====== LDAP Admin ======

From: http://www.ldapadmin.org/

<code>
What is LDAP Admin?
Ldap Admin is a free Windows LDAP client and administration tool for LDAP directory management. This 
application lets you browse, search, modify, create and delete objects on LDAP server. It also supports 
more complex operations such as directory copy and move between remote servers and extends the common 
edit functions to support specific object types (such as groups and accounts).

You can use it to manage Posix groups and accounts, Samba accounts and it even includes support for 
Postfix MTA. Ldap Admin is free Open Source software distributed under the GNU General Public License. 
</code>


====== JXplorer The World's Finest Ldap Browser ======

http://jxplorer.org/

JXplorer is an open source ldap browser originally developed by Computer Associates' eTrust Directory development lab. It is a standards compliant general purpose ldap browser that can be used to read and search any ldap directory, or any X500 directory with an ldap interface. It is available for immediate free download under a standard OSI-style open source licence.

See: https://confluence.atlassian.com/display/DEV/Identifying+Active+Directory+connection+details 
for details of configuration parameters for Active Directory

====== openDJ ======

From: https://forgerock.org/opendj/

<code>
Open Source: OpenDJ is the only 100% commercial open source LDAP directory server available on the 
market today. Feature overview.
Open Access: Our flexible data model lets developers choose REST, SCIM, LDAP, or Web Services for 
access
Open Architecture: 100% Java architecture supports the most demanding SLA environments with high 
throughput and low response times.
</code>
====== LDAP Utilities ======

jxplorer

ldp.exe

Adsiedit.msc

http://serverfault.com/questions/294191/is-my-ad-already-an-ldap-server

Having said all that, I prefer ADExplorer from Sysinternals to a plain-jane LDAP browser.
It's a little easier to use, since it's meant for use with AD specifically.

es, Domain Controllers speak LDAP.

    LDAP port 389
    LDAP+SSL port 636

As we run Google Apps Directory Sync directly on a DC, I just use port 389. You do, of course, have the option to connect using LDAP+SSL.

    Windows Server 2003

    Building on the foundation established in Windows 2000 Server, the Active Directory service in Windows Server 2003 extends beyond the baseline of LDAP compliance into one of the most comprehensive directory servers offering a wide range of LDAP support. Accordingly, the Windows Server 2003 Active Directory service introduces a number of new LDAP capabilities targeted for IT professionals and application developers. Some of the latest LDAP features include:

    •Dynamic Entries - Active Directory can store dynamic entries allowing the directory to assign Time-To-Live (TTL) values to determine automatic entry deletion.

    •Transport Layer Security (TLS) - Connections to Active Directory over LDAP can now be protected using the TLS security protocol.

====== LDAP Object Naming ======

http://technet.microsoft.com/en-us/library/cc977992.aspx


{{https://i-technet.sec.s-msft.com/dynimg/IC213641.gif}}


====== openldap ======

[[http://www.openldap.org/]]

OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol.  
The suite includes: 
  * slapd - stand-alone LDAP daemon (server) 
  * libraries implementing the LDAP protocol, and 
  * utilities, tools, and sample clients. 
 
====== Microsoft Active Directory Credentials ======

From: https://confluence.atlassian.com/display/DEV/Identifying+Active+Directory+connection+details

    ad.atlassian.com is the DNS name of our AD server so that's how we worked out
    CN=Administrator,CN=Users,DC=ad,DC=atlassian,DC=com. 
    We prefixed each part of the DNS name with DC (which stands for Domain Component).
    
    Any folders or subfolders that branch from the server, we prefix with CN, 
    hence CN=Administrator,CN=Users,DC=ad,DC=atlassian,DC=com (as the Administrator user 
    account sits in the Users folder).
    
    Please specify the full name of the account for CN. So, if the user 
    is John Smith, you would use: CN=John Smith,CN=Users,DC=ad,DC=atlassian,DC=com
    
    For baseContext, just specify DC=ad,DC=atlassian,DC=com (the DNS name prefixed with DC's)
    
[[https://confluence.atlassian.com/download/attachments/164873/jxplorer_connect.gif?version=1&modificationDate=1141791701655&api=v2]]