Last updated on June 30, 2026
Version 3.10.0 – June 30, 2026
- Added support for Microsoft Entra ID as an LDAP Proxy authentication source using ROPC-based primary authentication with Rublon MFA
- Improved startup behavior so that the Rublon Authentication Proxy no longer exits if the initial connection check with the Rublon API fails. Failed checks are now logged and retried automatically every 5 minutes in the background
- Improved LDAP authentication error handling for strongerAuthRequired responses from the domain controller. The Rublon Authentication Proxy now logs clearer guidance to use SSL/TLS (transport_type: ssl or starttls) or adjust the domain policy
- Improved the env secret source on Linux: when using secret_source: env, environment variables can now be read from systemd service drop-in files if they are not available in the process environment
Version 3.9.2 – April 8, 2026
- Added support for Google Secure LDAP auth source
Version 3.9.1 – March 3, 2026
- Fixed RADIUS proxy Challenge Mode so that bypassed users no longer get prompted for MFA input
- Improved the env secret source on Windows: when running Directory Sync via the .exe, environment variables now fall back to the Windows Registry when they are not available in the process environment
- Added syslog logging support on Linux (new option: syslog_enabled)
Version 3.9.0 – December 8, 2025
- Added HTTP(S) proxy configuration in the Rublon Authentication Proxy config file
- Added the timeout option in the directory_sync section that controls the timeout for Directory Sync
- Added support for Append Mode in proxied requests of RADIUS proxy (when using proxy_requests=true)
- Added support for storing config secrets in Windows Credential Manager (for more info, refer to Configuring the Rublon Authentication Proxy Secret Source – Windows Credential Manager)
- Added the challenge_message option to customize RADIUS Reply-Text in Challenge Mode of RADIUS proxy
- Added support for non-DistinguishedName (DN) LDAP Bind requests in LDAP Proxy, so it is now possible to handle requests with plain username formats like “domain\username” and “username@domain.com”
Version 3.8.0 – August 5, 2025
- Added support for managing configuration secrets via environment variables
- Fixed the handling of security_group_dn and custom_filter by the LDAP Proxy
- Fixed Proxy-State attribute passing
Version 3.7.3 – July 10, 2025
- Fixed attributes in the RADIUS dictionary
Version 3.7.2 – July 2, 2025
- Updated the RADIUS dictionary
Version 3.7.1 – June 4, 2025
- Fixed an issue causing long-lived LDAP connections not to close correctly after the authentication source got disconnected
Version 3.7.0 – May 6, 2025
- Added support for backup authentication hosts when using LDAP proxy (you can now list multiple LDAP authentication sources in auth_source for each proxy server in the proxy_servers section)
- Added the possibility to define more than one rublon section on a single Rublon Authentication Proxy instance, enabling you to protect multiple VPNs or services using different configurations
- Changed attribute names in the rublon section to better reflect the names of the values taken from the Rublon Admin Console (for backward compatibility, old attribute names will still work):
- rublon_api → api_server
- rublon_token → system_token
- rublon_secret → secret_key
- Made the access_user_dn option case insensitive