Basic LDAP v3 functionality for the GO programming language.
2.4k
Stars
382
Forks
71
Open issues
30
Contributors
AI Analysis
go-ldap/ldap is a comprehensive LDAP v3 client library for Go, implementing core RFC specifications for directory operations including bind, search, modify, and password management. It serves developers building Go applications that need to authenticate against or interact with LDAP/Active Directory servers, making it essential infrastructure for enterprise system integrations, IAM tools, and authentication middleware.
Inferred from signals mentioned in the README (tests, CI, type safety) — not a review of the actual code.
AI's overall editorial judgment — not an average of the bars above, can weigh other factors too.
Mature Go LDAP client library with steady maintenance, narrow but established niche adoption
go-ldap/ldap is a Go implementation of LDAP v3 client functionality (RFC 4511 and related standards). It provides bind operations, search, modify, add, delete, and extended operations with support for TLS, SASL, and paging. Used primarily by Go developers needing directory service integration—authentication systems, identity management tooling, and enterprise integrations. Not a consumer-facing tool; adoption is specialized but appears durable among its target audience.
Created in October 2014 during early Go adoption. Has remained a foundational library in the Go ecosystem for LDAP operations, with no apparent replacement competing directly at the same level of completeness. Represents the de facto standard LDAP client for Go, though adoption remains narrow compared to broader Go libraries.
Star growth is minimal (1 star in last 7 days, 2,443 total). This is consistent with a mature, stable library serving a specialized domain rather than a growing consumer trend. The plateau reflects market saturation in the LDAP-client-for-Go niche—not failure, but stable equilibrium. Repository remains actively maintained as of late June 2026, suggesting ongoing use rather than abandonment.
Adoption not verified in README or metadata. No documented case studies, known high-profile users, or deployment statistics provided. However, the library's age (12 years), maintained status, and RFC compliance suggest it likely powers identity systems at organizations integrating Go with enterprise LDAP directories. Absence of public case studies does not indicate absence of production use—LDAP integrations often occur in internal enterprise systems with low visibility.
Library appears modular, likely organized around LDAP message types (bind, search, modify, etc.) with separate handlers for TLS, SASL, and paging. README documents support for RFC 4511, 3062, 4514, 4533, 2891, 4532 and draft specifications. Appears to implement a client-side LDAP protocol stack without server components.
Not documented in README. However, contributing guidelines reference `make` targets for `go test`, suggesting automated testing is part of the development workflow. Full coverage metrics not disclosed.
Last push 2026-06-21 (12 days before evaluation date). This is recent activity. Contributing guidelines explicitly invite bug reports and pull requests and document a test/verification workflow with Docker/Podman for local LDAP server testing. Suggests active maintenance posture, though frequency of releases/merges not specified in README.
ADOPT IF: your Go service needs to query LDAP directories, perform authentication against AD/LDAP, or manage directory objects programmatically, and you require standards-compliant LDAP v3 operations (bind, search, modify, extended ops, SASL). AVOID IF: you need a managed/abstracted identity provider (prefer OAuth2, OIDC, or managed services) or you're building an LDAP server rather than a client. MONITOR IF: you depend on obscure LDAP extensions—verify the library's RFC support matches your requirements, and track maintenance activity for security patches.
Independent dimensions
Mainstream potential
2/10
Technical importance
6/10
Adoption evidence
4/10
- Limited public documentation of production deployments—hard to assess real-world reliability at scale without case studies or community reporting.
- LDAP is a legacy protocol; organizational migration to modern identity systems (Okta, Entra ID, OIDC) may reduce long-term demand for LDAP client libraries.
- No evidence of major version API stability guarantees in README; v3 import pattern suggests v1/v2 exist—migration path for users unclear.
- Security vulnerabilities in LDAP protocol handling could impact all consuming applications; maintenance cadence (push frequency) not explicitly stated—timing of security response unknown.
- Narrow adoption niche means fewer community contributions and slower feature additions compared to larger Go libraries; may lag in edge-case protocol scenarios.
go-ldap/ldap will remain the de facto Go LDAP client library, slowly declining in relative importance as organizations migrate away from LDAP toward cloud-native identity systems, but remaining essential for legacy/hybrid environments. Maintenance will likely continue at current low-activity pace as long as enterprise LDAP integration remains necessary.
Explore similar
Newsletter
Get analyses like this every Monday
Free weekly digest of the most interesting open-source discoveries.
Languages
Information
- Language
- Go
- License
- NOASSERTION
- Last updated
- 4d ago
- Created
- 143mo ago
- Analyzed with
- anthropic/claude-haiku-4-5
Stars over time
Contributors over time
Top 100 contributors only — repos with more will plateau at 100.
Open issues
Top contributors
Similar repos
| Repository | Stars | Week Δ | Language | Score | Updated |
|---|---|---|---|---|---|
|
|
2.4k | +2 | Go | 8/10 | 4d ago |
|
|
2.8k | — | Go | 7/10 | 1mo ago |
|
|
5.9k | — | Go | 8/10 | 4mo ago |
|
|
11.3k | — | Go | 8/10 | 15h ago |
|
|
1.9k | — | Go | 8/10 | 1d ago |
|
|
135.3k | — | Go | 10/10 | 13h ago |
glauth is a Go LDAP server and authentication gateway, not a client library. Complements rather than replaces go-ldap/ldap; glauth likely depends on client libraries internally. Different problem domain.
OAuth2 is a different authentication protocol/standard. Solves modern API authentication rather than directory service queries. Not a direct competitor; projects often use both in combination.
API client library for a specific service. Higher star count reflects broader use case (GitHub integration) vs. specialized directory protocol. Similar architectural pattern but different domain.
go-ldap/ldap is a client library implementing LDAP protocol; OpenLDAP is the C reference implementation and server. Not competitors—go-ldap connects to LDAP servers like those built on OpenLDAP.