1.0|
0.16.x|
0.15.x|
0.14.x|
0.13.x|
0.12.x|
0.11.x|
0.10.x|
0.9.x|
0.8.x|
0.7.x|
Ancient|
Overview
Release Date: 2008-08-03
-
Security fix! Redirects to arbitrary URLs are only allowed with valid session ID.
-
plug-in class DynamicValueSelectList now also reads a simple
select list from a multi-valued attribute of a certain entry (when search scope
in LDAP URL is base).
-
Detected browser class and browser version and HTTP header User-Agent
are displayed in [ConnInfo] now.
-
plug-in class BitArrayInteger now displays a multi-line
input field for each bits. This is more handy for manipulating the single bits
like in MS AD's attribute userAccountControl.
-
Fixed displaying the value for binary fields (e.g. OctetString) when
outputting a hidden field (disabled input field).
Release Date: 2008-07-26
-
Fixed error handling for objectClassViolation when adding a new entry.
-
Added doc page about improving usability by configuration.
-
Improved docs.
-
Schema browser now accepts semicolon subtype in form parameter oid.
Release Date: 2008-07-17
Release Date: 2008-07-15
-
Fixed a regression in [Password] (module w2lapp.passwd)
when the entry's DN contains NON-ASCII chars.
Release Date: 2008-07-15
-
Fixed changing the password in MS AD (attribute unicodePwd).
-
Fixed more regressions in [Password] (module w2lapp.passwd).
Release Date: 2008-07-14
-
Changed the internal setting of TLS options: If OpenLDAP libs 2.4 or newer are
detected the TLS options are only set for the current connection.
-
Fixed a regression in [Password] (module w2lapp.passwd).
Release Date: 2008-07-14
-
Certificates and CRLs are automagically converted from ASCII-armored
format (often called PEM) to binary DER format if needed before being added
to attributes of syntax Certificate or CertificateRevocationList.
-
The DN portion of DynamicValueSelectList.ldap_url has the following
special values (placeholders) now for defining the search DN based on the current
DN of the entry:
_ | underscore | use the best matching naming context |
. | single dot | use current DN |
.. | two dots | use parent DN |
-
Added simple Select-based plug-in class for
attribute type pwdAttribute.
-
New features if
Python Imaging Library (PIL)
is (optionally) installed:
-
Images are now automagically converted to JPEG format for attributes of
syntax JPEGImage (e.g. attribute jpegPhoto).
-
Attributes width and height always set for <img> tag.
-
width and height set to maximum values keeping
the original aspect ratio of the image.
-
Changes when setting passwords:
-
Support for Password Modify Extended Operation for server-side password setting
(see RFC 3062).
-
Generated salts for client-hashed password are eight bytes long.
-
New global configuration parameter
session_paranoid
enables generating a new session ID for each hit. While slighty more secure this makes
the browser's back button unusable though.
Release Date: 2008-07-11
-
When displaying search results the title attributes of
links contain multiple lines now.
-
Select list of LDIF templates only displayed when adding new entries.
-
Multiple lines for syntax Postal Address are joined with " $ " instead
of "$". Whitespaces are stripped from begin and end of the lines.
-
All attributes declared with NO-USER-MODIFICATION set are silently ignored
when modifying entries even if provided in user input.
-
Fixed handling of NON-ASCII chars in multi-line text input fields
(e.g. for attribute postalAddress).
-
Fixed handling of delta-modification in case an attribute having no EQUALITY
matching rule defined for it.
Release Date: 2008-07-11
-
When adding an entry an exception ldap.UNWILLING_TO_PERFORM
also leads to the input form for modifying entry data.
-
When re-displaying the entry input form in case of an error
binary attribute are dropped since at the moment there is no appropriate
way to deal with them in hidden input fields.
-
Improved object class selection form:
-
A select list for object classes without kind ("Misc.") is only displayed if needed.
-
To save space the LDIF template list is now added as a select input field
of the object class selection form. This also makes it possible to select
a different input form type when using LDIF templates.
-
All input fields have a title attribute now.
-
Descriptions of input fields have <label for="id"> now.
Release Date: 2008-07-10
-
In case of an attribute having an EQUALITY matching rule defined
which is not implemented (announced in subschema) the
delta-modification now deletes the whole attribute value.
E.g. this avoids problems with attribute postalAddress on OpenLDAP.
Release Date: 2008-07-07
-
Support for name forms when adding new entries:
If name forms are associated with the structural object class of
the new entry to be added then a select list of all possible name forms
is displayed.
-
New base class MultilineText for implementing attribute plug-in classes
for multi-line text fields.
-
A multi-line text field is displayed as input field for attributes
of syntax postal address (1.3.6.1.4.1.1466.115.121.1.41).
-
New plug-in module for LDAP-based PGP key servers.
Release Date: 2008-06-30
Release Date: 2008-06-27
-
Better handling of multi-valued RDN when adding a new entry:
-
Auto-completion with attribute values from the input entry.
-
Attributes passed in with the RDN
are automatically added to the entry if attribute is completely absent.
-
Graceful handling for absent schema element referenced with key-word SUP.
-
If using a non-DN name for a simple bind without a filter-template
for searching the user entry then the user entry is searched
after successful bind with the user's rights. This is handy e.g. when using
userPrincipalName for simple bind with MS AD.
-
If search root used for searching a user entry is empty then
defaultNamingContext from rootDSE is used as search root
if present.
-
New AD-specific plug-in classes for domainControllerFunctionality,
domainFunctionality and forestFunctionality.
-
Code cleaning in schema viewer and added a work-around for buggy
class ldap.schema.models.NameForm in older versions of python-ldap.
Release Date: 2008-06-22
-
If the LDAP server returns strange empty lists as attribute value lists
(e.g. OpenDS does this for attribute isMemberOf)
then these are ignored when modifying an entry.
-
Also in case of an attribute getting completely deleted the
delta-modification now explicitly deletes the old attribute values if an
EQUALITY matching rule is defined in subschema for the attribute type.
Release Date: 2008-06-18
-
Delta-modification now explicitly deletes the old attribute values if an
EQUALITY matching rule is defined in subschema for the attribute type.
This is an additional cross-check to detect whether the entry to be modified
was removed or changed in between.
-
Simplified referral chasing: The DN is simply extracted from referral URL
(in compliance with the note in RFC 3296
about empty referral DN).
Release Date: 2008-06-16
-
Fixed a regression when enabling tree delete control for recursive tree deletion.
-
An assertion filter is passed along in form parameter in_assertion
from the input form to the modify page which is used to cross-check
whether the entry to be modified was removed or changed in between.
Still this is not using the assertion control. But it's safer than before.
Release Date: 2008-06-14
-
Fixed a regression when adding entries.
Release Date: 2008-06-14
-
HTTP header Cache-Control is set very strictly for every HTTP response
(e.g. also when producing LDIF and vCard exports and display single binary
attributes like jpegPhoto).
-
Some socket exceptions are now correctly ignored.
These are typically caused by a user getting impatient
and the connection to the browser gets lost.
Examples:
-
error: (104, 'Connection reset by peer')
-
error: (32, 'Broken pipe')
-
Attribute auditContext is now correctly handled:
-
Additional menu items in the context menu for searching
the complete or the write audit trail for the single entry displayed.
-
When displaying the attribute auditContext itself
the plug-in class now links to complete or write audit trail
for current database.
-
[ConnInfo] also displays link into audit database.
-
Added new plug-in class for attribute type administrativeRole
(see also RFC 3672).
-
Deprecation warnings under Python 2.6 for modules md5 and sha
are avoided by trying an import of module hashlib first.
-
Syntax checking for LDAP syntax Numeric String was relaxed
to also accept space characters (see also section 3.3.23
RFC 4517).
-
Renamed plug-in module for RFC 2307
schema elements from posixaccount to nis.
-
T.61 related codec modules are now correctly registered and used
when displaying certificates and CRLs.
-
Again the entry input form handling and delta-modification was partially rewritten.
This should fix several issues in former releases.
Release Date: 2008-02-29
-
Added new plug-in classes for attribute types:
-
dateOfBirth defined for object class msPerson
(see also schema file).
-
pwdPolicySubentry
-
If self.maxLen is set for a syntax handler class then the
HTML attribute maxLen of the input field is set to the
minimum of self.maxLen and 50.
-
Improved plug-in base class DynamicDNSelectList:
If the DN portion in the LDAP URL (see class attribute ldap_url)
is a single dot then the naming context of the current DN is used when searching
possible attribute value/description pairs for the select list.
-
Fixed/improved schema browser:
-
Added link to OID registry at oid-info.com.
-
Fixed listing the referencing attribute types when displaying
a matching rule.
-
Added listing the referencing matching rules when displaying
a LDAP syntax.
Release Date: 2008-02-14
-
Fixed a regression in plug-in module for MS AD.
-
Fixed a regression in and slightly improved plug-in class for attribute
auditContext.
Release Date: 2007-12-09
-
Fixed a regression in exporting printable output of search result list.
Release Date: 2007-10-17
-
Fixed passing around attribute values of syntax OctetString
as hidden parameters in template-based input form.
-
Fixed displaying the LDIF after a successful modify if the DN contains
NON-ASCII characters.
Release Date: 2007-10-07
-
Fixed displaying the search results as a raw list of DNs.
Release Date: 2007-09-21
-
Fixed handling of host-specific parameter
search_tdtemplate
when displaying search result list.
Release Date: 2007-09-17
-
Import of ldap.sasl not mandantory anymore.
-
New form parameter groupadm_view for command groupadm
enables the use to choose which group entris to list
in the group list legend.
-
Invalid DN given in a LDAP URL is caught as exception.
-
Leading zeros in user input are stripped for attribute values of
LDAP syntax Integer.
-
Changes in the plug-in class API now allows full access to subschema information
and LDAP connection objects within a plug-in class.
-
New base plug-in classes DynamicValuesSelectList and DynamicDNSelectList
for dynamically searching
<option> values/texts for a <select> list.
-
Modifications to single entries are now displayed as LDIF change records.
-
Input form can now be switched between the modes
Template, Table and LDIF
without loosing the changes made to the input data.
-
Parameter
link_css
now must contain a complete HTML snippet for specifying
CSS files for various media.
-
The print style sheet is not imported in CSS files anymore.
MS IE choked on that.
Release Date: 2007-03-22
-
Added direct link to auditContext in [ConnInfo].
-
Stripped down HTML output in [Locate] to one <div> of class Main
to correct wrong display with fixed-style CSS.
-
Added plug-in classes for MS AD attribute types groupType
and searchFlags.
-
Fixed displaying error message for ldap.TIMEOUT exception.
-
Slightly changed text of submit button in login form.
-
Grab attribute monitoredInfo from OpenLDAP's monitor entry if
attribute monitorContext is present in rootDSE
to display it instead vendor info in [ConnInfo].
Release Date: 2006-12-07
-
If no group entries are found a clear error message gives
a hint to select another group search root.
-
Search requests for LDIF/DSML export add * to requested attributes.
This fixes limited export if configuration parameter
requested_attrs is set.
Release Date: 2006-11-30
-
More graceful handling during connect when the server disallows anon bind
and restricts access to root DSE.
-
Function escape_filter_chars() from ldap.filter instead of
ldaputil.base is used.
Release Date: 2006-11-03
-
Multiple attribute values are not sorted in input forms anymore.
-
In the login form only the available SASL mechs are displayed now in the
select field for choosing authentication mechanism.
-
If scope is not specified in LDAP URL the search form properly
sets default of search scope to sub.
-
Simplified displaying error messages by deleting backward-compatible
code for older versions of python-ldap.
Release Date: 2006-09-27
-
When displaying a select field for choosing the groups
to add to or delete from the title attribute
contains the first value of attribute description or the DN
of the group entry (for bubble help in browser).
-
Some updates to configuration data.
Release Date: 2006-04-26
-
Added title attribute for [Read] links when displaying
search result list (for bubble help in browser).
The text contains attributes description
and structuralObjectClass if present in the entry.
-
Default values set in utctime.strptime() and
mspki.utctime.__strptime__() are now exactly
like that of time.strptime().
Release Date: 2006-03-23
-
Changed behaviour when displaying input form for entries with
object class extensibleObject since it was unhandy for
many available attribute types: There are only input fields displayed
for the MUST and MAY attributes of other object
classes. But the select lists for additional attribute values now contain
all existing attribute types.
-
Recursive deletion now continues if server-side administrative
limits (ldap.ADMINLIMIT_EXCEEDED exception) are in effect.
-
When adding / editing an entry the input form can now be switched
from table- to template-based and vice versa without loss of data input so far.
Release Date: 2006-03-04
-
Brought usage of manage DIT control in line with
draft-zeilenga-ldap-managedit-00.txt
-
DIT content rules marked as OBSOLETE are now correctly ignored
in object class selection form.
Release Date: 2006-02-23
-
Special treatment for an empty attribute value list when displaying
a table view of a single LDAP entry in [Read].
-
Attributes countImmSubordinates and
countTotSubordinates are now used to determine number
of direct and total subordinate entries.
-
Fix for displaying a search continuation received for one-level
search from root naming context.
Release Date: 2006-01-08
-
Relaxed error handling when ldap.INSUFFICIENT_ACCESS
is raised during connecting to an ill-configured server.
-
Again the DIT navigation menu changed.
-
Some more small fixes.
-
Better detection whether subschema is accessible on LDAP server or when to
display the local schema.
-
Number of cached subschema DN mappings displayed in [ConnInfo].
-
Added plug-in module for Kerberos V schema.
-
Fixed syntax class NameAndOptionalUID.
Release Date: 2005-11-18
-
Follow SUP references when displaying DIT structure rules.
-
Fixed detailed view of name forms.
Release Date: 2005-11-18
-
Schema browser displays DIT structure rules and name forms
with all forward and backward references to attribute types
and object classes.
-
Again fixed error handling when setting userPassword
in case simpleSecurityObject is defined as STRUCTURAL
in a broken schema.
Release Date: 2005-11-18
-
Fixed ldapsession.LDAPSession.subOrdinates()
to return correct results also when the server does not
return the operational attributes used to determine that.
-
Corrected title message of monitor and locate.
-
The link [Display all] is only displayed if only partial search results
are displayed.
-
In the object class selection form the classes currently
not selected are sorted.
-
Fixed relogin when referral is received.
-
When setting the password for an entry for which the attribute userPassword
is not allowed in the schema one of the object classes simpleSecurityObject or
simpleAuthObject
is added if present in the schema and declared as AUXILIARY.
Release Date: 2005-11-14
-
Added missing plug-in for DirX (which has no function at the moment).
-
Setting the TLS-related options does not care about
old python-ldap versions anymore.
Release Date: 2005-11-11
-
Stripped all formatting attributes from HTML templates
and slightly modified default.css to be nicer to MS IE.
-
If an attribute has more than two values the number
of attribute values is displayed in the table view
when displaying a single entry (in [Read]).
Release Date: 2005-11-11
- New features/enhancements
-
-
Major overhaul of web layout also affecting HTML generated.
Finally implemented three column layout with CSS which hopefully is
more user-friendly.
-
Added DIT navigation list to status bar which allows
quick access to upper DIT entries.
-
Reordered and hopefully cleaned up login form.
-
Flipped order of links [Down] and [Up] in main menu to better
reflect function in three column CSS layout.
- Bug Fixes
-
-
Fixed Unicode error in [ConnInfo] if the current DN is NON-ASCII.
Release Date: 2005-11-07
- Installation and Configuration changes
-
- New features/enhancements
-
-
Support for controls which are handled exactly like ManageDSAIT
in the user interface (see [ConnInfo]):
-
When displaying entries or an input form with the
help of HTML templates the templates are applied in the order
of the kind of the object classes. Order is STRUCTURAL, AUXILIARY, ABSTRACT.
-
Added plug-in class for pilotPerson
(see RFC 1274).
-
All cached LDAP information (entries and sub schema) can be flushed
(see [ConnInfo]).
-
Transfer subtype ;binary is used when creating input fields
for attributes which needs this transfer type.
- Bug Fixes
-
-
The letter small x is now allowed in the syntax classes
for telephone and FAX numbers.
-
If an error causes the input form to be re-displayed
the values entered for binary attributes are omitted.
-
Setting TLS-related options is more robust now.