Be notified of new releases
Create your free GitHub account today to subscribe to this repository for new releases and build software alongside 28 million developers.Sign up
LDAPCP v11 enhancements & bug-fixes
- Fixed no result returned under high load, caused by a thread safety issue where the same filter was used in all threads regardless of the actual input
- Fixed the augmentation that randomly failed under high load, caused by a thread safety issue on list ILDAPCPConfiguration.LDAPConnectionsProp
- Added handling of special characters for LDAP filters as documented in https://ldap.com/ldap-filters/
- Added the first nae (givenName) in the list of attributes queried by default
- Improved validation of changes made to ClaimTypes collection
- Added method ClaimTypeConfigCollection.GetByClaimType()
- Implemented unit tests
- Explicitely encode HTML messages shown in admin pages and renderred from server side code to comply with tools scanning code to detect security vulnerabilities
- Deactivating farm-scoped feature "LDAPCP" removes the claims provider from the farm, but it does not delete its configuration anymore. Configuration is now deleted when feature is uninstalled (typically when retracting the solution)
- Added user identifier properties in global configuration page
About this release
This release introduces a lot of changes and improvements.
Important: This version has breaking changes, please check this page if you update from an earlier version.
- LDAPCP can be entirely configured with PowerShell, including claim types configuration
- LDAPCP administration pages were updated to be easier to udnerstand, especially the page that configures claim types.
- LDAPCP administration pages can now be easily reused by developers.
- Augmentation can now handle multiple group claim types, and uses the credentials set when LDAP connection was added.
- Number of results returned by LDAP servers is now limited to improve performance of LDAP servers.
- Logging is more relevant and generates less messages.
- Beaking change: Due to the amount of changes in this area, the claim types configuration will be reset if you update from an earlier version.
- Many bug fixes and optimizations
- Fixed issue #22: Improve augmentation when identity claim type is email and users are in AD
- Fixed issue #16: Check if identity attribute exists on each result returned by LDAP to avoid an ArgumentOutOfRangeException exception.
- Reduced logging level from medium to verbose on message informing that a user key was returned.
New release v2017-06 (#9)
- Added ability to make augmentation on non Active Directory LDAP servers. There are now 2 ways:
- Call .NET method UserPrincipal.GetAuthorizationGroups (works only with AD).
- Read LDAP attribute memberOf/uniquememberof of the user, which should work with all LDAP servers (new method introduced in this release).
- Updated LDAPCP configuration page to let administrators choose either way to perform augmentation, individually per LDAP server.
- Improved logging to reduce amount of messages generated while providing more information, such as the time spent by LDAP server(s) to run the query