@Yvand Yvand released this Aug 30, 2018

Assets 5

LDAPCP v11 enhancements & bug-fixes

  • Fixed no result returned under high load, caused by a thread safety issue where the same filter was used in all threads regardless of the actual input
  • Fixed the augmentation that randomly failed under high load, caused by a thread safety issue on list ILDAPCPConfiguration.LDAPConnectionsProp
  • Added handling of special characters for LDAP filters as documented in https://ldap.com/ldap-filters/
  • Added the first nae (givenName) in the list of attributes queried by default
  • Improved validation of changes made to ClaimTypes collection
  • Added method ClaimTypeConfigCollection.GetByClaimType()
  • Implemented unit tests
  • Explicitely encode HTML messages shown in admin pages and renderred from server side code to comply with tools scanning code to detect security vulnerabilities
  • Deactivating farm-scoped feature "LDAPCP" removes the claims provider from the farm, but it does not delete its configuration anymore. Configuration is now deleted when feature is uninstalled (typically when retracting the solution)
  • Added user identifier properties in global configuration page
Jul 31, 2018
Improved checks made to ClaimTypeConfigCollection and unit tests

@Yvand Yvand released this Jun 12, 2018 · 1 commit to 152abef05330b122d5df65c5768a22209783eb6d since this release

Assets 5

About this release

This release introduces a lot of changes and improvements.

Important: This version has breaking changes, please check this page if you update from an earlier version.


  • LDAPCP can be entirely configured with PowerShell, including claim types configuration
  • LDAPCP administration pages were updated to be easier to udnerstand, especially the page that configures claim types.
  • LDAPCP administration pages can now be easily reused by developers.
  • Augmentation can now handle multiple group claim types, and uses the credentials set when LDAP connection was added.
  • Number of results returned by LDAP servers is now limited to improve performance of LDAP servers.
  • Logging is more relevant and generates less messages.
  • Beaking change: Due to the amount of changes in this area, the claim types configuration will be reset if you update from an earlier version.
  • Many bug fixes and optimizations

@Yvand Yvand released this Oct 10, 2017 · 2 commits to master since this release

Assets 5
  • Fixed issue #22: Improve augmentation when identity claim type is email and users are in AD

@Yvand Yvand released this Sep 1, 2017 · 3 commits to master since this release

Assets 5
  • Fixed issue #16: Check if identity attribute exists on each result returned by LDAP to avoid an ArgumentOutOfRangeException exception.
  • Reduced logging level from medium to verbose on message informing that a user key was returned.

@Yvand Yvand released this Jun 27, 2017 · 8 commits to master since this release

Assets 5

New release v2017-06 (#9)

  • Added ability to make augmentation on non Active Directory LDAP servers. There are now 2 ways:
    • Call .NET method UserPrincipal.GetAuthorizationGroups (works only with AD).
    • Read LDAP attribute memberOf/uniquememberof of the user, which should work with all LDAP servers (new method introduced in this release).
  • Updated LDAPCP configuration page to let administrators choose either way to perform augmentation, individually per LDAP server.
  • Improved logging to reduce amount of messages generated while providing more information, such as the time spent by LDAP server(s) to run the query

@Yvand Yvand released this Jul 11, 2016 · 25 commits to master since this release

Assets 4

What's new

  • Improved augmentation