3 years, 4 months ago
Whats the easiest way to manage an Open LDAP db on Ubuntu?
We use Open LDAP in place of the passwd/shadow/group files on a small network of Ubuntu machines. Managing the db is dreadfully difficult and easy to screw up. Is there a management tool, preferably with a clean and simple UI, available? So far we've been using a tool called CPU but it's buggy and hasn't been worked on in almost 5 years. Another tool, led, is usable but still clunky. Why does ldap suck so much? How do I make it suck less?
Separate topics with commas, or by pressing return. Use the delete or backspace key to edit or remove existing topics.
You can leave an optional "tip" with Mahalo's virtual currency, Mahalo Dollars. If you are asking a difficult question that might require some research, or if you'd like a wide variety of feedback, a higher tip often leads to more answers to your question.
M$1 Answer
I use phpLdapAdmin: http://phpldapadmin.sourceforge.net/wiki/index.php/Main_Page
It's pretty comprehensive and can be customized.
LDAP sucks so much because it's pretty old and while it's well supported, it is not as "up to date" as mySQL, etc. I think of LDAP like an old bank system - they don't change because they work.
To make it suck less, you really need to understand and even develop your own custom UI for it. LDAP has a very wide range of uses and has grown to encompass an incredible number of uses. As a result it is very generalized and often "sucky". However, if you spend time working with it and learning the best ways that your unique situation can take full advantage of it, you'll be amazed.
It's pretty comprehensive and can be customized.
LDAP sucks so much because it's pretty old and while it's well supported, it is not as "up to date" as mySQL, etc. I think of LDAP like an old bank system - they don't change because they work.
To make it suck less, you really need to understand and even develop your own custom UI for it. LDAP has a very wide range of uses and has grown to encompass an incredible number of uses. As a result it is very generalized and often "sucky". However, if you spend time working with it and learning the best ways that your unique situation can take full advantage of it, you'll be amazed.
You can leave an optional "tip" with Mahalo's virtual currency, Mahalo Dollars. If you are asking a difficult question that might require some research, or if you'd like a wide variety of feedback, a higher tip often leads to more answers to your question.
M$
None of these machines run a web server and what gets installed is strictly controlled. Whats worse, I don't have the time to spend on this network - hence the need for an easy solution. Thanks very much for your helpful answer however.
I'm not sure about your level of linux ability, but creating a live linux cd with phpLdapAdmin installed and configured to connect to your remote LDAP server would allow you to easily manage the remote LDAP server.
However, if you're looking for something to run easy-peasy, this LDAP browser / editor runs on Java and will give you good functionality:
http://www.mcs.anl.gov/~gawor/ldap/