LDAP is one of the most heavily relied-upon standards in enterprise software, but, although the protocol provides for a measure of back-end consistency, the interfaces of products into which LDAP is built vary considerably.
Softerra LLCs LDAP Administrator 3.1 lets IT administrators browse and modify LDAP Version 3 directories, including the OpenLDAP Foundations OpenLDAP Project, Sun Microsystems Inc.s Netscape/iPlanet, Microsoft Corp.s Active Directory and Novell Inc.s Novell Directory Services.
eWEEK Labs tested LDAP Administrator 3.1, which was released last month, with Active Directory on Windows Server 2003 and OpenLDAP on Red Hat Inc.s Red Hat Enterprise Linux Advanced Server 3.0, and we were impressed by its clean interface.
However, what pleased us most about LDAP Administrator was the quality of the error information it provided about the LDAP server connections we established. All too often, LDAP-consuming applications are designed with rather sparse configuration interfaces that are built out no further than whats required to enter the server location and authentication information necessary to access the LDAP store.
In a perfect situation, in which you have all the correct configuration values at hand, LDAP setup goes smoothly, and those slim setup dialogs neednt be paid any further attention.
Imperfect scenarios are fairly common, however, particularly when configuring LDAP-conversant applications from different vendors to work together. Weve experienced frustration, for instance, setting up the Mozilla Organizations Thunderbird mail client to consume LDAP-stored address book information from Active Directory, with Thunderbird providing precious little error data with which to troubleshoot.
LDAP Administrator, which costs from $215 for a single license to $4,500 for an unlimited site license, is a great tool for bringing together different LDAP-based services and applications. Theres a free browse-only version of the product called LDAP Browser 2.6 that weve also found very useful.
We recommend that sites managing multiple LDAP stores (as most sites do), particularly those working toward making these multiple stores work together, give LDAP Administrator a closer look. Because LDAP Browser is free, its definitely worth downloading and adding to your IT toolbox.
LDAP Explorer is a particularly good fit for administrators working with OpenLDAP stores because OpenLDAP does not include any graphical administration tools, and weve been underwhelmed by the open-source tools weve seen for working with LDAP, such as GQ and Directory Administrator.
Unfortunately, unlike these Linux-friendly tools, LDAP Administrator runs only on Windows.
LDAP Administrator 3.1s LDAP Filter Builder feature helped us construct filters in the proper syntax with a handy live-checking facility that worked like the IntelliSense feature in Microsofts Visual Studio IDE. We could export data from our LDAP stores in a variety of formats.
LDAP Administrators export wizard allows users to work around the limitations on numbers of entries that LDAP servers can impose by fetching groups of entries in appropriately sized chunks.
Senior Analyst Jason Brooks can be reached at [email protected].