Okta LDAP Agent version history

This page displays current and past versions of the Okta LDAP Agent. This page is updated whenever a new version of the agent is released.

To download the latest agent, from your Administrator Dashboard, select SettingsDownloads and scroll to the agent you want. Click Download and run the installer.


Version

Description

Release
5.22.0 This version of the agent contains:
  • Agent now uses OAuth 2.0 and OAuth 2.0 Demonstrating Proof-of-Possession (DPoP) to securely communicate with Okta.
  • New agents are registered through OAuth 2.0 device registration flow.
  • Agents now operate independently from the accounts used to register them.
  • Agents can now be installed by super admins and users with a custom admin role that includes agent registration permissions. See LDAP integration prerequisites.
  • Linux LDAP agents are now managed using systemd instead of sysvinit. See Manage the Okta LDAP Agent.
 2024.11.0
5.21.0 This version of the agent contains:
  • Agent installer distributed as an .MSI, no longer available as an .EXE.
  • You can now upgrade agents that connect to LDAP over SSL without requiring that the SSL certificate be imported again (either through the auto update feature or manually).
  • Optimized search queries for LDAP authentication on Okta Identity Engine orgs.
  • Okta signs packages for Red Hat using FIPS-compliant SHA-256.
  • Java framework update.
  • Security enhancements.
 2024.08.0
5.20.0 This version of the agent contains:
  • Fixed an LDAP query used by the agent for retrieving group memberships using range attributes.
  • The Okta LDAP Agent service now automatically starts on boot for Red Hat and CentOS platforms.
  • Fixed an issue where some customers experienced slower than expected queries during LDAP authentication.
  • Security enhancements.
 2024.03.0
5.19.1 This version of the agent contains fixes for the expiring signature error that prevented agents from auto-updating to the newest LDAP agent version. 2024.01.1
5.19.0 This version of the agent contains:

  • Security enhancements.

  • Configurable fipsMode setting. Users can now enable or disable FIPS-supported encryption algorithms.

For Linux agents, to revert to an older version of the agent, you must uninstall version 5.19.0, and then reinstall the older version.

 2023.12.0
5.18.0 This version of the agent contains:
  • Security enhancements.

The LDAP Agent auto-update feature isn't capable of deploying all security enhancements that are introduced in version 5.18. To completely deploy all security enhancements from this release, uninstall all LDAP agents running version 5.17 or earlier, and then manually install version 5.18. See Install the Okta LDAP Agent.

 2023.09.0
5.17.0 This version of the agent contains:
  • Migration of the Windows installer from Internet Explorer to Edge
  • The service OktaLDAPAgent stop command now correctly terminates agents installed on Red Hat and CentOS platforms
  • Security enhancements
 2023.07.0
5.16.0 This version of the agent contains:

  • Use of FIPS 140-2 validated cryptographic security modules

    • bc-fips: Version 1.0.2.3

    • bcpkix-fips: Version 1.0.6

    • bctls-fips: Version 1.0.13

  • Support for LDAP agent auto update

    • This version allows support for LDAP agent auto-update.

    • When you install the agent on a Linux platform, the OktaLDAPService permission is now granted to users. The permission allows users to install the latest agent version using the auto-update feature.

  • Bug fixes

  • Security enhancements

 2023.03.0
5.15.0 This version of the agent contains:

  • Security enhancements

 2022.10.0
5.14.0 This version of the agent contains:

  • Security fixes

 2022.07.0
5.13.0 This version of the agent contains:

  • An upgraded version of Amazon Corretto

  • Security fixes

  • Improved handling of exception in poller thread

  • Bug fixes

 2022.06.0
5.12.0 This version of the agent contains:

  • Okta Military Cloud support

 2022.03.0
5.11.0 This version of the agent contains:
  • Support for Proxy Authorization Control version 2 (2.16.840.1.113730.3.4.18). Users who are required to change their password after the agent is reset by an admin, are no longer prompted twice for their password when accessing the End-User Dashboard. This new functionality is available only with LDAP services that support Proxy Authorization Control version 2. To enable this feature, contact Okta support.

  • Internal improvements and bug fixes.

 2022.02.0
5.10.0 This version of the agent contains:
  • Range attribute retrieval for group membership attributes
  • Real-time synchronization for user profiles, groups, and group memberships. To enable this functionality, contact Okta Support.
  • Expired password reset support for the eDirectory LDAP service (Okta Identity Engine)
  • Bug fixes
 2021.11.0
5.9.0 This version of the agent contains:

  • Government Community Cloud support

 2021.10.0
5.8.0 This version of the agent contains:

  • Password expiry warning support for Oracle Directory Server Enterprise Edition (ODSEE), Oracle Unified Directory (OUD), OpenDJ, and SunOne 5.2 LDAP directory services

 2021.08.0
5.7.2 This version of the agent contains:
  • Support for LDAP group password policies

  • Internal improvements and security fixes

  • Bug fixes
 2021.03.0
5.7.1 This version of the agent contains internal improvements and security fixes. 2021.01.0
5.7.0 This version of the agent contains:
  • Support for LDAP group password policies
  • Bug fixes
 2020.08.0
5.6.6 This version of the agent contains the same functionality as 5.6.5. Some default settings have been updated. 2020.07.0
5.6.5 This version of the agent contains:
  • Internal improvements, including updating the JDK to Amazon Coretto
  • eDirectory support
 2020.05.0
5.6.4 This version of the agent contains internal improvements. 2020.04.0
5.6.3 This version of the agent contains:
  • Oracle Directory Server Enterprise Edition (ODSEE) support
 2020.02.0
5.6.2 This version of the agent contains:
  • Internal improvements, including updating the JDK to Amazon Coretto
  • eDirectory support
 2019.09.2
5.6.1 This version of the agent contains internal improvements. 2019.07.0
5.6.0 This version of the agent contains internal improvements. 2019.06.0
5.5.7 This Early Access release includes incremental import improvements:

  • A new System Log event fires when the modifyTimestamp attribute in LDAP is null for users or group. When this attribute is null, it causes the incremental import to be converted to a full import. One event per import session is logged.

  • Bug fixes for incremental import.
 2019.04.00
5.5.6 This Early Access release introduces signed RPM files, allowing you to verifying the authenticity of the RPM file using the provided Public GPG key. For details, see Verify the Okta LDAP agent download 2019.03.01
5.5.5 This Early Access release contains:
  • Support for a configurable number of agent polling threads
  • Internal fixes
 2019.03.0
5.5.4 This Early Access release contains internal and bug fixes. 2019.01.2
5.5.3 This Early Access release contains the following fixes:

  • Changes to the debug logging levels weren't captured

  • Okta authentication with JIT failed when the user ID contained ASCII extended characters.
  • Agent didn't recognize pwd expired error for ODSEE server
 2018.41
5.5.2 This Early Access release implements back-end changes that improve how the agent behaves during disaster recovery. 2018.35
5.5.1 This Early Access release fixes an issue where the wrong data format was sent during password reset when AD LDS was configured to use userPassword instead of unicodePwd for the Password Attribute field. 2018.31
5.4.7 This Early Access release includes the following:
  • bug fix: ASCII extended character was getting converted to normal ASCII character in the user's DN
  • internal improvements
 2018.30
5.4.6 This Generally Available release provides internal fixes to the installer. 2018.14
5.4.5 This Early Access release includes internal fixes to the installer. 2018.12
5.4.4 This Early Availability version of the agent includes the following:
  • fixed a problem with the Okta connection not being closed in certain error cases
  • fixed a problem with incremental imports that occurred after upgrading to a new agent version
 2018.07
5.4.3 This EA agent contains internal improvements and these bug fixes:
  • OKTA-142217 – After an LDAP provisioning error, the system required a reboot and the LDAP configuration couldn't be updated.
  • OKTA-147299 – Okta authentication with Just In Time (JIT) failed when the user ID contained some non-ASCII extended characters.
  • OKTA-142973 – Just In Time (JIT) provisioning was automatically enabled after modifying LDAP integrations settings.
 2018.05
5.4.2 The LDAP agent version 5.4.2 is now available. This version provides support for customers using Oracle Internet Directory, fixing bugs, and making optimizations to:
  • Incremental imports
  • Agent installation
  • Updated LDAP Agent default settings. For agent upgrades, your current state of enablement is preserved.

For the version history, see the Okta Java LDAP Agent Version History.

 2017.49
5.4.1 These updates provide support for customers using Oracle Internet Directory, fixing bugs and making optimizations to:
  • Incremental Imports
  • Agent Installation
 2017.40
5.4.0 This new version of the LDAP agent supports incremental imports. This feature improves performance by only importing users that were created, updated, or deleted since your last import. 2017.35
5.3.12 This release provides the same functionality as 5.3.10. Some default settings have been updated. 2017.31
5.3.11 This release provides improvements in handling special characters in the DN during LDAP setting validation. 2017.27
5.3.10 This release provides various improvements to the agent log, as well as fixes to the following issues:
  • Imports from LDAP failed in some orgs due to way the Okta LDAP agent handled unicode characters.
  • Imports from LDAP failed in some orgs due to randomly dropped connections between the LDAP agent and Okta.
 2017.23
5.3.9 This release improves the ability to import a large number of users by streaming LDAP objects during import. 2017.11
5.3.8 This release provides internal improvements. 2016.45
5.3.7 This release provides internal logging improvements. 2016.38
5.3.6 This release fixes an error that occurred when creating users in LDAP. 2016.32
5.3.5 This release provides additional diagnostic information for use by Okta engineering. 2016.22
5.3.4 This release adds a diagnostic message for use by Okta engineering. 2016.19
5.3.3 This release fixes an issue in which Office 365 users were deprovisioned following an LDAP import. 2016.12
5.3.2 This release includes an option that lets admins disable SSL certificate pinning, which may be necessary to allow new installations to complete in environments where SSL certificate pinning prevents communication with the Okta server.
See Installing and Configuring the LDAP Agent.		 2016.06
5.3.1 This release provides support for SSL certificate pinning. See Installing and Configuring the LDAP Agent. 2016.01
5.3.0 This release provides the following enhancements:
  • In supported versions of LDAP, end users can change and reset their LDAP passwords in Okta. (Pre-5.3.0 agent must be uninstalled before installing version 5.3.0.) See Reset a user password.
  • Allows Okta's On-Premises Provisioning agent and Java LDAP agent to be installed on the same machine.
 2015.48
5.2.5 This version was released to achieve version consistency. It contains no functional differences from the previous release. 2015.39
5.2.4 This release fixes a potential security vulnerability. See Installing and Configuring the LDAP Agent. 2015.38
5.2.2 This release fixed an issue that prevented the agent from installing. 2015.37
5.2.1 This release added a diagnostic string that contains agent version and OS information. 2015.33
5.2.0 Introduced the General Availability (GA) release of version 5.2.0. This release incorporated the following major enhancements:
  • Support for AD LDS directories
  • A new Validate Configuration section in the setup page
  • Password reset flows
  • New Windows and Linux installers

In support of this GA release, we also changed the agent versioning scheme. Going forward, Okta began incrementing the version based on the 5.x.x convention instead of the former 1.x.x convention.

 2015.31
1.2.9 This update improved the diagnostic messages that are sent to the Okta service. 2015.29
1.2.8 This update fixed an issue that prevented users who needed to change their LDAP password from signing in to their Okta org for the first time through JIT. This update also includes JRE version 1.8.0. 2015.27
1.2.7 This update fixed an issue that prevented the agent from running on Linux RHEL 6.3. Okta also fixed an issue for ADLDS directories where the agent prevented users from changing their passwords. 2015.24
1.2.6 This update added support for using the objectGUID attribute as a unique identifier. 2015.20
1.2.5 This update provided improved registration error messages. 2015.18
1.2.4 This update fixed some issues in which an agent upgrade required admins to uninstall the existing agent manually before installing the new agent. Additionally, we fixed an issue that prevented the installation from completing on Debian systems. 2015.16
1.0.0.7 Internal Update 6/17/14
1.0.0.0 Introduces the Java LDAP Agent rpm installer. 12/10/13

Note: After October 13, 2014, releases are named by release number; prior to that, they are named by release date. Release numbers indicate the year and week in which the release became available. Occasionally, there are gaps in the numbers.