====== LDAP Management ====== ===== Generic ===== Handy traditional tools to use are: * ldapsearch, ldapmodify, ldapadd, etc * editors * ldapvi * [[http://jxplorer.org/|jxplorer]] ===== Configuration ==== ==== Browsing ==== To look at the LDAP server configuration: root@marmot:~# ldapsearch -Y EXTERNAL -H ldapi:/// -b "cn=config" ==== Importing a Schema ==== Palmed wisdom from [[http://www.zarafa.com/wiki/index.php/OpenLdap:_Switch_to_dynamic_config_backend_(cn%3Dconfig)#Convert_schema_files_for_import|Zarafa's LDAP wiki pages]]: root@marmot:~# wget http://openssh-lpk.googlecode.com/files/openssh-lpk_openldap.schema root@marmot:~# echo 'include openssh-lpk_openldap.schema' > schema_convert.conf root@marmot:~# mkdir /tmp/ldif_output root@marmot:~# slaptest -f schema_convert.conf -F /tmp/ldif_output root@marmot:~# sed -n 's/^dn: \(.*\)/dn: \1,cn=schema,cn=config/; s/{[0-9]\+}//; /^\(dn\|objectClass\|cn\|olcAttributeTypes\|olcObjectClasses\| \)/ p' /tmp/ldif_output/cn\=config/cn\=schema/cn\=\{0\}openssh-lpk_openldap.ldif > ~/import.ldif root@marmot:~# ldapadd -Y EXTERNAL -H ldapi:/// -f ~/import.ldif SASL/EXTERNAL authentication started SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth SASL SSF: 0 adding new entry "cn=openssh-lpk_openldap,cn=schema,cn=config" ==== Editing The Configuration Directly ==== root@marmot:~# ldapvi -Y EXTERNAL -h ldapi:/// -b "cn=config"