From Fedora Directory Server
Introduction
The Directory Server project dates back to 1996, when Netscape hired the inventor of LDAP, Tim Howes, and his colleagues such as Mark Smith and Gordon Good from the University of Michigan. In 1999 AOL acquired Netscape and formed the iPlanet Alliance with Sun to jointly develop Netscape servers. From 1999 to 2001 the Netscape Directory Server team worked with Sun's Directory Server team, and later the Innosoft Directory Server (IDDS) team, in the U.S. in Santa Clara, CA and Austin, TX and in Grenoble, France on Directory Server and related products such as Meta Directory and Directory Access Router. The iPlanet alliance ended in October 2001, and Sun and Netscape forked the code base. From 2001 to 2004 the Netscape Directory Server team invested heavily on performance and multimaster replication. In December 2004, the Netscape Directory Server was acquired by Red Hat.
In the late 1990s, as Linux started to gain acceptance in companies, Netscape Directory Server was the first Netscape server to be officially released on Linux. In 2001 there was an effort at AOL's Strategic Business Solutions unit to improve Netscape server performance on Red Hat Linux. The team has a long history with Linux.
Feature History
Features Present in 2001
- Multi-Master Replication (2-way)
- Multiple, Disjoint Database backends (independent import, export, etc.)
- Access control mechanism - in-tree (with data); advanced features (userattr); macro ACIs; proxy ACIs
- SSLv3/TLSv1 - LDAP startTLS operation
- On line configuration and management - cn=config, tasks
- Chaining, entry distribution
- Password Policy - password expiration/lockout, different hashes, some syntax checking
- Account Inactivation
- Roles
- Class of Service
- Resource-limits by bind DN
- Server Side Sorting
- Virtual List View
- Logging - high performance, rotation
- Plug-in interface
- Pass Through Authentication
Features added in Netscape DS 6.1 (2002)
- Plug-ins - Data Interoperability support
- Virtual DIT Views
Features added in Netscape DS 6.2 (2003)
- Multi-Master Replication (4-way)
- Password Policy - per-user, per-subtree
- Upgrade to Berkeley DB 4.1
- Org Chart application
Features added in Netscape DS 6.21 (early 2004)
- Access Control - Get Effective Rights operation (no UI)
Features added in Netscape DS 7.0 (late 2004 - unreleased)
- Attribute Encryption
- 64 Bit support (Solaris, HP-UX)
- DSML Gateway
- SASL/Kerberos
- Write performance improvements - new IDL
Features added in Fedora DS 7.1 (June 1, 2005 - first open source release)
- Windows Sync
- Multi-Master Replication - WAN improvements, fractional replication (attributes), replica init from database backup
- Password Change operation
- Console UI support for Get Effective Rights
- RPM packaging
Features added in Fedora DS 1.0 (December 8, 2005)
- All open source
- Apache HTTPD for Admin Server
- Security - Support SHA-256, SHA-384, SHA-512, and MD5 for hashed password storage
- Support for Fedora Core 4 (32 and 64 bit)
Features added in Fedora DS 1.0.2 (February 20, 2006)
- Support for Fedora Core 5 (32 and 64 bit)
- Password policy - improved syntax checking (# of uppercase, # of lowercase, etc.)
Features added in Fedora DS 1.0.3 (October 10, 2006)
- Server can generate new password with password change extended operation
- Upgrade to NSPR 4.6.3, NSS 3.11.3, LDAPCSDK 6.0.0 (with sasl/ipv6 support)
- One step build uses system cyrus-sasl, net-snmp where possible
Features added in Fedora DS 1.0.4 (November 8, 2006)
- No new features, just a couple of bug fixes
Features added in Fedora DS 1.1 (January 8, 2008)
- Auto UID and GID number generation with the libdna plugin - Distributed Numeric Assignment - that works even with multi-master replication environments - see http://cvs.fedora.redhat.com/viewcvs/ldapserver/ldap/servers/plugins/dna/?root=dirsec for more information
- Separate packages - each main component is in its own package - see Discrete_Packaging
- Filesystem Hierarchy Standard file/path layout (e.g. log files are under /var/log/dirsrv) - see FHS_Packaging
- Many of the components are now built into Fedora - see FDS_Into_FedoraCore
- The setup command is now /usr/sbin/setup-ds-admin.pl - see FDS_Setup for more information
- startconsole is gone - use /usr/bin/fedora-idm-console instead
- Migration from version 1.0 and earlier is fully supported by the /usr/sbin/migrate-ds-admin.pl script provided with the package - see FDS_Setup and Migration_From_10 for more information - see note above about migration to Fedora DS 1.1 on Fedora 8 and later.
- Binary packages are provided only for Fedora 6, 7, 8 and 9 - The Fedora 6 packages should run on Red Hat EL5.1 (not 5.0)
- Version 1.1 does not include the phonebook, gateway, or org chart web apps - those will be provided in a following release
- Init scripts!
service dirsrv {start|stop|restart} [instance name]
service dirsrv-admin {start|stop|restart}
edit /etc/sysconfig/dirsrv or /etc/sysconfig/dirsrv-admin to set environment
- Bug Fixes - This link lists all of the Fedora Directory Server bugs fixed since 1.0.4
Initial Release
The initial release of Fedora Directory Server (version 7.1) was 6/1/2005. This included the source code to the complete Directory Server engine. It will also include pre-built binaries (on selected platforms) for the admin server daemon and the console administration front-end, but not the source code for those. The entire product was open sourced on 12/1/2005 as Fedora Directory Server version 1.0 - see Release_Notes for more information about that release, which uses Apache as the admin server daemon. This was a week short of a year since Red Hat acquired the Directory Server from AOL, fulfilling the promise Red Hat made when it acquired the code to open source it within the year.
