LDAP Migration and Testing Tool - Help


Contents


Installation

Top

Installation of the program is fairly simple. It should have come as a "zip" file called LDAPTool_1_1.zip. Use a tool such as WinZip to extract the files. The archive can also be extracted using the java jar command: "jar xvf LDAPTool_1_1.zip". All of the necessary files will be extracted to a directory called "LDAPTool_1_1" immediately below the current directory.


Configuration

Top

LDAPTool is configured using the file "tool.properties". It must be named tool.properties and be in the same directory as LDAPTool.jar. At this time, the configuration items available are:


Startup

Top

To start the program, execute the file run.bat (Windows) or run.sh (unix/linux). The program requires that a java virtual machine version 1.3 or greater be installed. Java must be installed so that it can be run by typing "java" at a command prompt. Below is a screen shot of the program after startup but before connection to a directory server.

The application consists of three main display frames:


File Menu

Top

The File Menu has items for creating a new connection, connecting using an existing connection profile, disconnecting from a server, and a quit item.


New Connection Dialog

Top

By selecting the New Connection item from the File Menu, a new connection profile may be created. The following data is requested:

Note: Username and password are not required if the directory server is configured for anonymous access, however functions requiring administrative access will fail if connected anonymously.


Connect to Server Dialog

Top

Once a connection to a server has been successful, the connection information (with the exception of the user's password) is saved to the "connections" file. These profiles are available through the Connect to Server menu item on the File Menu. This is the same dialog as the New Connection, however the connection information (except password) is already filled in.


Disconnect from Server

Top

The Disconnect from Server menu option in the File Menu ends the current session with the directory server and closes the connection. The tree and detail display areas are cleared.


Quit

Top

The Quit menu item from the File Menu quits the application. If the application is currently connected to a directory server, the connection is closed.


Edit Menu

Top

The Edit Menu is the standard edit menu allowing Copy, Cut and Paste of text. It does not function on directory objects.


Search Menu

Top

Once a connection to a directory server has been established, the Search Menu is added to the menu bar. The Search Menu has items for performing an LDAP Search, Find Aliases, Find Group References, Find Bad References, and Refresh Directory Tree.


LDAP Search

Top

The LDAP Search menu item allows the user to search for an object based on the value of one or more attributes. The form of the search string is as specified in RFC 2254: The String Representation of LDAP Search Filters. The initial dialog for entry of search criteria is below.

Once search criteria have been submitted, a listing of all matching objects is displayed for user selection. Entries from this list can be Viewed, or Edited and one or more selections can be Printed or Deleted by using the CTRL or SHIFT keys to select. An example of this dialog is below.


Find Aliases

Top

The Find Aliases menu item allows the user to search for aliases of an object in the directory tree. The search string defaults to the entry currently selected in the directory tree. Here is the search string entry dialog:

Case and whitespace are significant when performing this search. The results dialog for this function is the same as for the LDAP Search function.


Find Group References

Top

The Find Group References menu item allows the user to search for references to the distinguished name of an object in the member, and uniquemember attributes of other objects in the directory tree. The search string defaults to the entry currently selected in the directory tree. Here is the search string entry dialog:

Case and whitespace are significant when performing this search. The results dialog for this function is the same as for the LDAP Search function.


Find Bad References

Top

The Find Bad References menu item allows the user to search the aliases, member, and uniquemember attributes of objects in the directory tree for references to the distinguished name of objects which do not exist. The branch of the directory to search defaults to the entry currently selected in the directory tree. Here is the dialog:

Case and whitespace are significant when performing this search. The results dialog for this function is the same as for the LDAP Search function.


Refresh Directory Tree

Top

The Refresh Directory Tree menu item allows the user to re-read the entire directory tree from the server and re-build the navigation tree.


Object Menu

Top

Once a connection to a directory server has been established, the Object Menu is added to the menu bar. This menu has items for Add, Edit, Delete, Delete Aliases, Delete Group References, Delete Bad References, Rename and Change Password functions on objects in the directory.


Add Sub-Menu

Top

The Add Sub-Menu of the Object Menu provides items for the addition of User, Group, Organizational Unit, and Alias objects as well as an item to add other objects supported by the directory server. For each type of add except Aliases, the object to be added is positioned under the currently selected entry in the directory tree display. Aliases are positioned according to the distinguished name of the alias.


Add User

Top

The Add User menu item pulls up a dialog with the required and some standard optional attributes for the addition of an "inetOrgPerson" directory object. Required attributes are marked with an asterisk. The attributes are:


Add Group

Top

The Add Group menu item pulls up a dialog with the required and some standard optional attributes for the addition of a "groupOfUniqueNames" directory object. Required attributes are marked with an asterisk. The attributes are:


Add Organizational Unit

Top

The Add Organizational Unit menu item pulls up a dialog with the required and some standard optional attributes for the addition of an "organizationalUnit" directory object. Required attributes are marked with an asterisk. The attributes are:


Add Object

Top

The Add Object menu item first brings up a dialog showing the list of objects supported by the directory server which are of type "STRUCTURAL". The user is then asked to select an object to create. Below is a screen shot of the object type dialog.

Once an object type is selected, the user is asked for the name of the object. This is not the full distinguished name, but only the leaf name.

Once the name is entered, a dialog with all of the required and optional attributes for the object is displayed. Required attributes are marked with an asterisk. Multiple values can be assigned to attributes which support them by separating each value with a dollar sign "$".
Below is a screen shot of an add account object dialog.


Add Alias

Top

The Add Alias menu item allows the user to create an alias to the currently selected entry in the directory tree. The user is asked to enter an alias to the entry.

Note: The distinguished name of the alias must be appropriate for the type of object being aliased.

The alias entry is then added to the directory tree according to the distinguished name of the alias.


Edit Object

Top

The Edit Object menu item allows the user to edit objects in the directory. The entry currently selected in the directory tree display is the object to be edited. The Edit Object dialog allows the user to edit any supported required or optional attributes of the object with the following exceptions:

Multiple values can be assigned to attributes which support them by separating each value with a dollar sign "$".
Below is an example screen shot.


Delete Object

Top

The Delete Object menu item removes the entry currently selected in the directory tree display. The delete is permanent with no undo possible. The following confirmation dialog is diplayed before deletion allowing the user to cancel.

If the object has children, the following dialog is displayed.

If the OK button is clicked, the current object and all it's children are permanently deleted. After deleting the entry, the user is given the option of deleting references to the object, such as group memberships.

References to the object are searched for and displayed in a selection dialog. Multiple selections can be made using the SHIFT and CTRL keys.

After the references have been deleted, a report showing which entries had references deleted is displayed which can be saved to a file or printed. Note: Some directory servers require groups to contain at least one member. If deleting the reference would violate this requirement, the reference will not be deleted.


Delete Aliases

Top

The Delete Aliases item alows the user to delete aliases for an entry. A dialog is displayed asking the user to enter the distinguished name to find aliases for, it defaults to the node currently selected in the directory tree.

Once the distinguished name has been entered, aliases for the object are searched for and displayed in a selection dialog. Multiple selections can be made using the SHIFT and CTRL keys.

After the aliases have been deleted, a report showing which aliases were deleted is displayed which can be saved to a file or printed.


Delete Group References

Top

The Delete Group References item alows the user to delete group memberships for an entry. A dialog is displayed asking the user to enter the distinguished name to find group references to, it defaults to the node currently selected in the directory tree.

Once the distinguished name has been entered, references to the object are searched for and displayed in a selection dialog. Multiple selections can be made using the SHIFT and CTRL keys.

After the references have been deleted, a report showing which entries had references deleted is displayed which can be saved to a file or printed.

Note: Some directory servers require groups to contain at least one member. If deleting the reference would violate this requirement, the reference will not be deleted.


Delete Bad References

Top

The Delete Bad References menu item allows the user to search the directory tree for alias or group memberships which reference objects which do not exist in the directory. When selected, a dialog is displayed asking the user to enter the distinguished name of the branch to search for bad references. It defaults to the node currently selected in the directory tree.

Once the distinguished name has been entered, the entire branch below the entry is searched for bad references which are then displayed in a selection dialog. Multiple selections can be made using the SHIFT and CTRL keys.

After the references have been deleted, a report showing which entries had references deleted is displayed which can be saved to a file or printed. Note: Some directory servers require groups to contain at least one member. If deleting the reference would violate this requirement, the reference will not be deleted.


Rename Object

Top

The Rename Object menu item allows the user to change the distinguished name of the entry currently selected in the directory tree. When selected, the user is prompted for the new distinguished name of the object.

Once the name has been entered, a confirmation dialog is displayed.

If the entry has children a dialog asking the user if they want to rename the object and all its children is displayed.

If the user cancels, nothing is renamed. If the user accepts, the rename process continues with the entry and all it's children. Once the entry has been renamed, the user is asked if they would like to fix any alias or group references to the renamed entry.

If the user cancels no references are changed, otherwise any alias or group references for the entry and any children are changed to the new name. Once references have been renamed, a report is produced which details the results.


Change Password for Object

Top

The Change Password for Object menu item allows the user to change the password of an object. The object class must support passwords. Here is the change password dialog.

The success or failure of the password change is reported in the change password results dialog.


Export Menu

Top

After connection to a directory server, the Export Menu is added to the menu bar. The Export Menu provides export functionality for both directory database and schema information.


Export Directory

Top

The Export Directory menu item enables the user to view/save/print the objects contained in the directory server. The export format is in the LDAP Data Interchange Format (LDIF) specified in RFC2849: The LDAP Data Interchange Format (LDIF) - Technical Specification. Below is an example of the directory export results.


Export Schema

Top

The Export Schema menu item allows the user to view/save/print the contents of the directory schema. The output format for schema information is as specified in RFC2252: Attribute Syntax Definitions and includes "objectclasses", "attributes" and "matchingrules". An example of the schema export display is below. The data for each schema attribute is shown in three of the tabs of the display, and the combined data is shown in the fourth, all of which can be saved/printed separately.


Test Menu

Top

The Test Menu is added to the menu bar when a connection to a directory server is made. The Test Menu provides the user with Performance Testing, Database and Schema Comparison functions for evaluating the state of the directory server.


Performance Tests

Top

The Performance Tests menu item of the Tests Menu allows the user to run read, create, modify, and delete tests on the directory server. Read tests are performed on the entry currently selected in the directory tree. Create, modify and delete tests are performed on test objects under the Test OU organizational unit whose default is specified in the "tool.properties" file. This organizational unit is created under the root node of the directory tree and test objects are created under that. The tests are multi-threaded to simulate multiple users, however the number of concurrent users and tests per user are limited by the amount of system memory available. By unchecking the Generate Graphs checkbox, graphs will not be generated, providing more memory and therefore supporting more test/users. The following testing parameters are set in the initial dialog:

The following screen shot shows the Performance Test parameters dialog.

Here is an example of a create test with one user in the default data format.

Here is an example of a graph of a create test. The detail data for each user is graphed in a different shade of the main color with the average shown as a thick black line.

The data and graphs can be output to file or printed. The output format for the graphs is as a jpeg image. Data is output to text files. Below is an example of a performance test graph. It has been scaled to a much smaller size to fit this page.


Compare Directory

Top

The Compare Directory menu item enables the user to compare an LDIF-formatted text file to the current directory contents. A standard java file chooser dialog is brought up so the user can select the file for comparison. Results are output as LDIF changerecords, suitable for input to automate directory changes. The results are the changes that would have to be made to the compare file to achieve the current state of the directory. Results can be saved to a text file or printed. See below for an example.


Compare Schema

Top

The Compare Schema menu item provides the ability to compare schema text files in RFC2252 format to the current schema on the directory server. Results are ouput in RFC2252 format. Due to the lack of a standardized change format for schema information, when an object has differences between the compare files and the current directory, the entire record is written to the results display. The data can be saved to a file or printed. See below for an example.


Import Menu

Top

The Import Menu is added to the menu bar when a connection to a directory server is made. The Import Menu provides the user with the Database Import function.

Import Directory

Top

The Import Directory menu item enables the user to import database objects into the directory server. When the Import Database menu item is selected, a file selection dialog is presented, allowing the user to select the file for import. The import file format is in the LDAP Data Interchange Format (LDIF). The import function supports LDIF changetype records as well as add and delete functions. Below is an example of the directory import results.


Help Menu

Top


© 1997 - 2016 Secure Internet Systems