Trying to set up a headless LDAP server on a linux virtual machine (vmware). Small scope, but needs to be reliable and easy to use. Strong preference for simplicity over features, command-line over gui.
What are some of the good options?
Also need some sort of client / manager utility for it so I can log in remotely, view the contents of the directory, and make changes as necessary. Web based is fine, but a standalone windows client would be ideal.
I've tried to set this up a few times, always got hung up somewhere along the way. Can someone point me in the right direction?
OpenLDAP for the server. It is pretty much the standard. I have used it as a replacement for Active Directory for User/Computer domain authentication.
For a GUI, I prefer a cross-platform client. I use various OSes. I used to use LDAP Browser (Java) but it was hosted at a University page and is no longer available.
JXplorer is an option for a GUI. It is also in JAVA. You can also use LDAP Admin
If you need documentation, there are several documents out on the web that describe step by step. I highly recommend finding one for your specific OS distribution.
I also recommend reading the "LDAP Linux HOWTO" from tldp
Another option exists for both server and client: Apache Directory (http://directory.apache.org). They also have an Eclipse RCP based browser/editor which seems very, very nice.
A good LDAP option is OpenLDAP, there is plenty of information out there on setting this up. As far as a client/manager I would recommend a web based one named phpLDAPadmin (PLA) and a desktop client that works well in windows would probably be one offered by Softerra. I typically use either a linux or unix client by the name of ldapbrowser (lbe).
If you want something with a client, you might want to consider Fedora or Centos directory server, which is called 389 directory server now. It has everything you want, even - iirc - a Windows standalone console client.
OpenLdap + Apache Directory Studio for management
OpenLDAP may be the most prevalent, but there are alternatives which may be better. OpenDS, for example, supports many LDAP standard items which OpenLDAP does not (DIT structure rules not being supported by OpenLDAP is significant). OpenLDAP must be compiled, OpenDS does not. In my recent testing (May) on 4-core Xeons, OpenLDAP is faster than OpenDS by about 1.6% in indexed, single filter component searches - where OpenLDAP had all logging de-activated, and OpenDS had logging turned on. 1.6% increase in performance at the cost of no logging is far too small an increase for far too high a price.
OpenDS is also easier to maintain, being a single download, one-click affair, whereas OpenLDAP must be compiled. Of course, Windows is the most prevalent OS, but there is no need to use that, either. Use OpenDS from http://opends.dev.java.net
OpenLDAP is your friend.
OpenDS. Free software, 100% Java so completely cross-platform ,and supports the latest schemas.
www.opends.org
The install wizard (either command line or GUI) is very simple and will set things up with sample entries if wanted.
As for a management client, I second JXplorer.
I'd say openldap for quick to set up and fairly simple. As for GUI I like GQ, though I usually use the command line. ldapvi is good to. That brings up the results as an ldif in a vi like editor (it might even be vi) and can save edits back to the directory.
Apache Directory Studio provides a simple, built-in server as well as LDAP client. The software is java based and runs on Linux and Windows. The software is maintained by the Apache project and carries the Apache license.
http://directory.apache.org/studio