There are quite a number of graphical LDAP directory viewers and managers in varying degrees of usefulness and polish. You still need to know the OpenLDAP commands, but a good graphical interface can make you more efficient. Here are some nice open source applications:
- GQ (http://gq-project.org/)
This is a fairly simple standalone LDAP client. It is a browser and an editor. You can easily browse schema details, and see your directory structure as Figure 12-5 shows. You may also authenticate to create or edit entries.
- Web browsers
Konqueror and Internet Explorer include simple LDAP viewers. You can see your directory, but not edit it. Enter a URL containing your suffix, like ldap://localhost:389/dc=alrac,dc=net, and you'll see something like Figure 12-6.
- LAT, LDAP Administration Tool (http://dev.mmgsecurity.com/projects/lat/)
A nice, fully featured viewer and editor (see Figure 12-7). It includes tools for Samba and Active Directory integration, a good search tool, LDIF imports and exports, and other essential management features.
- Web-based LDAP managers
phpLDAPadmin (http://phpldapadmin.sourceforge.net/) and Gosa (https://www.gosa-project.org/) are two popular web-based LDAP managers. They're rather complex, as PHP applications tend to be, because they depend on HTTP servers, PHP, and various modules and libraries. So, they both have learning curves, but the advantages are attractive interfaces, universal clients, and the fact that any PHP coder can extend and customize them.
Like all good Linux admins, you don't want to run X Windows on your LDAP server, and with any of these applications, you won't need to because they all support secure remote access.
OpenLDAP.org: http://www.openldap.org/
LDAP Directories Explained: An Introduction and Analysis, by Brian Arkills (Addison-Wesley)
LDAP System Administration, by Gerald Carter (O'Reilly)