The Q2 of 2021 brings to you a new major release of OpenLM Server. This new version of OpenLM brings very significant changes as a response to feedback and requests from our customers.
This document highlights the major changes, many others were done and will be listed in our release notes and OpenLM Manuals. Our team is looking forward to communicating with you about your requirements, please use our contact form in order to set a meeting with our technical team.
Why are we jumping from version 5 to version 21?
OpenLM is switching from our on-going release numbering to a new system based on the month and year. New releases will be numbered according to <year>.<month> so the next release will be 21.6.
Read more here.
OpenLM Server Security
OpenLM Server deprecates its internal and in house implementation of user authentication. Instead OpenLM Server can be configured to delegate these functions to an external identity service that implements the leading standard: OAuth 2.0. This change brings OpenLM server security level to comply with the requirements of the top leading organizations worldwide.
As part of this change and since the security is now an external component to the server OpenLM will not be able to provide minimal security as a login capability by default. Before installing and configuring OpenLM Identity the system will work without security. Also, the ability to configure a guest user will not be supported in version 21, because of the same reason.
MariaDB – New default database engine for OpenLM Server
Firebird database engine served us well for many years as it came pre-installed with OpenLM Server. Unfortunately this database engine has its share of performance and security issues and OpenLM discontinues its support.
We choose MariaDB as the default database engine for OpenLM Server. This database is almost fully compatible with MySQL that is also supported by OpenLM. MariaDB provides performance and security to our users. We continue to support MS SQL Server and MySQL as before.
OpenLM Server 5.6 includes a data transfer utility (fb2mariadb) designed to assist transferring and switching from Firebird database engine to Maria DB.
Kestrel – OpenLM Server new default HTTP Server
OpenLM version 21 will use the advanced Kestrel HTTP server as the default for the system. Kestrel is well maintained and provides high performance and security to our users.
On earlier releases, OpenLM Server’s Web interface EasyAdmin required PHP libraries and the LightTPD Web Server in order to work. This major release drops these dependencies and their services.
When upgrading to the new release, the installer will remove PHP and LightTPD libraries, executables and configuration from upgraded setups.
Back to MSI installers on Microsoft Windows
OpenLM version 5.* used an EXE installer that required .NET framework version 4 for the installer to execute. The EXE based installer allowed us to provide you a guided installation but forced us to install frameworks that were only used for the setup and proved to be problematic with some security systems.
The new release is now using a standard MSI installer which is better suited for organizations. The post installation steps are implemented by dedicated scripts that were developed for this purpose. This allows us to provide an easy installation while being more security friendly.
OpenLM Server Configuration moves to the browser (EasyAdmin)
OpenLM Server historically had Server configuration tool for some settings like – license servers configuration, SMTP settings and others. With the new version all these settings will be moved to EasyAdmin which will make things much more convenient allowing for new manual license servers addition remotely.
OpenLM Identity Service
OpenLM Identity Service is a new offering that facilitates user management and authentication of OpenLM products’ users. OpenLM Identity Service uses an industry standard OAuth 2.0 implementation to offer its identity management and authentication services. OpenLM Identity Service has federation capabilities built in and in the long term this will enable it to proxy identity management and authentication services to existing customer solutions that implement OAuth 2.0 standard.
Customers that are currently using the OpenLM Roles and Permissions functionality must install and configure OpenLM Identity when upgrading to version 21.
OpenLM Server Windows automatic login with Identity Service
In the current version of OpenLM and when using Windows Authentication (NTLM) the user is required to click a button in order to login to the system. Customers requested automatic login which is now supported by version 21 of OpenLM.
Stay tuned to the release of Agent version 21 that we are planning to release soon. This new agent version brings a huge amount of improvements including the ability to run on multiple operating systems and an amazing new interface. The new Agent will support new security standards of version 21.
We have preserved backwards compatibility with OpenLM Agent 5.x. Existing OpenLM Agent 5.x installations will work with the 21 major release of OpenLM Server.
OpenLM Broker 21 delivers integration of the Broker with OpenLM Server 21 and the Identity Service. Any customer upgrading OpenLM Server to version 21 must also upgrade all brokers.
Our OpenLM Broker team made efforts to keep the Broker backwards compatible so we recommend customers to upgrade to the latest version 21 even if they don’t plan to upgrade the server. Upgrading will bring you the latest bug fixes and support for new license managers. Upgrading the brokers in advance will reduce downtime during the future OpenLM Server upgrade.
OpenLM Directory Synchronization
The second release (21) of OpenLM Directory Synchronization (DSS) brings major improvements to the product based on the many implementations that are working successfully.
The changes includes:
- Supporting the new OpenLM Identity service and by that highly upgrading the security of the system.
- Removing Firebird as the default database engine for DSS. Customers can now choose between MariaDB, MySQL and MS SQL Server and the system database and gain performance and security.
- An improved migration process of old LDAP configuration settings when upgrading OpenLM from older versions. The process is now significantly faster.
- Communication protocol between OpenLM Server and DSS is now REST instead of SOAP as before.
- Interface improvements mainly allow customers to better manage synchronization and identify issues, if any.
OpenLM Reports Scheduler
OpenLM Reports Scheduler was adjusted to utilize OpenLM Identity. It will now have significantly higher security like all other components.
Wider coverage of REST API
The new release 21 required a significant investment in APIs. According to our new policy all new APIs are now REST and this allows developers to interact with our system and integrate it as part of organizational IT infrastructure.
We already have multiple developers developing integrations based on OpenLM API and we are planning to further invest effort in supporting their requirements.
Release 21 concludes a huge investment in the development of a modern and better infrastructure for OpenLM. This infrastructure that we are using in version 21 will allow us to address customer requirements more quickly.
Infrastructure improvements as introduced in this version includes:
- Support for cross platform operating systems.
- Browser based interfaces.
- New browser UI infrastructure.
- Support for on-premises and cloud implementations.
- REST API infrastructure
- Cross platform post installation configuration for services
- MariaDB database support
- Embedded HTTP services
- Terminal based installation and configuration
- MSI installers on Windows OS
- Linux/UNIX installations – coming soon
In the next releases we plan to continue improving our infrastructure but to dedicate more time to addressing your requests.
Version 21 brings a huge amount of new features based on significant investment in infrastructure. OpenLM Engineering department is larger than it ever has been before, and we are looking forward to accepting your requests and implementing them.