In previous version of SafeSquid users had to enter their valid credentials for gaining access to the internet. It depended on what authenticating server the proxy was configured to authenticate users from. New version ntlm-RC2.0 allows using many authenticating servers like an Active Directory, LDAP, Radius, POP3, MySQL, Unix, etc.

SafeSquid Linux software supports NTLM authentication, or Single Sign On. Here clients can identify themselves without sending password to the server.

Windows version 3.2.1.0 can enable/disable NTLM authentication. This option is inactive now and will be available in the next version which is going to be released in January 2010.

Both new SafeSquid software for Linux and Windows allow tight integration with LDAP based Directory Services. New LDAP Sub-System (LSS) make it simple to integrate to AD / LDAP server.

You can contact the company here.

Of course, there’s also the fact that OpenLDAP defines itself as “…an open source implementation of the Lightweight Directory Access Protocol.” Last time I looked, LDAP was defined in a series of Internet Engineering Task Force Requests for Comment (IETF RFCs), which is about as “open” (that is, its published for all to use freely) as you can get!

OpenLDAP.org is run by something called the OpenLDAP Foundation, a non-profit organization which is evidently designed to solicit donations for itself. I would like to speak to any of the officers of the foundation but, curiously, they aren’t listed anywhere on the Web that I could find. They appear also to not have telephone numbers, although there is a mailing address (in Redwood Shores, CA – also the home of Oracle. Coincidence?).

Most of the OpenLDAP project is either taken directly from, or derived from on-going work at the University of Michigan (where LDAP originated). The SLAPD (LDAP daemon) and SLURPD (LDAP update daemon) servers are almost direct ports of work from Michigan. There’s nothing wrong with that as it is in the public domain. But there’s little evidence of much new development from the OpenLDAP group.

OpenLDAP did fill a need for an easily obtainable, LDAP-enabled directory service with a low entry price (it’s free – but you had to compile the source code). Shoestring funded start-ups in the directory-enabled applications business could use it for building and testing their software, and even recommend it to clients who didn’t have an installed directory service (or didn’t know they had one). Now that Novell is giving away eDirectory to independent software vendors and Active Directory is included with Windows 2000 servers, those reasons go away.

Since the initial reasons for the OpenLDAP project no longer exist, I’d like to suggest a change. Let’s forget about duplicating commercial efforts to create data repositories and directory services. Instead, let’s focus on creating directory- enabled applications that leverage the installed base of LDAP- enabled directory services. Give users some concrete applications that make use of the authentication, authorization and personalization mechanisms the directory makes available. That would be a public service.