Thursday 13th March 2014 saw Microsoft release a new hotfix rollup package (build 4.3.1082.0) for the Generic LDAP Connector for Forefront Identity Manager 2010 R2. The official documentation for this build can be found on the Microsoft support website under knowledgebase (KB) article 2936070. Download link is here.
The hotfix contains three (3) fixes to issues and one (1) feature addition. Full details of the update, duplicated from the KB for posterity, follow. Hit the KB for the full set of info. such as the known issues and other details.
Generic LDAP connector
When you try to connect to a Lightweight Directory Access Protocol (LDAP) server that has Secure Sockets Layer (SSL) protocol/Transport Layer Security (TLS) protocol enabled, the connection fails unless mutual authentication is enabled.
After this update is applied, the certificate information on the connectivity page is used only when mutual authentication is enabled. If the server uses SSL/TLS, the certificate that is presented is visible on the global page.
A DN-rename operation fails for some LDAP directories during a delta import if the connected system returns more results than the configured page size on the connector can hold.
When a change in an attribute value involves only a change in letter case (uppercase to lowercase or vice-versa), the change fails for some LDAP directories. For example, if the attribute value is changed from “contoso” to “Contoso,” the change fails for some LDAP directories.
Added support for the following additional LDAP directories, including delta import support:
- Open DS
- Open DJ
- Active Directory Lightweight Directory Services (AD LDS)
- Active Directory Global Catalog (AD GC)
Added support for the following additional LDAP directory:
- Apache Directory Server
Note. This new support does not include delta import. This is because the directory does not have a persistent delta change log.