Marcus Hall

User Tools

Site Tools

Trace:
software:ldap

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
software:ldap [2016/08/24 15:54] – created superwizardsoftware:ldap [2016/08/31 21:04] (current) – [JXplorer The World's Finest Ldap Browser] superwizard
Line 5: Line 5:
 <code> <code>
 What is LDAP Admin? What is LDAP Admin?
-Ldap Admin is a free Windows LDAP client and administration tool for LDAP directory management. This application lets you browse, search, modify, create and delete objects on LDAP server. It also supports more complex operations such as directory copy and move between remote servers and extends the common edit functions to support specific object types (such as groups and accounts).+Ldap Admin is a free Windows LDAP client and administration tool for LDAP directory management. This  
 +application lets you browse, search, modify, create and delete objects on LDAP server. It also supports  
 +more complex operations such as directory copy and move between remote servers and extends the common  
 +edit functions to support specific object types (such as groups and accounts).
  
-You can use it to manage Posix groups and accounts, Samba accounts and it even includes support for Postfix MTA. Ldap Admin is free Open Source software distributed under the GNU General Public License. +You can use it to manage Posix groups and accounts, Samba accounts and it even includes support for  
 +Postfix MTA. Ldap Admin is free Open Source software distributed under the GNU General Public License. 
 </code> </code>
 +
 +
 +====== JXplorer The World's Finest Ldap Browser ======
 +
 +http://jxplorer.org/
 +
 +JXplorer is an open source ldap browser originally developed by Computer Associates' eTrust Directory development lab. It is a standards compliant general purpose ldap browser that can be used to read and search any ldap directory, or any X500 directory with an ldap interface. It is available for immediate free download under a standard OSI-style open source licence.
 +
 +See: https://confluence.atlassian.com/display/DEV/Identifying+Active+Directory+connection+details 
 +for details of configuration parameters for Active Directory
 +
 +====== openDJ ======
 +
 +From: https://forgerock.org/opendj/
 +
 +<code>
 +Open Source: OpenDJ is the only 100% commercial open source LDAP directory server available on the 
 +market today. Feature overview.
 +Open Access: Our flexible data model lets developers choose REST, SCIM, LDAP, or Web Services for 
 +access
 +Open Architecture: 100% Java architecture supports the most demanding SLA environments with high 
 +throughput and low response times.
 +</code>
 +====== LDAP Utilities ======
 +
 +jxplorer
 +
 +ldp.exe
 +
 +Adsiedit.msc
 +
 +http://serverfault.com/questions/294191/is-my-ad-already-an-ldap-server
 +
 +Having said all that, I prefer ADExplorer from Sysinternals to a plain-jane LDAP browser.
 +It's a little easier to use, since it's meant for use with AD specifically.
 +
 +es, Domain Controllers speak LDAP.
 +
 +    LDAP port 389
 +    LDAP+SSL port 636
 +
 +As we run Google Apps Directory Sync directly on a DC, I just use port 389. You do, of course, have the option to connect using LDAP+SSL.
 +
 +    Windows Server 2003
 +
 +    Building on the foundation established in Windows 2000 Server, the Active Directory service in Windows Server 2003 extends beyond the baseline of LDAP compliance into one of the most comprehensive directory servers offering a wide range of LDAP support. Accordingly, the Windows Server 2003 Active Directory service introduces a number of new LDAP capabilities targeted for IT professionals and application developers. Some of the latest LDAP features include:
 +
 +    •Dynamic Entries - Active Directory can store dynamic entries allowing the directory to assign Time-To-Live (TTL) values to determine automatic entry deletion.
 +
 +    •Transport Layer Security (TLS) - Connections to Active Directory over LDAP can now be protected using the TLS security protocol.
 +
 +====== LDAP Object Naming ======
 +
 +http://technet.microsoft.com/en-us/library/cc977992.aspx
 +
 +
 +{{https://i-technet.sec.s-msft.com/dynimg/IC213641.gif}}
 +
 +
 +====== openldap ======
 +
 +[[http://www.openldap.org/]]
 +
 +OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol.  
 +The suite includes: 
 +  * slapd - stand-alone LDAP daemon (server) 
 +  * libraries implementing the LDAP protocol, and 
 +  * utilities, tools, and sample clients. 
 + 
 +====== Microsoft Active Directory Credentials ======
 +
 +From: https://confluence.atlassian.com/display/DEV/Identifying+Active+Directory+connection+details
 +
 +    ad.atlassian.com is the DNS name of our AD server so that's how we worked out
 +    CN=Administrator,CN=Users,DC=ad,DC=atlassian,DC=com. 
 +    We prefixed each part of the DNS name with DC (which stands for Domain Component).
 +    
 +    Any folders or subfolders that branch from the server, we prefix with CN, 
 +    hence CN=Administrator,CN=Users,DC=ad,DC=atlassian,DC=com (as the Administrator user 
 +    account sits in the Users folder).
 +    
 +    Please specify the full name of the account for CN. So, if the user 
 +    is John Smith, you would use: CN=John Smith,CN=Users,DC=ad,DC=atlassian,DC=com
 +    
 +    For baseContext, just specify DC=ad,DC=atlassian,DC=com (the DNS name prefixed with DC's)
 +    
 +[[https://confluence.atlassian.com/download/attachments/164873/jxplorer_connect.gif?version=1&modificationDate=1141791701655&api=v2]]
 +    
software/ldap.1472054069.txt.gz · Last modified: 2016/08/24 15:54 by superwizard