Recent Releases

0.29.006 Sep 2021 09:18 major feature: Update to OpenLDAP 2.5, new Debian/Ubuntu repos, many software updates, added support for Debian bullseye, AlmaLinux and Rocky Linux.
0.27.730 Jul 2021 08:43 major feature: Added LSB id mappings for installing on Rocky Linux 8.4. More flexible handling of variable openldap_db_params.
0.27.431 May 2021 15:22 major feature: Added LSB id mappings and repo entries for installing on AlmaLinux 8.4 and openSUSE Leap 15.3.
0.27.218 May 2021 05:41 minor bugfix: Fixes for HTML templates.
0.27.016 May 2021 23:39 minor feature: Update to web2ldap 1.6.1 and ldap0 1.2.8+ with performance enhancements for handling large group entries.
0.26.211 May 2021 17:33 minor bugfix: Fixed DB compacting script.
0.26.110 May 2021 16:58 major feature: Added SSH-CA (EKCA) for issuing temporary short-term OpenSSH user certificates.
0.25.122 Apr 2021 18:37 minor feature: - Finally the simple web apps were migrated to Flask/WTForms/Jinja2. - Enforced installation of more recent software releases. - slapdcheck has a config file now where you can set formerly hard-coded parameters. - Added HTTP security header Permissions-Policy. - Fixed HTML markup ae-dir-pwd's change password form. - Improved wording in e-mail templates.
0.24.1918 Mar 2021 14:12 minor feature: Features: - Added support to set aedir_rundir to e.g. /run/ae-dir usually mounted as tmpfs on modern Linux distros (not enabled by default, use with care) - added support for directly validating OTP values with a COMPARE request against a token entry (used by oath-ldap-tool ykcheck) - Change to oathTokenPIN-ACLs and userPassword-ACLs for token entries to enable bulk enrollment of Yubikey tokens 1 - slapdcheck monitoring parameters now in configuration file Fixes - added --graceful-timeout=2 to aedir_gunicorn_args for fixing issues with ansible restart handlers - various fixes for installing on SLE15 SP2 Enforced installation of recent software: - oath-ldap-tool 1.3.4+ - oath-ldap-srv 1.3.0+ - ae-dir-tool 1.0.6+ - slapdcheck 3.8.0+ - pyasn1 and pyasn1_modules
0.24.1312 Feb 2021 20:00 minor fix: Update to web2ldap 1.5.113+.
0.24.1211 Feb 2021 20:00 minor feature: Service group members are now allowed to read attribute aeDisplayNameGroups.
0.24.1108 Feb 2021 20:00 minor fix: Upgrade to slapdcheck 3.7.0.
0.24.1006 Feb 2021 03:17 minor fix: Default for system logging options now empty. Added more HTTP security headers.
0.24.918 Dec 2020 19:00 minor fix: Fixed ACL for auxiliary service groups.
0.24.812 Dec 2020 00:00 minor feature: Apache httpd now uses MPM event model on all platforms.
0.24.711 Dec 2020 03:16 major fix: Fixed Apache modules directory for openSUSE Tumbleweed.
0.24.626 Nov 2020 21:00 major fix: Enforce installation of web2ldap bug-fix release 1.5.112+.
0.24.521 Nov 2020 03:16 minor feature: Added quick search field in web2ldap.
0.24.411 Nov 2020 18:00 minor feature: New ansible variables to customize group member constraint filters.
0.24.306 Nov 2020 12:00 minor feature: AppArmor ABI version 3.0 used on openSUSE Tumbleweed and Ubuntu.
0.24.204 Nov 2020 17:00 minor fix: Fixed security headers, install web2ldap update.
0.24.103 Nov 2020 21:00 minor fix: Fixed AppArmor on Ubuntu.
0.23.326 Oct 2020 20:00 minor fix: Minor fixes.
0.23.220 Oct 2020 00:00 major fix: Fixed installation on openSUSE Leap 15.2.
0.23.108 Oct 2020 01:00 minor fix: Explicitly use ld.bfd for linking during pip installation required on CentOS 8.2+.
0.23.005 Oct 2020 16:00 major feature: Support for running on CentOS 8.2+, dropped support for CentOS 7.x.
0.22.327 Sep 2020 00:00 minor fix: Forced web2ldap update.
0.22.224 Sep 2020 00:00 minor feature: New optionally defined variable to enforce installing build tools.
0.22.122 Sep 2020 08:00 minor fix: Install web2ldap 1.5.98 with a work-around for gunicorn.
0.21.018 Sep 2020 00:00 minor feature: Enabled sortvals for multi-valued attributes for better performance. Needs reloading of existing databases.
0.20.211 Sep 2020 21:00 minor fix: Updated Debian/Ubuntu package name.
0.20.125 Aug 2020 18:30 minor fix: Various small fixes.
0.20.014 Aug 2020 13:00 major feature: OATH-LDAP updates, various small fixes.
0.19.222 Jul 2020 12:00 major fix: Fixed password expiry warning e-mails.
0.19.121 Jul 2020 15:00 minor feature: Improved TLS ciphers defaults
0.18.114 Jul 2020 12:00 minor feature: Fixed logging in ae-dir-tool
0.18.008 Jul 2020 22:00 minor feature: Improved logging configuration, stricter syscall filters, less CRON jobs
0.17.003 Jul 2020 19:00 minor feature: Terminology change with OATH-LDAP upgrade to 1.1.0: primary keys
0.16.202 Jul 2020 10:30 minor feature: Avoid using system libldap linked to GNUTLS on Debian.
0.16.030 Jun 2020 06:30 stable: UI improvements.
0.15.1021 Jun 2020 15:30 stable: Fixed some more issues with automated aeHost creation and setup admin authentication.
0.15.720 Jun 2020 18:00 stable: aehostd UID/GID is mapped to replica's aeHost entry.
0.15.920 Jun 2020 18:00 stable: Fixed CentOS 7/8 compability issues.
0.15.619 Jun 2020 01:00 stable: Fixed oathenroll installation.
0.15.212 Jun 2020 18:00 stable: Improved automation of aeHost and aeService entries.
0.14.705 Jun 2020 14:30 stable: More CRON tuning parameters, added wrapper script for decrypting OATH token PINs.
0.14.605 Jun 2020 14:30 stable: Renamed ansible roles to names without dashes for compability with ansible collections.
0.14.202 Jun 2020 16:00 stable: Small schema change in schema, new ansible variable for load-balancer hostname.
0.14.129 May 2020 08:30 stable: Small schema change in object class 'aeService'.
0.14.026 May 2020 19:00 stable: New object class aeSSHAccount.
0.12.216 May 2020 15:09 minor feature: Support for using password hash scheme ARGON2 available in OpenLDAP 2.4.50+.
0.12.114 May 2020 09:56 minor feature: Pulls in many software updates besides many other small improvements and fixes.
0.12.010 May 2020 16:36 minor feature: Pulls in many software updates besides many other small improvements and fixes.
0.11.311 Apr 2020 14:00 minor feature: Pulls in many software updates besides many other small improvements and fixes.
0.11.411 Apr 2020 14:00 minor feature: OATH-LDAP bind listeners are now using config files, added Feature-Policy header to Apache and web2ldap.
0.11.019 Mar 2020 20:00 minor feature: Many small improvements and fixes, especially for monitoring/logging.
0.10.318 Feb 2020 07:00 minor fix: Removed obsolete default vars, minor fixes.
0.10.108 Feb 2020 12:56 minor feature: Minor hardening improvements.
0.10.003 Feb 2020 13:00 minor feature: Small improvements for monitoring and logging, more regression fixes.
0.9.518 Dec 2019 16:00 major fixes: Fixes for Python 3 migration regressions.
0.9.430 Nov 2019 06:05 minor feature: added Prometheus metrics
0.9.323 Nov 2019 20:00 minor fixes: more improvements for Python 3 support
0.9.020 Nov 2019 00:00 major feature: Runs on Python 3.6+ now
0.8.204 Oct 2019 15:00 minor feature: Pin all Python modules to the Python2 versions for now
0.8.128 Sep 2019 08:00 minor feature: Mostly more/improved metrics in slapd_checkmk.py
0.8.030 Jul 2019 08:00 major feature: moved Python process code out to separate Python module package
0.7.723 Jul 2019 08:00 minor fix: documentation details
0.7.611 Jul 2019 18:00 major fix: security fix: explicitly disallow write access to attribute memberOf
0.7.509 Jul 2019 16:00 minor feature: enforce removal of group members in archived group entries
0.7.426 Jun 2019 11:00 minor feature: updated monitor check, small modifications in various systemd units, minor doc updates
0.7.316 Jun 2019 11:00 minor feature: added login form on web2ldap landing page, updated some docs
0.7.222 May 2019 14:00 minor feature: small change for upcoming openSUSE Leap 15.1, some other cosmetics
0.7.117 Apr 2019 18:00 minor fix: small change for upcoming Debian buster
0.7.016 Apr 2019 11:00 minor feature: incompatible change of ansible vars for mdb configuration, re-factoring of AppArmor profiles, other minor improvements
0.6.621 Mar 2019 21:00 minor feature: backup CRON job parameters, new attribute aeRequires in aeSrvGroup entries, minor AppArmor fix
0.6.511 Mar 2019 18:00 minor fix: mostly doc fixes
0.6.416 Feb 2019 18:00 minor feature: new tuning parameter for slapd, other minor changes
0.6.331 Jan 2019 21:00 minor feature: Update to web2ldap 1.4.2 with new UI style, small fixes
0.6.229 Jan 2019 05:49 minor bugfix: minor fixes
0.6.128 Jan 2019 10:03 minor feature: web2ldap update to 1.4.0
0.6.031 Dec 2018 10:00 minor feature: Code-cleaning, mandatory software updates
0.5.131 Dec 2018 10:00 minor fix: Fixed non-unique schema IDs in web2ldap supplemental schema file
0.5.027 Dec 2018 10:00 minor feature: Re-factored aedirpwd, git repo split, more minor changes
0.4.425 Nov 2018 10:00 minor fix: Code-cleaning and small fixes
0.4.322 Nov 2018 10:00 minor feature: Small improvements for ae-dir-hostd role, some tuning parameters for slapd
0.4.205 Nov 2018 20:00 minor feature: Minor improvements, documentation updates
0.4.119 Oct 2018 20:00 minor fix: Minor ACL fix
0.4.018 Oct 2018 20:00 major feature: Major refactoring of OpenLDAP ACLs, minor other fixes and enhancements
0.3.429 Sep 2018 03:15 minor feature: Config change in web2ldap, minor improvements and fixes
0.3.314 Aug 2018 12:00 minor feature: More on config changes in web2ldap and aehostd
0.3.211 Aug 2018 03:18 minor feature: Adapt to config changes in web2ldap, misc. minor changes
0.3.105 Aug 2018 12:00 minor feature: More updates for aehostd, docs updates
0.3.023 Jul 2018 12:00 major feature: Added new ansible role for installing custom NSS/PAM service (aehostd)
0.2.028 Jun 2018 03:15 minor feature: Polished and improved lots of minor stuff, last version for Debian Jessie
02 Jun 2018 16:51 major feature: initial submission
0.1.002 Jun 2018 12:00 major feature: initial submission