ApacheDS™

LDAP and Kerberos server written in Java

ApacheDS™ is an extensible and embeddable directory server entirely written in Java, which has been certified LDAPv3 compatible by the Open Group. Besides LDAP it supports Kerberos 5 and the Change Password Protocol. It has been designed to introduce triggers, stored procedures, queues and views to the world of LDAP which has lacked these rich constructs.

LDAPv3 Compliant

Since its initial version, ApacheDS has been certified by the Open Group which guarantees conformance of directory servers to version 3 of the LDAP protocol.

Full X500 Authorization

ApacheDS uses an adaptation of the X.500 basic access control scheme in combination with X.500 subentries to control access to entries and attributes within the DIT.

Kerberos Server Built-in

Not only is ApacheDS an LDAP server, it also supports the Kerberos protocol being a KDC (Key Distribution Center), a TGS (Ticket Granting Server) and an AS (Authentication Server).

Multi-Master Replication

Multi-master replication support via RFC 4533 (Content Synchronization Operation) has been added to ApacheDS 2.0, making it also compatible with OpenLDAP.

Password Policy Support

ApacheDS supports the "Password Policy for LDAP Directories" RFC draft, allowing it to enforce a set of rules designed to encourage users to employ strong passwords and use them properly.

LDIF-Based Configuration

The configuration of ApacheDS relies on an LDIF file, a well known format for people working around LDAP technologies, making it easier to configure the server.

Written in Java and Embeddable

ApacheDS has been written in Java, one of the best object-oriented programming languages, which makes it easy for developpers to embed in their own Java applications.

Multi-Platform

ApacheDS is available on most operating systems (Linux, Mac OS X & Windows), with dedicated installers for each platform (.deb, .bin, or .rpm packages, Windows installer, .zip and .tar.gz archives, etc).

News

ApacheDS 2.0.0-M16 released posted on March 13th, 2014

The Apache Directory team is pleased to announce the release of ApacheDS 2.0.0-M16, the sixteenth milestone towards a 2.0 version.

ApacheDS is an extensible and embeddable directory server entirely written in Java, which has been certified LDAPv3 compatible by the Open Group. Besides LDAP it supports Kerberos 5 and the Change Password Protocol. It has been designed to introduce triggers, stored procedures, queues and views to the world of LDAP which has lacked these rich constructs.

Downloads are available here

Here is the release note for Apache Directory ApacheDS 2.0.0-M16:

Bugs

  • DIRSERVER-1092 - org.apache.directory.server.dns.store.RecordStore not support ordered multiple resource record answers
  • DIRSERVER-1252 - Server tools dump command broken due to use of old paths
  • DIRSERVER-1412 - Modifying the schema with more than one mod may fail
  • DIRSERVER-1471 - Providing a right fix for DIRSERVER-1459
  • DIRSERVER-1761 - Unable to use external keystore for SSL
  • DIRSERVER-1810 - Test case org.apache.directory.server.replication.ClientServerReplicationIT.testModDn() fails permanently
  • DIRSERVER-1845 - Sporadic failure on CollectivAttributeServiceIT
  • DIRSERVER-1855 - java.lang.IllegalStateException: Can't overwrite cause at org.apache.directory.server.core.authz.GroupCache.initialize(GroupCache.java:190)
  • DIRSERVER-1860 - Invalid DN in returned entry
  • DIRSERVER-1870 - Persistent control is not decoded properly
  • DIRSERVER-1873 - Searching on member attribute (multivalued) for groups is not working as expected
  • DIRSERVER-1884 - Incorrect length specified in PaswordUtil.splitCredentials
  • DIRSERVER-1885 - The JDBM index cache configuration is not used at all
  • DIRSERVER-1888 - Some pwdPolicy schema AT are incorrect
  • DIRSERVER-1894 - Multi-Master replicated startup does not complete
  • DIRSERVER-1900 - Password hashing interceptor is not encrypting the passwords
  • DIRSERVER-1902 - Concurrent reads cause LDAP:Error 80, LDAP: Error 1 and LDAP: error code 49 errors
  • DIRSERVER-1905 - KeytabDecoder should use '/' instead of '\' to separate principal name components
  • DIRSERVER-1906 - We still store entryUUID associated with 'top' in the OC index
  • DIRSERVER-1909 - Integer cannot be cast to java.lang.Long in JdbmTable prevents service start
  • DIRSERVER-1911 - Incorrect installation presumption toward user naming convention
  • DIRSERVER-1917 - Class Cast Exception when doing paged search
  • DIRSERVER-1921 - Indexes dont work on distinguishedNameMatch attributeType
  • DIRSERVER-1922 - Not Operator in Ldap Filter on Indexed Attributes
  • DIRSERVER-1928 - PasswordPolicy should be ignored from Admin session
  • DIRSERVER-1932 - Password policy pwdMinAge check should check for required reset
  • DIRSERVER-1948 - NPE in AuthenticationInterceptor when password policy is in place and user does not have a pwdChangedTime
  • DIRSERVER-1953 - "entryDn" attribute is not returned when requested along with wildcard attribute symbol *
  • DIRSERVER-1954 - Second startup of an embedded server fails (after an ungraceful shutdown of the first startup)
  • DIRSERVER-1955 - Directory Apacheds sends wrong empty response for password policy request
  • DIRSERVER-1957 - chpass/passwd failure (Linux)
  • DIRSERVER-1959 - Certificates corruption during replication
  • DIRSERVER-1961 - Searches wth Object level scope and non-existing attribute assertion in filter are not working
  • DIRSERVER-1962 - Replication Consumer "Enabled" checkbox not working
  • DIRSERVER-1963 - Add contextCSN attribute to the list of ignored attributes in ReplicationConsumerImpl

Improvements

  • DIRSERVER-1081 - Injecting more information in the opContext structure
  • DIRSERVER-1294 - Add size() and hasNext() methods to cursors
  • DIRSERVER-1338 - Allow non-Jdbm schema partition
  • DIRSERVER-1460 - Add locale to configuration
  • DIRSERVER-1534 - Improving implementation of loading LDIF files during startup
  • DIRSERVER-1601 - New index to add : PrescriptiveACI, member, uniqueMember
  • DIRSERVER-1634 - Add a DN cache for Stores
  • DIRSERVER-1676 - Provide a set of error codes along with an AuthenticationException to indicate its root cause.
  • DIRSERVER-1716 - Add a ParentIdAndRdn cache
  • DIRSERVER-1920 - Refactor DefaultDirectoryServiceFactory/DefaultDirectoryService for extensability
  • DIRSERVER-1926 - Supply Entry to PasswordValidator instead of username
  • DIRSERVER-1935 - Include password policy control in the password modify extended operation response if requested

New Features

  • DIRSERVER-264 - Add Support for Sort Control
  • DIRSERVER-265 - In-memory backend storage support
  • DIRSERVER-442 - Synchronize suffix entries in configuration with entry on disk
  • DIRSERVER-1030 - Add CascadeControl and add functionality to cascade modify and delete effects
  • DIRSERVER-1246 - Add shell scripts and batch files for clients
  • DIRSERVER-1263 - Add authz schema
  • DIRSERVER-1852 - Sort the entry based on the DN before returning them
  • DIRSERVER-1886 - Add configuration schema elements for Mavibot partition
  • DIRSERVER-1889 - Credentials cache for Kerberos
  • DIRSERVER-1898 - Authentication mechanism: PKCS5S2

Task

  • DIRSERVER-575 - Convert all non-forwarding (out of band) nextInterceptor calls to use the proxy with bypass instructions

We have also fixed many Kerberos related issues :

Bugs

  • DIRKRB-28 - Allow setting searchBaseDN
  • DIRKRB-30 - Decoding incoming request over TCP fails
  • DIRKRB-96 - Unable to obtain ticket after changing the password

Tasks

  • DIRKRB-31 - Create the Authenticator grammar
  • DIRKRB-32 - Create the EncTicketPart grammar
  • DIRKRB-33 - Create the AS-REQ grammar
  • DIRKRB-34 - Create the AS-REP grammar
  • DIRKRB-35 - Create the TGS-REQ grammar
  • DIRKRB-36 - Create the TGS-REP grammar
  • DIRKRB-37 - Create the AP-REQ grammar
  • DIRKRB-38 - Create the AP-REP grammar
  • DIRKRB-39 - Create the KRB-SAFE grammar
  • DIRKRB-40 - Create the KRB-PRIV grammar
  • DIRKRB-41 - Create the KRB-CRED grammar
  • DIRKRB-42 - Create the EncASRepPart grammar
  • DIRKRB-43 - Create the EncTGSRepPart grammar
  • DIRKRB-44 - Create the EncAPRepPart grammar
  • DIRKRB-45 - Create the EncKrbPrivPart grammar
  • DIRKRB-46 - Create the EncKrbCredPart grammar
  • DIRKRB-47 - Create the KRB-ERROR grammar
  • DIRKRB-48 - Create the PA-DATA grammar
  • DIRKRB-49 - Create the Checksum grammar
  • DIRKRB-50 - Create the TransitedEncoding grammar
  • DIRKRB-51 - Create the KDC-REQ-BODY grammar
  • DIRKRB-52 - Create the KDC-REP grammar
  • DIRKRB-53 - Create the EncKDCRepPart grammar
  • DIRKRB-54 - Create the LastReq grammar
  • DIRKRB-55 - Create the KRB-SAFE-BODY grammar
  • DIRKRB-56 - Create the KrbCredInfo grammar
  • DIRKRB-57 - Create the METHOD-DATA grammar
  • DIRKRB-58 - Create the TYPED-DATA grammar
  • DIRKRB-59 - Create the PA-ENC-TIMESTAMP grammar
  • DIRKRB-60 - Create the PA-ENC-TS-ENC grammar
  • DIRKRB-61 - Create the ETYPE-INFO-ENTRY grammar
  • DIRKRB-62 - Create the ETYPE-INFO grammar
  • DIRKRB-63 - Create the ETYPE-INFO2-ENTRY grammar
  • DIRKRB-64 - Create the ETYPE-INFO2 grammar
  • DIRKRB-65 - Create the AD-IF-RELEVANT grammar
  • DIRKRB-66 - Create the AD-KDCIssued grammar
  • DIRKRB-67 - Create the AD-AND-OR grammar
  • DIRKRB-68 - Create the AD-MANDATORY-FOR-KDC grammar
  • DIRKRB-69 - Create the Ticket grammar
  • DIRKRB-70 - Create the EncryptedData grammar
  • DIRKRB-71 - Create the PrincipalName grammar
  • DIRKRB-72 - Create the HostAddresses grammar
  • DIRKRB-73 - Create the HostAddress grammar
  • DIRKRB-74 - Create the AuthorizationData grammar
  • DIRKRB-75 - Create the EncryptionKey grammar
  • DIRKRB-76 - Create the KDC-REQ grammar
  • DIRKRB-77 - Adapt the error messages we use in grammars
  • DIRKRB-78 - Add tests for all the grammars

ApacheDS 2.0.0-M15 released posted on August 18th, 2013

The Apache Directory team is pleased to announce the release of ApacheDS 2.0.0-M15, the fifteenth milestone towards a 2.0 version.

ApacheDS is an extensible and embeddable directory server entirely written in Java, which has been certified LDAPv3 compatible by the Open Group. Besides LDAP it supports Kerberos 5 and the Change Password Protocol. It has been designed to introduce triggers, stored procedures, queues and views to the world of LDAP which has lacked these rich constructs.

Here is the release note for Apache Directory ApacheDS 2.0.0-M15:

Bugs

  • DIRSERVER-1325 - Simple Authentication can not be disabled
  • DIRSERVER-1490 - Not 100% sure, but the DN caches we have in the server might not be updated when doing a Move
  • DIRSERVER-1871 - Logging Not Working in M14
  • DIRSERVER-1872 - The JournalInterceptor is not present in the configuration
  • DIRSERVER-1874 - Persistent search is not considering the scope of the search
  • DIRSERVER-1875 - Persistent search is not filtering the attributes before returning entries
  • DIRSERVER-1879 - Incorrect check on result code done in the PwdModifyResponseImpl constructor
  • DIRSERVER-1880 - ApacheDS failed to start on boot
  • DIRSERVER-1882 - KertabEncoder.write() method should take into account the size of the entries list to determine the buffer size
  • DIRSERVER-1883 - Searching for entries starting at the rootDSE does not work

Improvement

  • DIRSERVER-1049 - [PERF] Speed improvement in Search operation
  • DIRSERVER-1519 - [perf] The MoveAndRename operation is not optimal

Downloads are available here

ApacheDS 2.0.0-M14 released posted on July 1st, 2013

The Apache Directory team is pleased to announce the release of ApacheDS 2.0.0-M14, the fourteenth milestone towards a 2.0 version.

ApacheDS is an extensible and embeddable directory server entirely written in Java, which has been certified LDAPv3 compatible by the Open Group. Besides LDAP it supports Kerberos 5 and the Change Password Protocol. It has been designed to introduce triggers, stored procedures, queues and views to the world of LDAP which has lacked these rich constructs.

This release does not contain any change, but it depends on a new version of the Apache LDAP API, which contains a fix for a critical bug.

This is a critical version, and anyone using 2.0.0-M13 should replace it with this version.

Downloads are available here

ApacheDS 2.0.0-M13 released posted on June 25th, 2013

The Apache Directory team is pleased to announce the release of ApacheDS 2.0.0-M13, the thirteenth milestone towards a 2.0 version.

ApacheDS is an extensible and embeddable directory server entirely written in Java, which has been certified LDAPv3 compatible by the Open Group. Besides LDAP it supports Kerberos 5 and the Change Password Protocol. It has been designed to introduce triggers, stored procedures, queues and views to the world of LDAP which has lacked these rich constructs.

Here is the release note for Apache Directory ApacheDS 2.0.0-M13:

Bugs

  • DIRSERVER-1325 - Simple Authentication can not be disabled
  • DIRSERVER-1490 - Not 100% sure, but the DN caches we have in the server might not be updated when doing a Move
  • DIRSERVER-1491 - Improve schema extractor
  • DIRSERVER-1500 - Error searching children of known element.
  • DIRSERVER-1521 - dc=example,dc=com DIT no longer exists as a default partition (DIT) in 1.5.7?
  • DIRSERVER-1579 - Various problems using moddn operation
  • DIRSERVER-1661 - Kerberos tests not working with JDK 1.6.0_27 and JDK 1.7.0
  • DIRSERVER-1806 - The DelegatedAuthIT test does not test a delegated authentication
  • DIRSERVER-1829 - bug in initializing authenticators for AuthenticatorInterceptor
  • DIRSERVER-1836 - When extedning an interceptor, the operation are executed twice
  • DIRSERVER-1840 - Wrong default duration for ads-repllogmaxidle
  • DIRSERVER-1846 - Configuring SSL/Start TLS keystore does not accept backward slash () in path
  • DIRSERVER-1849 - Invalid prefixes format for password stored using SHA-2 hashing mechanisms (SHA-256, SHA-384, SHA-512)
  • DIRSERVER-1862 - Concurrent searches and adds may break the backend

Improvement

  • DIRSERVER-289 - Configure an optional password message digest algorithm which is applied on userPassword attribute values at add and modify operations.
  • DIRSERVER-1236 - Store an AttributeEntry object in filter's node
  • DIRSERVER-1310 - Improve the way we handle controls encoding/decoding
  • DIRSERVER-1346 - Use ServiceLifecycleListener to avoid having System.out messages for service start/stop events.
  • DIRSERVER-1447 - loadAllEnabled() method is taking way too long
  • DIRSERVER-1489 - Provide access to remote connection info
  • DIRSERVER-1511 - Some operations are present in the Partition interface when they should not
  • DIRSERVER-1617 - Add a feature to support TLS in DelegatingAuthenticator
  • DIRSERVER-1801 - The authenticator cache is invalidated too frequently

New Feature

  • DIRSERVER-275 - Add Support for LDAP Password Modify Extended Operation
  • DIRSERVER-434 - Add Support for Paged Search Results Control
  • DIRSERVER-866 - Initialization with another backend than JDBM for the system partition
  • DIRSERVER-1203 - RFC2307bis Support is missing
  • DIRSERVER-1837 - The DelegatingAuthenticator does not support SSL/StartTLS/SASL

Task

  • DIRSERVER-710 - Exception tree should be reviewed

This is a critical version, and anyone using 2.0.0-M12 should replace it with this version.

Downloads are available here

ApacheDS 2.0.0-M12 released posted on May 2nd, 2013

The Apache Directory team is pleased to announce the release of ApacheDS 2.0.0-M12, the twelwth milestone towards a 2.0 version.

ApacheDS is an extensible and embeddable directory server entirely written in Java, which has been certified LDAPv3 compatible by the Open Group. Besides LDAP it supports Kerberos 5 and the Change Password Protocol. It has been designed to introduce triggers, stored procedures, queues and views to the world of LDAP which has lacked these rich constructs.

Here is the release note for Apache Directory ApacheDS 2.0.0-M12:

Bugs

  • DIRSERVER-1798 - The AdministrativePoint interceptor is always activated, even if it's not part of the config
  • DIRAPI-80] - Cannot issue a direct operation without having connected to the server
  • DIRSERVER-1143 - ldappasswd fails to bind
  • DIRSERVER-1584 - document how to limit the available ciphers for ldaps (how to disable SSL3_RSA_RC4_40_MD5 : SSL_EXPORT SSL3_RSA_DES_40_CBC_SHA)
  • DIRSERVER-1812 - The default admin account should never get locked forever
  • DIRSERVER-1814 - Using anon connection results in UnbindRequestHandler reporting 'LdapNoSuchObjectException: ERR_268 Cannot find a partition for '
  • DIRSERVER-1826 - The ads-pwdFailureCountInterval is not taken into account
  • DIRSERVER-1834 - Broken backend when using AT with no EQUALITY MR

This is a critical version, and anyone using 2.0.0-M11 should replace it with this version.

Downloads are available here

ApacheDS 2.0.0-M11 released posted on March 3rd, 2013

The Apache Directory team is pleased to announce the release of ApacheDS 2.0.0-M11, the eleventh milestone towards a 2.0 version.

ApacheDS is an extensible and embeddable directory server entirely written in Java, which has been certified LDAPv3 compatible by the Open Group. Besides LDAP it supports Kerberos 5 and the Change Password Protocol. It has been designed to introduce triggers, stored procedures, queues and views to the world of LDAP which has lacked these rich constructs.

Here is the release note for Apache Directory ApacheDS 2.0.0-M11:

Bugs

  • DIRSERVER-1281 - StreamCorruptedException after brutal shutdown
  • DIRSERVER-1797 - The AdministrativeRole AT is not indexed, leadings to huge delay when starting the server
  • DIRSERVER-1798 - The AdministrativePoint interceptor is always activated, even if it's not part of the config
  • DIRSERVER-1799 - When deleting values from an existing entry, the presence index might get out of date
  • DIRSERVER-1802 - Disabling an authenticator results in a NPE
  • DIRSERVER-1803 - When the SimpleAuthenticator is disabled, and the auth level is set to SIMPLE, we can bind freely
  • DIRSERVER-1804 - [patch] Fix ApacheDS code to allow control and reduce number of outputted logs
  • DIRSERVER-1805 - The replication janitor thread is not stopped correctly when the server is stopped
  • DIRSERVER-1321 - Clarify relationship between partition.syncOnWrite and apacheDS.syncPeriodMillis configuration attributes
  • DIRSERVER-1322 - Auto inferring context entry
  • DIRSERVER-1808 - We should evaluate the Scope and any other index in a fliter only when the # of candidate is above a threshold
  • DIRKRB-85 - @CreateKdcServer should include searchBaseDn attribute
  • DIRKRB-86 - The Kerberos server badly need some logging...

Note that this is a milestone, and some parts of the API or configuration can change before the 2.0 GA. We don't have any defined time frame for the 2.0-GA release, we do expect to release a few more milestones before reaching the 2.0-GA.

Downloads are available here

ApacheDS 2.0.0-M10 released posted on January 29th, 2013

The Apache Directory team is pleased to announce the release of ApacheDS 2.0.0-M10, the tenth milestone towards a 2.0 version.

ApacheDS is an extensible and embeddable directory server entirely written in Java, which has been certified LDAPv3 compatible by the Open Group. Besides LDAP it supports Kerberos 5 and the Change Password Protocol. It has been designed to introduce triggers, stored procedures, queues and views to the world of LDAP which has lacked these rich constructs.

Here is the release note for Apache Directory ApacheDS 2.0.0-M10:

Bugs

  • DIRSERVER-1704 - Inconistency in Master-Slave Replication
  • DIRSERVER-1740 - REPLICATION data loss
  • DIRSERVER-1772 - Improve the replication logs
  • DIRSERVER-1788 - ConfigurationReader fails to correctly read byte[] values
  • DIRSERVER-1789 - Changes to an existing replication consumer may not be taken into account
  • DIRSERVER-1790 - When we restart the server, some user index are lost
  • DIRSERVER-1791 - Interrupting a search on the client side cause the connection to be closed by the server
  • DIRSERVER-1792 - Replication and Modification of ACIs

Note that this is a milestone, and some parts of the API or configuration can change before the 2.0 GA. We don't have any defined time frame for the 2.0-GA release, we do expect to release a few more milestones before reaching the 2.0-GA.

Downloads are available here

ApacheDS 2.0.0-M8 released posted on October 12th, 2012

The Apache Directory team is pleased to announce the release of ApacheDS 2.0.0-M8, the eigth milestone towards a 2.0 version.

ApacheDS is an extensible and embeddable directory server entirely written in Java, which has been certified LDAPv3 compatible by the Open Group. Besides LDAP it supports Kerberos 5 and the Change Password Protocol. It has been designed to introduce triggers, stored procedures, queues and views to the world of LDAP which has lacked these rich constructs.

Here is the release note for Apache Directory ApacheDS 2.0.0-M8:

Bugs

  • DIRSERVER-1458 - Cursor API generic usage is totally wrong
  • DIRSERVER-1624 - Index are not created when added after the server has been started
  • DIRSERVER-1655 - Possible incorrect insertion of modifications in the consumer log
  • DIRSERVER-1659 - the apacheds.sh/bat files contains a hard coded revision. This is not good
  • DIRSERVER-1663 - NPE when doing add/delete and search at the same time on the same entries
  • DIRSERVER-1677 - Dependencies cleanup
  • DIRSERVER-1689 - testNoSearchByNonAdmin does not throw an LdapNoPermissionException, as expected
  • DIRSERVER-1706 - be sure we close the cursors when the session expires and if we have paged searches or persistent search going on
  • DIRSERVER-1709 - Adding an index does not create the index if the server is already started
  • DIRSERVER-1710 - The memory default (128M) is not enouh in most case
  • DIRSERVER-1715 - Implement backward browse for DescendantCursor and ChildrenCursor
  • DIRSERVER-1718 - Problems when adding a schema containing one or more uppercased letters
  • DIRSERVER-1722 - The PagedSearchIT.testPagedSearchWrongCookie() test blocks randomly the build
  • DIRSERVER-1723 - Potential LRUCache exhaustion with searches
  • DIRSERVER-1726 - DefaultPasswordValidator always throws PasswordPolicyException when consecutive non-letter chars are in RDN
  • DIRSERVER-1727 - LDAP Searches against boolean attributes with booleanMatch equality never return matches
  • DIRSERVER-1732 - ERR_04131 The value is expected to be a String
  • DIRSERVER-1735](https://issues.apache.org/jira/browse/DIRSERVER-1735) - When ads-pwdmaxage attribute is set to more then 2147483, then all user passwords are expirer forever.
  • DIRSERVER-1737 - ApacheDS should be able to start even when one of its indexed attributes can't be found in the schema manager
  • DIRSERVER-1738 - Can't restart ApacheDS after setting a value superior to Integer.MAX_VALUE in an AT with Integer syntax
  • DIRSERVER-1739 - LDAP Searches Slow
  • DIRSERVER-1744 - Compex LDAP search filters returning unmatched objects
  • DIRSERVER-1747 - Presence index is not up to date when the server is started
  • DIRSERVER-1748 - EqualityEvaluator does not work correctly

Note that this is a milestone, and some parts of the API or configuration can change before the 2.0 GA. We don't have any defined time frame for the 2.0-GA release, we do expect to release a few more milestones before reaching the 2.0-GA.

Downloads are available here

ApacheDS 2.0.0-M7 released posted on May 21st, 2012

The Apache Directory team is pleased to announce the release of ApacheDS 2.0.0-M7, the seventh milestone towards a 2.0 version.

ApacheDS is an extensible and embeddable directory server entirely written in Java, which has been certified LDAPv3 compatible by the Open Group. Besides LDAP it supports Kerberos 5 and the Change Password Protocol. It has been designed to introduce triggers, stored procedures, queues and views to the world of LDAP which has lacked these rich constructs.

Here is the release note for Apache Directory ApacheDS 2.0.0-M7:

Bugs

  • DIRSERVER-1093 - the ResourceRecordEncoder and QuestionRecordEncoder have bug for empty domainName
  • DIRSERVER-1697 - Creation of new syntax fails due to ERR_277 Attribute m-obsolete not declared in objectClasses of entry
  • DIRSERVER-1698 - Search on entries with multiple AVA in RDN does not work correctly if the initial RDN order is not used
  • DIRSERVER-1702 - Adding an index through annotation does not work
  • DIRSERVER-1712 - If the index are created using their alias, they are deleted immediately
  • DIRSERVER-1711 - Index initialization is taking way too much time
  • DIRSERVER-1713 - Error on console with first start of clean system

Note that this is a milestone, and some parts of the API or configuration can change before the 2.0 GA. We don't have any defined time frame for the 2.0-GA release, we do expect to release a few more milestones before reaching the 2.0-GA.

Downloads are available here

ApacheDS 2.0.0-M6 released posted on February 29th, 2012

The Apache Directory team is pleased to announce the release of ApacheDS 2.0.0-M6, the sixth milestone towards a 2.0 version.

ApacheDS is an extensible and embeddable directory server entirely written in Java, which has been certified LDAPv3 compatible by the Open Group. Besides LDAP it supports Kerberos 5 and the Change Password Protocol. It has been designed to introduce triggers, stored procedures, queues and views to the world of LDAP which has lacked these rich constructs.

Here is the release note for Apache Directory ApacheDS 2.0.0-M6:

Bugs

  • DIRSERVER-1644 - User provided value is not retained during rename operation
  • DIRSERVER-1681 - adding entries with attribute userCertificate;binary fails with "No such attribute"
  • DIRSERVER-1692 - Unable to add a JPEG image to an entry due to an 'Invalid Attribute Syntax' error
  • DIRSERVER-1693 - Renaming an entry when the RDN uses a case insensitive AT should be possible
  • DIRSERVER-1694 - Renaming an existing entry with a DN containing upper cased chars will not store the CN as provided
  • DIRSERVER-1696 - Creation of an entry like cn=test1+cn=test2, ou=system should not be allowed
  • DIRSERVER-1699 - DN/RDN handling is incorrect when there are some escaped values into them
  • DIRSERVER-1700 - Version in Root DSE is reported as '$pom.version'

Note that this is a milestone, and some parts of the API or configuration can change before the 2.0 GA. We don't have any defined time frame for the 2.0-GA release, we do expect to release a few more milestones before reaching the 2.0-GA.

Downloads are available here