lldap/lldap (ghcr.io/lldap/lldap)
### [`v2024-11-09`](https://redirect.github.com/lldap/lldap/blob/HEAD/CHANGELOG.md#060-2024-11-09)
##### Breaking
- The endpoint `/auth/reset/step1` is now `POST` instead of `GET` ([#704](https://redirect.github.com/lldap/lldap/issues/704))
##### Added
- Custom attributes are now supported ([#67](https://redirect.github.com/lldap/lldap/issues/67)) ! You can add new fields (string, integers, JPEG or dates) to users and query them. That unlocks many integrations with other services, and allows for a deeper/more customized integration. Special thanks to [@pixelrazor](https://redirect.github.com/pixelrazor) and [@bojidar-bg](https://redirect.github.com/bojidar-bg) for their help with the UI.
- Custom object classes (for all users/groups) can now be added ([#833](https://redirect.github.com/lldap/lldap/issues/833))
- Barebones support for Paged Results Control (no paging, no respect for windows, but a correct response with all the results) ([#698](https://redirect.github.com/lldap/lldap/issues/698))
- A daily docker image is tagged and released. ([#613](https://redirect.github.com/lldap/lldap/issues/613))
- A bootstrap script allows reading the list of users/groups from a file and making sure the server contains exactly the same thing. ([#654](https://redirect.github.com/lldap/lldap/issues/654))
- Make it possible to serve lldap behind a sub-path in ([#752](https://redirect.github.com/lldap/lldap/issues/752))
- LLDAP can now be found on a custom package repository for opensuse, fedora, ubuntu, debian and centos ([Repository link](https://software.opensuse.org//download.html?project=home%3AMasgalor%3ALLDAP\&package=lldap)). Thanks [@Masgalor](https://redirect.github.com/Masgalor) for setting it up and maintaining it.
- There's now an option to force reset the admin password ([#748](https://redirect.github.com/lldap/lldap/issues/748)) optionally on every restart ([#959](https://redirect.github.com/lldap/lldap/issues/959))
- There's a rootless docker container ([#755](https://redirect.github.com/lldap/lldap/issues/755))
- entryDN is now supported ([#780](https://redirect.github.com/lldap/lldap/issues/780))
- Unknown LDAP controls are now detected and ignored ([#787](https://redirect.github.com/lldap/lldap/issues/787), [#799](https://redirect.github.com/lldap/lldap/issues/799))
- A community-developed CLI for scripting ([#793](https://redirect.github.com/lldap/lldap/issues/793))
- Added a way to print raw logs to debug long-running sessions ([#992](https://redirect.github.com/lldap/lldap/issues/992))
##### Changed
- The official docker repository is now `lldap/lldap`
- Removed password length limitation in lldap_set_password tool
- Group names and emails are now case insensitive, but keep their casing ([#666](https://redirect.github.com/lldap/lldap/issues/666))
- Better error messages (and exit code ([#745](https://redirect.github.com/lldap/lldap/issues/745))) when changing the private key ([#778](https://redirect.github.com/lldap/lldap/issues/778), [#1008](https://redirect.github.com/lldap/lldap/issues/1008)), using the wrong SMTP port ([#970](https://redirect.github.com/lldap/lldap/issues/970)), using the wrong env variables ([#972](https://redirect.github.com/lldap/lldap/issues/972))
- Allow `member=` filters with plain user names (not full DNs) ([#949](https://redirect.github.com/lldap/lldap/issues/949))
- Correctly detect and refuse anonymous binds ([#974](https://redirect.github.com/lldap/lldap/issues/974))
- Clearer logging ([#971](https://redirect.github.com/lldap/lldap/issues/971), [#981](https://redirect.github.com/lldap/lldap/issues/981), [#982](https://redirect.github.com/lldap/lldap/issues/982))
##### Fixed
- Logging out applies globally, not just in the local browser. ([#721](https://redirect.github.com/lldap/lldap/issues/721))
- It's no longer possible to create the same user twice ([#745](https://redirect.github.com/lldap/lldap/issues/745))
- Fix wide substring filters ([#738](https://redirect.github.com/lldap/lldap/issues/738))
- Don't log the database password if provided in the connection URL ([#735](https://redirect.github.com/lldap/lldap/issues/735))
- Fix a panic when postgres uses a different collation ([#821](https://redirect.github.com/lldap/lldap/issues/821))
- The UI now defaults to the user ID for users with no display names ([#843](https://redirect.github.com/lldap/lldap/issues/843))
- Fix searching for users with more than one `memberOf` filter ([#872](https://redirect.github.com/lldap/lldap/issues/872))
- Fix compilation on Windows ([#932](https://redirect.github.com/lldap/lldap/issues/932)) and Illumos ([#964](https://redirect.github.com/lldap/lldap/issues/964))
- The UI now correctly detects whether password resets are enabled. ([#753](https://redirect.github.com/lldap/lldap/issues/753))
- Fix a missing lowercasing of username when changing passwords through LDAP ([#1012](https://redirect.github.com/lldap/lldap/issues/1012))
- Fix SQLite writers erroring when racing ([#1021](https://redirect.github.com/lldap/lldap/issues/1021))
- LDAP sessions no longer buffer their logs until unbind, causing memory leaks ([#1025](https://redirect.github.com/lldap/lldap/issues/1025))
##### Performance
- Only expand attributes once per query, not per result ([#687](https://redirect.github.com/lldap/lldap/issues/687))
##### Security
- When asked to send a password reset to an unknown email, sleep for 3 seconds and don't print the email in the error ([#887](https://redirect.github.com/lldap/lldap/issues/887))
##### New services
Linux user accounts can now be managed by LLDAP, using PAM and nslcd.
- Apereo CAS server
- Carpal
- Gitlab
- Grocy
- Harbor
- Home Assistant
- Jenkins
- Kasm
- Maddy
- Mastodon
- Metabase
- MegaRAC-BMC
- Netbox
- OCIS
- Prosody
- Radicale
- SonarQube
- Traccar
- Zitadel
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR contains the following updates:
2024-11-04-debian-rootless->2024-11-17-debian-rootlessRelease Notes
lldap/lldap (ghcr.io/lldap/lldap)
### [`v2024-11-09`](https://redirect.github.com/lldap/lldap/blob/HEAD/CHANGELOG.md#060-2024-11-09) ##### Breaking - The endpoint `/auth/reset/step1` is now `POST` instead of `GET` ([#704](https://redirect.github.com/lldap/lldap/issues/704)) ##### Added - Custom attributes are now supported ([#67](https://redirect.github.com/lldap/lldap/issues/67)) ! You can add new fields (string, integers, JPEG or dates) to users and query them. That unlocks many integrations with other services, and allows for a deeper/more customized integration. Special thanks to [@pixelrazor](https://redirect.github.com/pixelrazor) and [@bojidar-bg](https://redirect.github.com/bojidar-bg) for their help with the UI. - Custom object classes (for all users/groups) can now be added ([#833](https://redirect.github.com/lldap/lldap/issues/833)) - Barebones support for Paged Results Control (no paging, no respect for windows, but a correct response with all the results) ([#698](https://redirect.github.com/lldap/lldap/issues/698)) - A daily docker image is tagged and released. ([#613](https://redirect.github.com/lldap/lldap/issues/613)) - A bootstrap script allows reading the list of users/groups from a file and making sure the server contains exactly the same thing. ([#654](https://redirect.github.com/lldap/lldap/issues/654)) - Make it possible to serve lldap behind a sub-path in ([#752](https://redirect.github.com/lldap/lldap/issues/752)) - LLDAP can now be found on a custom package repository for opensuse, fedora, ubuntu, debian and centos ([Repository link](https://software.opensuse.org//download.html?project=home%3AMasgalor%3ALLDAP\&package=lldap)). Thanks [@Masgalor](https://redirect.github.com/Masgalor) for setting it up and maintaining it. - There's now an option to force reset the admin password ([#748](https://redirect.github.com/lldap/lldap/issues/748)) optionally on every restart ([#959](https://redirect.github.com/lldap/lldap/issues/959)) - There's a rootless docker container ([#755](https://redirect.github.com/lldap/lldap/issues/755)) - entryDN is now supported ([#780](https://redirect.github.com/lldap/lldap/issues/780)) - Unknown LDAP controls are now detected and ignored ([#787](https://redirect.github.com/lldap/lldap/issues/787), [#799](https://redirect.github.com/lldap/lldap/issues/799)) - A community-developed CLI for scripting ([#793](https://redirect.github.com/lldap/lldap/issues/793)) - Added a way to print raw logs to debug long-running sessions ([#992](https://redirect.github.com/lldap/lldap/issues/992)) ##### Changed - The official docker repository is now `lldap/lldap` - Removed password length limitation in lldap_set_password tool - Group names and emails are now case insensitive, but keep their casing ([#666](https://redirect.github.com/lldap/lldap/issues/666)) - Better error messages (and exit code ([#745](https://redirect.github.com/lldap/lldap/issues/745))) when changing the private key ([#778](https://redirect.github.com/lldap/lldap/issues/778), [#1008](https://redirect.github.com/lldap/lldap/issues/1008)), using the wrong SMTP port ([#970](https://redirect.github.com/lldap/lldap/issues/970)), using the wrong env variables ([#972](https://redirect.github.com/lldap/lldap/issues/972)) - Allow `member=` filters with plain user names (not full DNs) ([#949](https://redirect.github.com/lldap/lldap/issues/949)) - Correctly detect and refuse anonymous binds ([#974](https://redirect.github.com/lldap/lldap/issues/974)) - Clearer logging ([#971](https://redirect.github.com/lldap/lldap/issues/971), [#981](https://redirect.github.com/lldap/lldap/issues/981), [#982](https://redirect.github.com/lldap/lldap/issues/982)) ##### Fixed - Logging out applies globally, not just in the local browser. ([#721](https://redirect.github.com/lldap/lldap/issues/721)) - It's no longer possible to create the same user twice ([#745](https://redirect.github.com/lldap/lldap/issues/745)) - Fix wide substring filters ([#738](https://redirect.github.com/lldap/lldap/issues/738)) - Don't log the database password if provided in the connection URL ([#735](https://redirect.github.com/lldap/lldap/issues/735)) - Fix a panic when postgres uses a different collation ([#821](https://redirect.github.com/lldap/lldap/issues/821)) - The UI now defaults to the user ID for users with no display names ([#843](https://redirect.github.com/lldap/lldap/issues/843)) - Fix searching for users with more than one `memberOf` filter ([#872](https://redirect.github.com/lldap/lldap/issues/872)) - Fix compilation on Windows ([#932](https://redirect.github.com/lldap/lldap/issues/932)) and Illumos ([#964](https://redirect.github.com/lldap/lldap/issues/964)) - The UI now correctly detects whether password resets are enabled. ([#753](https://redirect.github.com/lldap/lldap/issues/753)) - Fix a missing lowercasing of username when changing passwords through LDAP ([#1012](https://redirect.github.com/lldap/lldap/issues/1012)) - Fix SQLite writers erroring when racing ([#1021](https://redirect.github.com/lldap/lldap/issues/1021)) - LDAP sessions no longer buffer their logs until unbind, causing memory leaks ([#1025](https://redirect.github.com/lldap/lldap/issues/1025)) ##### Performance - Only expand attributes once per query, not per result ([#687](https://redirect.github.com/lldap/lldap/issues/687)) ##### Security - When asked to send a password reset to an unknown email, sleep for 3 seconds and don't print the email in the error ([#887](https://redirect.github.com/lldap/lldap/issues/887)) ##### New services Linux user accounts can now be managed by LLDAP, using PAM and nslcd. - Apereo CAS server - Carpal - Gitlab - Grocy - Harbor - Home Assistant - Jenkins - Kasm - Maddy - Mastodon - Metabase - MegaRAC-BMC - Netbox - OCIS - Prosody - Radicale - SonarQube - Traccar - ZitadelConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.