2008-11-14 release 0.6.7 of nss-ldapd
This release fixes one bugs in the 0.6.6 and earlier releases in the Debian
package configuration.
This should be a reasonably stable and well tested release.
changes since 0.6.6:
a fix for a problem in the Debian packaging that would cause
user-configured options be ignored
2008-11-04 release 0.6.6 of nss-ldapd
This release just fixes a number of bugs in the 0.6.5 release.
This should be a reasonably stable and well tested release.
changes since 0.6.5:
Debian packaging improvements
allow spaces in user and group names because it was causing problems
in some environments
if ldap_set_option() fails log the option name instead of
number
2008-08-22 release 0.6.5 of nss-ldapd
This release only updates some Debian configuration translations.
Other than that there are no changes in this release.
Get this release from the downloads section.
2008-07-20 release 0.6.4 of nss-ldapd
This release mainly fixes a number of bugs in the 0.6.3 release.
Only one new feature has been added.
This should be a reasonably stable and well tested release.
changes since 0.6.3:
fix for the tls_checkpeer option
fix incorrect test for ssl option in combination with ldaps:// URIs
improvements to Active Directory sample configuration
implement looking up search base in rootDSE of LDAP server
2008-06-15 release 0.6.3 of nss-ldapd
This release mainly fixes a number of bugs in the 0.6.2 release and
adds some new functionality. Most effort is put into getting the code
as stable as possible.
Thanks everybody for the feedback provided and patches sent.
All feedback is very much apreciated, even if a reply is not sent
very quickly.
changes since 0.6.2:
retry connection and search if getting results failed with connection
problems (some errors only occur when getting the results, not when
starting the search)
add support for groups with up to around 150000 members (assuming user
names on average are a little under 10 characters)
problem with possible SIGPIPE race condition was fixed by
using send() instead of write()
add uid and gid configuration keywords that set the
user and group of the nslcd daemon
add some documentation on supported group to member mappings
add sanity checking to code for when clock moves backward
log messages now include a session id that makes it easier to track
errors to requests (especially useful in debugging mode)
miscellaneous portability improvements
increase buffers and timeouts to handle large lookups more gracefully
implement SASL authentication based on a patch by Dan White
allow more characters in user and group names
Debian packaging improvements
Get this release from the downloads section.
Also, the people of OpenLDAP are working on a module in slapd to do the
part that nslcd is doing now. See the
openldap-devel
mailing list and
cvs tree
for details.
2008-05-04 release 0.6.2 of nss-ldapd
This release mainly fixes a number of bugs in the 0.6.1 release and
adds some new functionality, mainly to add support for Active Directory.
Thanks everybody for the feedback provided and patches sent.
All feedback is very much apreciated, even if a reply is not sent
very quickly.
changes since 0.6.1:
support retrieval of ranged attribute values as sometimes returned by
Active Directory
added the threads keyword to configure the number of threads
that should be started in nslcd
handle empty netgroups properly
change the time out and retry mechanism for connecting to the LDAP
server to return an error quickly if the LDAP server is known to be
unavailable for a long time (this removed the reconnect_tries
option and changes the meaning of the reconnect_sleeptime and
reconnect_maxsleeptime options)
increased the time out values between the NSS module and nslcd because
of new retry mechanism
implement new dict and set modules that use a hashtable to map keys
efficiently
use the new set to store group membership to simplify memory
management and eliminate duplicate members
the uniqueMember attribute now only supports DN values
implement a cache for DN to user name lookups (15 minute timeout) used
for the uniqueMember attribute to save on doing LDAP searches
for groups with a lot of members, based on a patch by Petter
Reinholdtsen
improvements to the tests
if any of the ldap calls return LDAP_UNAVAILABLE or
LDAP_SERVER_DOWN the connection is closed
improve dependencies in LSB init script header to improve dependency
based booting
2008-04-06 release 0.6.1 of nss-ldapd
This release mainly fixes a number of bugs in the 0.6 release without
big structural changes.
There are a number of known problems in combination with Active Directory
which require some more testing.
Thanks everybody for the feedback provided and patches sent.
All feedback is very much apreciated, even if a reply is not sent
very quickly.
changes since 0.6:
numerous small fixes and compatibility improvements
the I/O buffers between nslcd and NSS module are now dynamically
sized and tuned for common requests
correctly follow referrals
add StartTLS support by Ralf Haferkamp of SuSE
miscellaneous documentation improvements
remove code for handling rootbinddn/pw because it is
unlikely to be supported any time soon
fix a problem with realloc()ed memory that was not
referenced
fix for a crash in group membership buffer growing code thanks to
Petter Reinholdtsen
some improvements to the Active Directory sample configuration
fix init script exit code with stop while not running
fixes to the _nss_ldap_initgroups_dyn() function to properly
handle the buffer and limits passed by Glibc
fixes to the member to groups search functions to correctly handle
uniqueMember attributes
2008-02-03 release 0.6 of nss-ldapd
This release mainly focusses on (re-)adding support for certain
features and improved portability. It also fixes a number of problems
in the 0.5 release.
nss-ldapd is now nearing stability and feature-completeness and
the main focus is on portability and implementing the remaining features.
Any patches and feedback is welcome and thanks for the feedback already
provided.
Note that improved portability does not (yet) mean that it will fully work
on other platforms than Linux.
changes since 0.5:
fix parsing of map option in nss-ldapd.conf
fix bug in handling of userPassword values
remove warning about missing loginShell attribute
support the uniqueMember LDAP attribute that holds DN values
support ldap as a compat service in /etc/nsswitch.conf
implement _nss_ldap_initgroups_dyn() to allow username->groups searches
fix retry mechanism with get*ent() functions where a too small buffer was
passed by libc (to support groups with a lot of members)
fix a bug in reporting of communications problems between nslcd and the NSS
library
test and log failures of all LDAP library calls
improved tests
miscellaneous compatibility improvements to try to support more LDAP
libraries and platforms