1. Great! We love Jenkins too, and have also automated all builds, including linux packaging. 2. Please open a new issuer for each suggested enhancement. Be specific, include screenshots if possible. If we accept the feature request, we'll convert it to the respective Github issues and assign it a release number. 3. Really, your question has two parts: (1) How do authenticate a user if the password is stored in SQL; (2) How can you sync users and passwords. The answer to part 1 is that you can write a person authn interception script that calls an API. I would advise against making a JDBC connection from the Gluu Server. (Avoid all stateful connections from the Gluu Server). Front end the RDBMS with an API, that handles connection pooling, and then call the API from a custom authn script. Make sure your API uses HTTPS, because you wouldn't want to leak passwords! The answer to part 2: oxTrust cache refresh might help you with your password sync problem. If the users were in sync already, you could specify your LDAP server as the source, and for each person, call and API (or post a message an MQ server... even better), that grabs the SQL password and updates the respective LDAP entry (preferably if it's changed). With that said, the oxTrust Cache Refresh is not an IDM system. Really, it is a very primitive metadirectory, and you may be better off using an IDM like Evolveum Midpoint, or Apache Syncope. The main goal of Cache Refresh is to sync users from AD.