Modify data in an LDAP directory

LDAP is perhaps one of the largest growing database technologies available for Linux due to its speed and its read-often, write-little design. LDAP is more of a directory than a database—meant to contain data that doesn't change often. Its primary uses are for address books, configuration data, and user authentication. Often, LDAP data is created and left alone with little need for modification.

However, sometimes data that changes little does in fact change. On Linux, the most popular LDAP server is OpenLDAP and it provides command-line tools to add, delete, query, and manipulate the LDAP database. However, it is far from user-friendly, and there are other tools that work much easier. One such tool is the java-based ldapbrowser, available from http://www-unix.mcs.anl.gov/~gawor/ldap/download.html.

On a Linux system, you can start the program by executing:

$ sh lbe.sh

Once the program starts, select the Quick Connect tab or else create a new Session. If you wish to just browse the directory, leave the Anonymous Bind section checked; otherwise uncheck it, and provide the user information to log in. You'll need to fill in the host field and either supply the base DN or have ldapbrowser fetch them for you.

Once you've connected, you can view the LDAP directory via a tree-mode browser. This browser will, depending on the credentials you supplied when creating the session, allow you to view the entire contents of the LDAP directory tree. Selecting an item in the tree view will allow you to view the contents of it in the right-hand pane. Here, if you double-click on an entry, you will be able to modify that entry's contents.

For instance, if you wanted to change a user's login shell, you would select (most likely) the ou=People node, and then the uid=user node, for the user you wish to modify. When the details of the user show up in the right-hand pane, double-click the loginShell entry and change the value of the shell. From that point forward, the user's login shell will be changed.