Tuesday May 08, 2007
Tuesday May 08, 2007 OpenDS 0.8 Is Now Available
OpenDS has been public for about nine months now, and for all of that time we have tagged it with a 0.1. With our latest build, we're bumping it up to 0.8. In a few months, we'll go to 0.9, and then 1.0 a couple after that.The easiest way to get OpenDS 0.8 is to use our Java Web Start installer (read more about it at https://www.opends.org/wiki/page/OverviewOfTheQuickSetupTool). Alternately, you can download the full server zip file at https://opends.dev.java.net/files/documents/4926/57426/OpenDS-0.8.zip. We also have a DSML gateway available as a WAR file at https://opends.dev.java.net/files/documents/4926/57427/OpenDS-0.8-DSML.war.
If you haven't looked at OpenDS recently, here are some of the things we've added in the last few months:
- We have added support for updating the schema with the server online. You can do this using modify operations, or using an "add schema file" task to add a new schema file. The schema file structure will be preserved, even when schema changes are replicated between servers.
- We have added support for subordinate attribute types. Specifying a superior attribute will target all of its subordinate types (e.g., referencing attribute "name", will include attributes like cn, sn, givenName, initials, c, l, st, o, ou, title, and generationQualifier).
- We have added a lastmod plugin that maintains the creatorsName, createTimestamp, modifiersName, and modifyTimestamp attributes.
- We have implemented a DSEE-compatible access control handler. This uses the aci attribute with a syntax that is handled like that in the Sun Java System Directory Server. See Managing Access Control for information on OpenDS support for access control.
- We have implemented a privileges subsystem to make it possible to configure capabilities on a fine-grained level. You can use this to remove privileges from root users, or grant additional privileges to non-root users. See Root Users and Privileges for more information.
- We have added support for the proxied authorization control, which makes it possible to perform an operation as one user while authenticated as another. We have also added support for using an alternate authorization identity when using SASL DIGEST-MD5 or PLAIN mechanisms.
- We have added support for the get effective rights control, which can be used to determine what rights a user has for a particular entry.
- We have added support for the server-side sort control, which can be used to sort entries before returning them to the client. We have also added support for the virtual list view control, which can be used in conjunction with the server-side sort control to retrieve the result set in pages rather than all at once.
- We have added support for rejecting requests from unauthenticated clients. When operating in this mode, the server will require that clients authenticate before requesting any operations other than bind and StartTLS.
- We have added support for groups. This includes static groups (both groupOfNames and groupOfUniqueNames variants) and dynamic groups (based on groupOfURLs). We have also added support for virtual static groups, which makes it possible to mirror a dynamic group as a static group.
- We have improved support for SSL and StartTLS, including making it possible to configure them through the QuickSetup utility, and providing the ability to use different certificates for different listeners. We have added a number of new certificate mappers that can be used to map a certificate to a user entry when performing SASL EXTERNAL authentication.
- We have added a number of password validators to the server. One looks at how similar the new password is to the user's current password. One looks at whether the new password matches the value of other attributes in the user entry. One looks at whether the new password matches a value in a dictionary. One looks at the sets of characters included in the new password. One looks at the number of unique characters in the password. One looks at whether there are strings of repeated characters in the password.
- We have implemented support for the CRYPT password storage scheme, which may be needed by some UNIX clients to use the OpenDS for authenticating users.
- We have added a virtual attribute subsystem, including implementing support for the standard entryDN and subschemaSubentry attributes. We also have added support for isMemberOf, which will include the DNs of all groups in which the associated user is a member. We also have support for user-defined virtual attributes, much like the Class of Service functionality in the Sun Java System Directory Server.
- We have added support for rebuilding indexes, both as an offline operation or with the server online using the tasks interface.
- We have improved support for configuration archiving in the server, so that it includes changes made with the server offline. We have also implemented a mechanism for detecting external changes to the configuration file with the server online.
- We have improved support for Windows systems, including the ability to run as a service.
Comments:
Post a Comment:
Comments are closed for this entry.
| Archives | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Language | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Links | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Referrers | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Today's Page Hits: 33 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||