ldapauth: Simple binds without password are now possible (unauthenticated bind). However, an empty password has to be specified with -p '' to signal the intent for an unauthenticated bind.ldapauth: NTLM authentication for plain LDAP server was fixed.adauth: Updated Credentials.UPN() behavior: For credentials without a domain, .UPN() will now only return the username. For empty credentials, it will now return an empty string. This behavior should help with using adauth with non-Microsoft targets such as OpenLDAP.adauth: Client certificates can now have arbitrary private key types. Previously, RSA keys were required because some AD features only support RSA keys. For PKINIT, the key type now needs to be checked by the user like this:
rsaKey, ok := creds.ClientCertKey.(*rsa.PrivateKey)
!ok {
return fmt.Errorf("cannot use %T because PKINIT requires an RSA key", creds.ClientCertKey)
}