Generic LDAP Connector

Important

Connectors continue to be released outside the IDM release. For the latest documentation, refer to the ICF documentation.

1.5.20.12

  • OPENICF-400: LDAP connector should be able to properly handle reading the AD tokenGroups attribute

1.5.20.11

  • OPENICF-1856: LDAP Connector: Assignment of static group to IDM User fails to assign it on LDAP side if user is already a member of a Dynamic Group on LDAP side

  • OPENICF-2089: LDAP Connector: ldapGroups membership does not take into account nested membership of other groups

  • OPENICF-2108: LDAP Connector: slow group membership updates with unindexed member/uniqueMember attributes in DS

  • OPENICF-2126: Assignment Issue: Managed User to DS Groups Failure to Select Target Group

1.5.20.9

No public changes were made specific to this connector, though a new version was released.

1.5.20.8

  • OPENICF-1977: LDAP Connector: Detect CA LDAP directory server

1.5.20.7

  • OPENICF-1897: LDAP Connector: Add support for nested AD groups

1.5.20.6

  • OPENICF-1901: LDAP Connector: Reduce JVM garbage from ConnectorObjectBuilder and AttributeBuilder

1.5.20.5

  • OPENICF-1859: LDAP Connector: _memberId is not returned with AD & liveSync if attribute range is used

1.5.20.3

  • OPENICF-1731: LDAP Connector: Escape characters (\) not properly handled on delete and updates ops

1.5.20.2

  • OPENICF-1666: LDAP Connector: ldapGroups should restrict membership to the specified contexts.

1.5.20.0

  • OPENICF-1586: LDAP Connector: Timestamp sync strategy: Synchronization filters are not used properly

  • OPENICF-1560: LDAP Connector: RFE Disable Paged Results Control

See 1.5.20.0 in the Connector Framework release notes for details regarding any other changes that may affect version 1.5.20.0 of the connector.

1.5.19.6

No issues specific to this connector were addressed in this release.

See 1.5.19.6 in the Connector Framework release notes for details regarding any other changes that may affect version 1.5.19.6 of the connector.

1.5.19.5

No issues specific to this connector were addressed in this release.

See 1.5.19.5 in the Connector Framework release notes for details regarding any other changes that may affect version 1.5.19.5 of the connector.

1.5.19.4

No issues specific to this connector were addressed in this release.

See 1.5.19.4 in the Connector Framework release notes for details regarding any other changes that may affect version 1.5.19.4 of the connector.

1.5.19.3

No issues specific to this connector were addressed in this release.

See 1.5.19.3 in the Connector Framework release notes for details regarding any other changes that may affect version 1.5.19.3 of the connector.

1.5.19.2

  • OPENICF-1472: LDAP Connector: Data not synced from AD to IDM via livesync on __ALL__ object

  • OPENICF-1470: LDAP Connector: Null Check in ADUserAccounControl.addControl

  • OPENICF-1466: LDAP Connector: Update filterWithOrInsteadOfAnd to apply to timestamp and Active Directory liveSync

  • OPENICF-1448: LDAP Connector: Enabling changelog livesync for oracle unified directory (OUD)

See 1.5.19.2 in the Connector Framework release notes for details regarding any other changes that may affect version 1.5.19.2 of the connector.

1.5.19.1

No issues specific to this connector were addressed in this release.

See 1.5.19.1 in the Connector Framework release notes for details regarding any other changes that may affect version 1.5.19.1 of the connector.

1.5.19.0

  • OPENICF-1388: LDAP Connector 1.5.5.0 throws java.lang.NoSuchMethodError on Java 8

  • OPENICF-1396: OPENIDM-15448 changes seemingly broke querying ldap via the data tab

See 1.5.19.0 in the Connector Framework release notes for details regarding any other changes that may affect version 1.5.19.0 of the connector.

1.5.18.0

Note

Starting in version 1.5.18.0, the ICF Connector Framework and all connectors bundled with IDM share a unified version number.

  • No issues were addressed in this release.

1.5.6.0

  • OPENICF-1413: Use framework version 1.5.11.0 for ldap-connector to support Java8-compatible release

1.5.5.0

Version 1.5.5.0 is bundled with the IDM 7.0.0 release.

  • OPENICF-1053: LDAP Connector: _action=test on wrong certificate pattern should return error

  • OPENICF-1162: LDAP Connector: empty array becomes absent if useTimestampsForSync is used

  • OPENICF-1320: LDAP Connector: Description is not available for some properties

  • OPENICF-1353: LDAP Connector: NPE if provisioner has attribute-mapping for objectGUID but system account does not have objectGUID

  • OPENICF-1347: Expose lastChangeNumber info through SERVER_INFO object of LDAP connector

1.5.4.0

  • OPENICF-1343: LDAP Connector: Unable to use VLV Index Search Strategy

  • OPENICF-1312: LDAP Connector expects the range returned from AD to be 0-1499 for the member attribute

1.5.3.0

  • OPENICF-1257: LDAP Connector: startTLS throws InvalidCredentialException with IDM on JDK11

1.5.2.0
1.5.1.0

  • OPENICF-1247: LDAP Connector: Do not overwrite AD userAccountControl when it has not changed from previous value

  • OPENICF-1223: LDAP: AD/AD LDS query id with sortKeys called after query id with invalid cookie returns code 500

1.5.0.0

  • OPENICF-1188: LDAP Connector: modifiersNamesToFilterOut does not check the creatorsName for an 'add'

  • OPENICF-1175: LDAP Connector: sortKeys = _id is ignored

  • OPENICF-1174: LDAP Connector: query-all-ids causes NPE

  • OPENICF-1161: LDAP connector: inconsistency in escaping special chars when comparing new DN with existing entry DN (when updating entry), results in MODIFYDN

  • OPENICF-1159: LDAP Connector: Upgrade to ICF 1.5

  • OPENICF-1147: LDAP Connector: Query with _pagedResultsOffset higher than number of records in ldap is returning incorrect results

  • OPENICF-1004: LDAP Connector: QueryFilter presence modifier against System LDAP endpoint is not applied within ldapSearch

1.4.11.0

  • OPENICF-1117: AD UserAccountControl attributes not sync'd when using ALL ObjectClass

  • OPENICF-1108: LDAP Connector: Change the connector license to CDDL

  • OPENICF-1100: Bad grammar in error message on initial connection

  • OPENICF-1055: LDAP Connector: In GroupHelper.java's getLdapGroups and getLdapGroupMemberships, explicitly ask for dn

  • OPENICF-963: RFE: LDAP connector - enhance health check mechanism

1.4.10.0

  • OPENICF-1067: LDAP Connector: Enhance connection exception messages

  • OPENICF-1057: LDAP connector: error code 20 should be caught on update

1.4.9.0

  • OPENICF-1035: LDAP Connector - DJ - ldapGroups are not returned if empty

1.4.8.0

Version 1.4.8.0 is bundled with IDM version 6.5.0 by default.

  • OPENICF-958: LDAP - sortKeys by _id does not work with dj 6.5.0

  • OPENICF-949: LDAP connector - AD with SSL _action=authenticate returns 500 Internal server error

  • OPENICF-941: RFE for additional logging in LDAP connector getSearchStrategy()

  • OPENICF-918: support for multiple Kerberos credentials for different LDAP connector instances

  • OPENICF-883: LDAP connector: update should log attributes to modify

  • OPENICF-878: LDAP SSL does not work any more

  • OPENICF-868: Extend detection of CA LDAP server type

  • OPENICF-866: Implement a connectionTimeout configuration for LDAP Connector

  • OPENICF-688: AD LDS InvalidAttributeValueException is not getting reported

  • OPENICF-666: LDAP Connector: Authenticate - ability to make distinction between invalid cred and expired password

  • OPENICF-665: Check LDAP Server DNS Name against the SSL Certificate's subject/alternative name

  • OPENICF-561: LDAP connector: get rid of legacy config parameters

Read a different version of :