Cybersecurity
DevOps Cloud
IT Operations Cloud
The Novell eDirectory supports LDAP (Light Weight Directory Access Protocol) and provides number of utilities, applications and APIs to communicate with it. But the ldapvi can be useful in some different scenarios, lets discuss about that.
The LDAPVI, name itself says everything about this utility. If you are a NIX user and familiar with VI editor, you will be able to use this utility( Basic knowledge of VI editor is required to use this utility). This utility supports almost VI functionalities which is the main benefit of it.
Now let me focus on some obvious questions...
What is LDAPVI?
The LDAPVI is not simply an editor. Its an utility which will take parameters to communicate with LDAP supported directory server and make a query to it. After querying the directory server, it will get some results which will be displayed in LDIF kind of format in editor. Where you can directly edit the resulted data and submit back to the server. Its really easy to do different LDAP operations by using LDAPVI and because of that its known as an interactive LDAP client for NIX terminals.
Why/When should we use LDAPVI?
I think there are only two ways to communicate with any directory server, 1st Server APIs and 2nd Command Line utils(which will also use same APIs). There are number of other applications which are designed by using these APIs and provide same functionalities ex. Web based utile, stand alone software etc. The ldapvi is one of them only, but it will be very useful in situations like Low-End hardware, Low network / Internet speed, Operating System without X(GUI) support, Bulk update etc.
Let me give you the brief about some situations...
How to install and configure LDAPVI with eDirectory on SLES10?
There are two ways to install it, 1st Source and 2nd rpm package. To download & install it from source you can follow this link...
http://www.lichteblau.com/ldapvi
But if you want to install it from rpm package, you can search on openSUSE software site http://software.opensuse.org/search for particular distribution.
For example, Use this link to download package for SLES10 - i586 architecture...
Once it has been installed, you can simply use it like any normal command.
user@novell:~>ldapvi --help
This command will give you the list of available command line options for ldapvi.
user@novell:~>ldapvi<enter>
Here it will try to connect with default port(389) on localhost as anonymous user. In eDirectory by default anonymous search is allowed, so you will get all the records from the directory tree root in editor. Be careful if your tree size is very large, then you should use ldapvi with base -b command line option to specify search base. Otherwise it will take some time to load all the data. But by default eDirectory will not allow you to do any modifications as an anonymous user, so you will have to provide your identity with -D option to make any modifications.
user@novell:~>ldapvi -D cn=admin,o=novell -b o=novell
This command will try to connect as an admin user and will prompt you for admin password. Once you provide password, you will get all the records from the base o=novell. Here you may get some error like...
ldap_bind: Confidentiality required (13)
Because by default TLS option is enabled for simple bind with password. Its one of the encryption mechanism like SSL which will be discussed in second part. Lets first see how can we do this in plain text. To check the 'Require TLS for Simple Binds with Password' option is enabled or not you can use...
user@novell:~>ldapconfig get<enter>
Here you will have to find 'Require TLS for Simple Binds with Password' option, by default it is enabled on eDirectory with value 'yes'. If this option is enabled, you will have to disable it by setting up value "no".
user@novell:~>ldapconfig set "Require TLS for Simple Binds with Password=no"<enter>
OR
user@novell:~>ldapconfig set "Require TLS for Simple Binds with Password=no" localhost:389<enter>