To effectively use this tool please enable java scripting and cookies on your browser.
The Search, Add, Modify and Delete feature (excluding Add an Entry - Generic) begin with a search for an entry. For example, to add a user one has to first find an entry which will be used as a template for a new addition.
If you just want to do an anonymous search for an entry one can leave the Admin DN and Password fields blank. Please note that Microsofts Active Directory does not allow anonymous search against its Active Directory, only authenticated searches. For Active Directory anonymous searching, put the name or IP address of the Global Catalog in the LDAP Server field and 3268 in the Port field.
The Port number for LDAP access is generally 389. If one wishes to securely access ones LDAP server please check the SSL box. Checking the SSL box will override what is entered in the Port field. All secure access is done over Port 636.
The Schema Type field gives one the opportunity to choose a schema that matches your directory. This will have an effect on how characters are translated and displayed. For example, nearly all directories use UTF-8 encoding but Microsoft's Active Directory uses another encoding (LDAPweb is set by default to ISO-8859-1 encoding for AD). If you have a wrong selection it will effect searches and display results (e.g. if you searched for surname equal to Müller - note the ü in Müller - this would not work if making an AD search if you selected Generic as the Schema Type).
The second purpose of Schema type is to check the attribute types (e.g. is it printable or is a binary). This will work if Schema details have been loaded into a directory and are accessible by LDAPweb (please refer to the documentation).
The BaseDN field specifies at what point in the directory tree one wants to start ones search.
The AdminDN and Password are use for authentication and will be required for most features unless anonymous access is allowed by the directory.
With a default LDAPweb installation the search fields are basically tailored to search for an individual. One has the option of providing ones own search attribute by using the "Other attribute" field. Alternatively if one knows how to define filters one can enter ones own filter in the Filter field. Entering information in the filter field will take precedence over anything entered in the search fields. eg. If a filter is defined the search fields are ignored.
The option "Base", "One-level", "Tree" defines how far through the directory tree one would search. If you are not familiar with Ldap compliant directories select "tree" (the default).
Please use the online help for further information.
Points of Interest
The majority of tests have been performed against Openldap versions 2 & 3 and Microsofts Active Directory. Very basic tests have been successfully made against other LDAP compliant directories.
The LDIF generate features are useful for mass additions and modifications. For example, one could take an LDIF export of a user, make some modification to the export (eg. replace all occurences of users first name and surname with ##First## and ##Last## respectively) and then use this file as an LDIF template. To LDIF generate use a CSV file (using the first name, surname example) with a header record of ##First## and ##Last## followed by columns containing the various users first name and surname. PLEASE NOTE - it is assumed that the CSV and LDIF template files are ANSI formatted (eg. normal text).
LDIF generates, imports or exports can be quite time consuming. The time limit allowed for any of these actions has been set to 4 minutes. After 4 minutes the action is timed out.
Information on Browsers
The following browsers work fine:
Mozilla 1.0+, IE5.5+, Netscape 4.7x, Netscape 6.1+, Opera 5+. Not recommended are Netscape 6.0 and pre-Mozilla 1.0.
LDAPweb also makes use of web server functionality, by sending the character encoding required in the header of a web page. This works fine on most modern browsers if you set your browser browser to auto-detect the encoding. If you are working with directories with everything stored in the English language you do not really need to worry about encoding, but if you are working with non-English information you will need to note this, as you will find that displaying or searching for non-English characters (e.g. öäüéèÖÄÜ) is problematic if your browser is not set-up correctly for LDAPweb. If you want to, or have to, do things manually then I recommend that you use character encoding UTF-8 for most directories except Microsoft Active Directory. For Active Directory, Western European (ISO-8859-1) will most likely fulfil your requirement.
2.April 2003