{scrollbar}

Connecting to ApacheDS with graphical tools (3rd party)

This sections describes how to connect tp ApacheDS with some graphical LDAP clients, which are not part of the distribution.

22list

Options, Options

Especially if you are new to LDAP, you might like to use GUI tools to connect to Apache Directory Server. Some LDAP servers come with graphical tools, even Apache DS 1.0 does and provides Apache Directory Studio. But you can also use any standard compliant client (free or commercial) to explore your directory. The #Resources paragraph contains a collection of free tools with grapical user interface. In the following the connection to the sample directory is demonstrated for some of them.

JXplorer

JXplorer is an open source LDAP browser written in Java. For its graphical user interface the Swing libraries are used. JXplorer is feature rich and only needs a J2SE 1.4 to run. Native installers are availabe for many platforms as well. Visit the JXplorer Homepage to learn more about this client and how to download it.

In order to connect to our sample directory server with this tool, open the "Open LDAP/DSML Connection" dialog after starting the browser. This can be done either by selecting the menu item within the File menu (see the screen shot above), by pressing Alt+C, or by hitting the corresponding button in the tool bar.

The dialog appears (screenshot above). It provides input fields for hostname, port and Base DN.
You may select "Anonymous" via the security level drop down. If you decide to do so it is not necessary to provide credentials afterwards, but the server must be configured to allow you to bind like that (see Basic configuration tasks). If not, you won't be able to browse the data stored in the "o=sevenSeas" partition.

Below the dropdown you provide credentials for the user to connect, if you have decided not to connect anonymously to the directory. Because currently no user is imported to your directory, you have to use the administrator to authenticate.
Enter the DN of this user "uid=admin,ou=system" and the corresponding password.

Warning

Using this configuration with a so called "simple bind" causes JXplorer to send the credentials (User DN, password) unencrypted to the server. Look at the Security sections if you want to learn more about how to secure credentials.

You might want to save the connection data as a template. Pressing the OK button causes JXplorer to connect to the server.

Import sample data using JXplorer

In order to load the sample data to ApacheDS with JXplorer, you have to connect to the server first. Use uid=admin,ou=system to connect (you need write access).

After you successfully connect to your server with JXplorer, use the menu entry LDIF | Import File. Browse the file system with the Open dialog provided by JXplorer (see image) and select the file with the sample data.

Press the Open button. JXplorer reads the LDIF file and performs some LDAP add operations against your server in order to create the entries within the sample partition. After a successfull import, you can immediatly browse the directory with JXplorer and see the imported entries:

Softerra LDAP Browser

Softerra LDAP Browser is a lightweight version of the commercial Softerra LDAP Administrator. It is available for free. Functionality of the browser is limited to exploring directories and schemas, searching, and exporting of directory data to disk. Entry creation and modification is reserved to LDAP Administrator only, together with advanced functionality like group management. Check the vendor's Homepage for details about both offerings.

Softerra platform support

Note that the Softerra clients (Browser and Administrator) are available on Windows platforms only.

In order to connect to our sample directory server with this tool, start the "Server Connection Profile Wizard". This can be done either by selecting the menu item within the File menu (see the screen shot to the left), by pressing Strg+N, or by hitting the corresponding button in the tool bar. The following dialog appears.

Enter an appropriate profile name (we chose "Seven Seas") and press the "Next" button to continue.

The next wizard step provides input fields for hostname, port and Base DN. The Button "Fetch DNs" allows you to fill the Base DN dropdown with the suffix names available, if the LDAP server supports it. So does Apache Directory Server, hence "o=sevenSeas" should appear in the list after pressing the button.

You may select "Anonymous bind" via the according check box. If checked it is not necessary to provide credentials afterwards, but the server must be configured to allow you to bind like that. If not, you won't be able to browse the data stored in the "o=sevenSeas" partition.

After entering the parameters for your directory press the "Next" button to continue.

In the next step you provide credentials for the user to connect, if you decided not to connect anonymously to the directory. Because currently no user is imported to you directory, you have to use the administrator to authenticate.
Enter the DN of this user "uid=admin,ou=system" and the corresponding password.

Warning

Using this configuration with a so called "simple bind" causes the client to sent the credentials (User DN, password) unencrypted to the server. Look at the security sections if you want to learn more about how to secure credentials.

If you hit the "Next" button, a next step wizard the wizard offers some advanced LDAP settings. We decided to accept the defaults here and therfore pressed "Finish" to create the connection profile.

Done. You should now be able to see the entry provided by the "o=sevenSeas" suffix of the tutorial partition:

Softerra LDAP Browser does not allow LDIF imports (it does not allow adding entries to the directory at all), but Softerra LDAP Administrator does (Menu: File | Import Data...).

Resources

  • No labels