Directory Server Roadmap


The following describes what we would like to get done in various releases of Directory Server.  This is a living document, and RFE’s could be added, removed, or shifted to and from different releases.

Red Hat Directory Server 11


RHDS 11 refers to the 389-ds-base-1.4.x series in RHEL 8/CentOS 8. For example, the 389-ds-base-1.3.x releases were used in Red Hat Directory Server 10 on RHEL 7.

What is new in 389-ds-base-1.4.1 (RHDS 11)


Enhanced Password Policy

We added the following new syntax checks:


New CLI tools

Instead of having to use ldapmodify to configure the server or use the old perl/shell scripts, we now have a new python CLI tool set.  

dscreate

Install an instance of directory server.  You can use an INF file for “silent” installations, or there is an interactive mode which promotes you for the minimum required settings.

dsctl

This tool is used to perform operations on the server, whether it’s running or not.

dsconf

This tool handles all the online configuration of the server.  Many of the major configurations are now simplified into single steps

dsidm

This is the identity/database content tool.  This is used to manage a variety of database users and groups


New Web UI (Cockpit plugin)

We have a new web UI Cockpit plugin.  Now you can manage the server in Cockpit via a new plugin for the Directory Server.  Setting up things like Replication, databases, and monitoring have been greatly improved since the old Java console.


Red Hat Directory Server 12

RHDS 12 is based of off the 389-ds-base-2.x series.  RHDS 12.0 (389-ds-base-2.0) maps to RHEL/Centos 9.0, RHDS 12.1 (389-ds-base-2.1) to RHEL/Centos 9.1, etc

Most RFE’s can be found and described on the Design Doc Page

Initial Phase of LMDB Support

We will be replacing the internal backend database library (libdb, or sleepycat DB) with LMDB. This will not be fully supported until 389-ds-base-3.0, but you can enable it in 389-ds-base-2.3 and play around with it, but it’s not fully ready for production. Currently we see improvement with some operatons, but worse performance with others. Some of the potential performance improvements that can come from LMDB require rewriting the database transaction model, which can not be done until libdb/sleepycat is completely removed from teh code. This can not happen until 389-ds-base-3.x …

Container Support

389-ds-base-2.x does work in Openshift and Docker. See this link for information on how to get it working

LDAP Editor/Browser in UI

Database conentg (users and grouips) can now be managed inthe UI. Also we are continuously backporting these improvements to older versions like 389-ds-base-1.4.3 (Centos/RHEL)

Concurrent Connection Improvements

Improvements are currently being made to improve performance when handling 1000’s of concurrent connections. There is still more work to do, but it is improving… See the Design Page

New Security Audit Log

There is a new log written in JSON that tracks BIND operations (failed and successful, account lockout/password policy, TCP errors, etc. The JSON format allows easy parsing and handing off to other tools like Splunk for processing. For more infor see the Design Page


What is the future


Performance improvements!

This is always our goal, and we are making progress in this area by replacing the backend database and connection framework.  We want to improve the entry cache performance as well.  Replication performance improvement are on our radar, but this will probably take a while as replication is a delicate feature.

REST Interface

Adding a REST interface to the database is a long term goal. Will probably be designed towork with Cockpit since we are not shiopping a http server.

Self-Service Web Portal

A basic Flask web application that users can log into and update some of their information and password. This is more of an exmaple, that people can use as they want and customize. It will proably not be a fully supported feature (just like the old Directory Server Gateway for those who remember that).

Last modified on 29 November 2024