos - libldap has TLS SNI support 66*e670fd5cSchristos - libldap has GSSAPI channel binding support 672de962bdSlukem * Clients and tools 68*e670fd5cSchristos - slapmodify for offline updates to cn=config 692de962bdSlukem * Significant performance enhancements throughout 702de962bdSlukem the client and server code base 71*e670fd5cSchristos * New contrib overlays 72*e670fd5cSchristos - adremap remaps attributes for PAM/NSS MS AD 73*e670fd5cSchristos support 74*e670fd5cSchristos - authzid implements RFC 3829 support 75*e670fd5cSchristos - datamorph stores enumerated values and fixed 76*e670fd5cSchristos size integers 77*e670fd5cSchristos - ppm adds additional password checking criteria 78*e670fd5cSchristos to the slapo-ppolicy overlay 79*e670fd5cSchristos - pw-radius allows bind operations to be 80*e670fd5cSchristos passed to the specified radius server(s) 81*e670fd5cSchristos - rbac intercepts, decodes and enforces specific 82*e670fd5cSchristos RBAC policies per the Apache Fortress RBAC 83*e670fd5cSchristos data formats 84*e670fd5cSchristos - totp provides one time password support 85*e670fd5cSchristos - usn adds MS AD usnCreated and usnChanged 86*e670fd5cSchristos operational attributes to entries 87*e670fd5cSchristos - variant allows attributes/values to be shared 88*e670fd5cSchristos between several entries 89*e670fd5cSchristos - vc provides the verify credentials 90*e670fd5cSchristos extended operation 912de962bdSlukem 922de962bdSlukem This release includes the following major components: 932de962bdSlukem 942de962bdSlukem * slapd - a stand-alone LDAP directory server 95*e670fd5cSchristos * lloadd - a stand-alone LDAP load balancing proxy server 962de962bdSlukem * -lldap - a LDAP client library 972de962bdSlukem * -llber - a lightweight BER/DER encoding/decoding library 982de962bdSlukem * LDIF tools - data conversion tools for use with slapd 992de962bdSlukem * LDAP tools - A collection of command line LDAP utilities 1002de962bdSlukem * Admin Guide, Manual Pages - associated documentation 1012de962bdSlukem 1022de962bdSlukem In addition, there are some contributed components: 1032de962bdSlukem 1042de962bdSlukem * LDAPC++ - a LDAP C++ SDK 1052de962bdSlukem * Various slapd modules and slapi plugins 1062de962bdSlukem 1072de962bdSlukem 1082de962bdSlukemACKNOWLEDGEMENTS 1092de962bdSlukem 1102de962bdSlukem OpenLDAP Software is developed by the OpenLDAP Project. The 1112de962bdSlukem Project consists of a team of volunteers who use the 1122de962bdSlukem Internet to coordinate their activities. The Project is 1132de962bdSlukem an organized activity of the OpenLDAP Foundation. 1142de962bdSlukem 1152de962bdSlukem OpenLDAP Software is derived from University of Michigan LDAP, 1162de962bdSlukem release 3.3. 1172de962bdSlukem 1182de962bdSlukem 1192de962bdSlukemAVAILABILITY 1202de962bdSlukem 1212de962bdSlukem This software is available under the OpenLDAP Public License, 1222de962bdSlukem an non-restrictive, "free", open-source license. Download 1232de962bdSlukem information is available at: 1242de962bdSlukem 125*e670fd5cSchristos https://www.OpenLDAP.org/software/download/ 1262de962bdSlukem 1272de962bdSlukem 1282de962bdSlukemSUPPORT 1292de962bdSlukem 1302de962bdSlukem OpenLDAP Software is user supported: 1312de962bdSlukem 132*e670fd5cSchristos https://www.openldap.org/support/ 1332de962bdSlukem 1342de962bdSlukem The OpenLDAP Administrator's Guide, which includes quick 1352de962bdSlukem start instructions, is available at: 1362de962bdSlukem 137*e670fd5cSchristos https://www.openldap.org/doc/admin/ 1382de962bdSlukem 1392de962bdSlukem In addition, there are also a number of discussion lists 1402de962bdSlukem related to OpenLDAP Software. A list of mailing lists is 1412de962bdSlukem available at: 1422de962bdSlukem 143*e670fd5cSchristos https://www.OpenLDAP.org/lists/ 1442de962bdSlukem 1452de962bdSlukem To report bugs, please use project's Issue Tracking System: 1462de962bdSlukem 147*e670fd5cSchristos https://bugs.openldap.org/ 1482de962bdSlukem 1492de962bdSlukem The OpenLDAP home page containing lots of interesting information 1502de962bdSlukem and online documentation is available at this URL: 1512de962bdSlukem 152*e670fd5cSchristos https://www.OpenLDAP.org/ 1532de962bdSlukem 1542de962bdSlukem 1552de962bdSlukemSUPPORTED PLATFORMS 1562de962bdSlukem 1572de962bdSlukem This release has been ported to many UNIX (and UNIX-like) 1582de962bdSlukem platforms including Darwin, FreeBSD, Linux, NetBSD, OpenBSD 1592de962bdSlukem and most commercial UNIX systems. The release has also been 1602de962bdSlukem ported (in part or in whole) to other platforms including 1612de962bdSlukem Apple MacOS X, IBM zOS, and Microsoft Windows NT/2000/etc. 1622de962bdSlukem 1632de962bdSlukem--- 1642de962bdSlukemOpenLDAP is a registered trademark of the OpenLDAP Foundation. 1652de962bdSlukem 166*e670fd5cSchristosCopyright 1999-2021 The OpenLDAP Foundation, Redwood City, 1672de962bdSlukemCalifornia, USA. All Rights Reserved. Permission to copy and 1682de962bdSlukemdistribute verbatim copies of this document is granted. 169