The Symas Blog
Symas OpenLDAP Gold 2.4.58.1 Available
On March 18, 2021, we posted the Symas OpenLDAP Gold version of OpenLDAP 2.4.58.1 to our Download Site. This is the first Symas update to the OpenLDAP Project’s 2.4.58 Release. We provide updates more frequently than the project to help our customers address...
Symas OpenLDAP Gold 2.4.57.1 Available
On January 20, 2021, we posted the Symas OpenLDAP Gold version of OpenLDAP 2.4.57.1 to our Download Site. This is the first Symas update to the OpenLDAP Project’s 2.4.57 Release. We provide updates more frequently than the project to help our customers address...
Cache Management Lessons Learned
We're coming up on the tenth anniversary of LMDB, and I've been thinking back to the bad old days of cache tuning that we struggled with, before LMDB's advent. As noted in the LMDB design doc tuning caches used to be a major pain point in administering OpenLDAP. It...
Symas OpenLDAP Gold 2.4.50.1 Available
On May, we posted the Symas OpenLDAP Gold version of OpenLDAP 2.4.50.1 to our Download Site. This is the first Symas update to the OpenLDAP Project's 2.4.50 Release. We provide updates more frequently than the project to help our customers address problems and...
Symas OpenLDAP Gold 2.4.49.1 Available
On April 14, we posted the Symas OpenLDAP Gold version of OpenLDAP 2.4.49.1 to our Download Site. This is the first Symas update to the OpenLDAP Project's 2.4.49 Release. We provide updates more frequently than the project to help our customers address problems...
Symas Business Continuity During the COVID-19 Pandemic
The cornerstone of Symas Corporations's long standing Business Continuity Plan has been a globally distributed team, working "from home." Our team has been studying the recommendations and regulations as they are promulgated and all members are taking...
Apache Fortress slides “Towards an Attribute-Based Role Based Access Control System” Presentation LDAPCon 2019
towards-an-attribute-based-rbac-ldapcon-2019-v1
ApacheCon EU Lightning Talk: Towards an Attribute-Based Role- Based Access Control System
Slides from yesterday's lightning talk describing how Apache Fortress fixes the so-called 'Role Explosion' problem in RBAC by applying ABAC-like dynamic constraints... towards-an-attribute-based-rbac-apachecon-lightning-2019-v1
Symas OpenLDAP Gold 2.4.48.2 Available
On September 17th, we posted the Symas OpenLDAP Gold version of OpenLDAP 2.4.48.2 to our Download Site. This is the second Symas update to the OpenLDAP Project's 2.4.48 Release. We provide updates more frequently than the project to help our customers address...
Symas OpenLDAP Gold 2.4.48.1 Available
Symas has produced another in its series of maintenance releases for its Symas OpenLDAP Gold subscribers.
Symas OpenLDAP Gold 2.4.47.3 Available
Symas has produced another in its series of maintenance releases for its Symas OpenLDAP Gold subscribers.
Recent Improvements in Apache Fortress REST Delegated Administration
Before the latest changes using the DA checks was more complicated. In addition to the HTTP Basic Auth creds, callers had to pass the administrator’s session in the payload of the request. This made it harder to use and (worse) less secure.
Better Management for Directory (LDAP) Traffic
Many LDAP Directories have several servers handling requests from many clients. The load on each server varies. Redirecting traffic when a server goes away can be a challenge. There are companies offering “network load balancers.” They are usually pretty...
New Release: Symas OpenLDAP 2.4.47-2 Available
Symas is continuously striving to provide our customers with excellent products. This on-going pursuit leads us to offer the latest Production Release of Symas OpenLDAP Gold, 2.4.47-2. Current customers, please visit https://downloads.symas.com to download...
New Release: Symas OpenLDAP 2.4.47-1 Available
Symas is continuously striving to provide our customers with excellent products. This on-going pursuit leads us to offer the latest Production Release of Symas OpenLDAP Gold, 2.4.47-1.
Adding Contextual Information to the RBAC Decision
We don’t have to throw the baby out with the bathwater. RBAC has many good aspects that we’d like to preserve. It’s standards-based, meaning various implementations should interoperate. It works, and is already in place, pretty much everywhere. But we’d like to be able to sprinkle in a bit of context, allowing us to fix the role explosion problem, without breaking its interoperability, or bringing in another implementation, with yet another protocol.
The Not-So-Bright Future of Directory Services in Red Hat Enterprise Linux
389-ds and Red Hat Directory Server are being touted as Red Hat’s LDAP server solutions on future versions of their OS, but the fine print has some surprises. Click to learn more.
Configuring Apache Fortress-OpenLDAP for High Availability
This post describes how Apache Fortress and OpenLDAP can be placed into a highly-available configuration. Apache Fortress provides Identity and Access Management APIs over HTTP using either JSON or REST formats. OpenLDAP is where the data is stored and maintained.
Your Facebook Account is Worth 2FA But Your Own Network Isn’t?
50% of networks and websites that aren’t using 2FA are open to shared-password attacks. Is yours one of them? How many of the users in your network use the same password on external sites with questionable security? Ondrej Kuznik offers insight on how OpenLDAP users can implement 2FA today. Click to learn how.
How-To Guide: Two-Factor Authentication
Passwords, everyone loves to hate them and still, in the era of digital certificates, fingerprints, and voice recognition, we use them on a daily basis and want users to memorize tens of different complex passwords. So they cheat and passwords get reused, written down on a piece of paper, you name it. Not that service providers always get this right either.
Who put ABAC in my RBAC?
Readers know that Attribute-based Access Control (ABAC) is a bit of an obsession with me. It stems from the want to have something like an ABAC system in my little bag of tricks. An authorization engine that scales to everyday usage, without proprietary, bloated or cumbersome baggage to weigh it down.
OpenLDAP for Linux Support from Symas Corporation
Symas corporation to now offer OpenLDAP for Linux Support Packages for any 3rd party distribution. Click to learn more.
Large University Switches to Symas OpenLDAP, Sees Immediate Success
Through the years that followed, despite university staff turnover and other changes, they have retained Symas to provide “additional brain power,” staff training and software maintenance.
The Apache Directory Project announces the 8th release of Fortress
The Apache Directory Project announces version 2.0.1 of Apache Fortress Apache Fortress is a computer security access management facility written in Java. Other platforms use the Apache Fortress Rest component. Fortress provides a fine-grained authorization...