2

I am running a Solaris 10 environment using Sun Directory Server (LDAP) 5.2 and now 6.3 for managing user accounts. So far I have been managing the environment via scripts to add users and groups but would like to pass this responsibility over to the help desk. Since they are not LDAP savvy I would like to give them something like a web front end to the People and Groups organizational units of the LDAP tree.

Can you suggest a suitable tool that would mask the complexities of LDAP from non-technical users but still enable them to manage the user accounts?

douglasj
  • 33
  • 1
  • 5

3 Answers3

8

Maybe Gosa will fit... I haven't try it yet but it's on my TODO. From the homepage it says:

GOsa² provides a powerful GPL'ed framework for managing accounts and systems in LDAP databases. Using GOsa² allows system administrators to easily manage users and groups, fat and thin clients, applications, phones and faxes, mail distribution lists and many other parameters. In conjunction with FAI (Fully Automatic Installation), GOsa² allows the highly automated installation of preconfigured systems. GOsa² therefore provides a single, LDAP-based point of administration for large and small environments, thus making the administration of users and systems and all related parameters manageable and easy.

Julien
  • 430
  • 3
  • 12
  • Thanks, I haven't heard about GOsa before, it looks interesting. I've got it in a Debian VM to test it against out LDAP directories. I'll comment on what I find out. – douglasj Jul 01 '09 at 02:20
2

We used phpldapadmin and JXplorer for "less" technical people to manage OpenLDAP, though YMMV for Sun's LDAP. Typically these were developers, but these tools are both pretty easy to learn sufficiently for managing users.

jtimberman
  • 7,587
  • 2
  • 34
  • 42
  • Thanks for the suggestions, I've looked at those before but they still let too much of the LDAP directory layout leak through to the Help Desk users. Good for our Admins though. – douglasj Jul 01 '09 at 02:21
1

Well, I was looking for a good Windows client to do some general LDAP queries and operations (when the raw power of ldapsearch on Unix environments was a chore). I stumbled upon Apache Directory Studio. Now, it is cross-platform, since it uses the very powerful Eclipse IDE framework as the base. Now granted, Windows or otherwise, it can be kind of crufty. However, it allows you to save a lot of settings for quick lookup. My personal favorite, it will save your different queries, for quick access to certain groups of users with similar attributes. Since it is a simple GUI app, this could easily reduce the LDAP complexities of Help Desk types. However, I have not used it extensively, only when it tickles my fancy. I guess others will chime in shortly.

songei2f
  • 1,934
  • 1
  • 20
  • 30