Description of Problem: No decent *user* admin tools for LDAP. OpenLDAP itself is great, but ldapadd and LDIF files get old quickly. We need a management tool for users/groups/passwords in LDAP. Please consider adding Directory Administrator ( http://diradmin.open-it.org/ )to the next version of Red Hat Linux. It is very useful, and make LDAP user administration practical. Joshua Jensen
Ok... maybe for the _next_ release of RHL. :-)
gq IS a decent tool :)
I disagree... GQ isn't that great. But I would take gq over nothing, certainly. However, I would take Directory Administrator over gq.
GQ is also gone since RHL 8.0 (packaging it myself now...). But GQ has other purposes than user admin, IMHO.
It would also be nice to have good LDAP query tools as an LDAP client without having to install OpenLDAP server. As an LDAP client, I would like to be able to search an LDAP directory hosted elsewhere in my network when I am troubleshooting problems such as user access, automount table lookup failures, etc.
Yes. As a sysadmin I would love to have a decent LDAP-client installed to my workstation without needing the actual LDAP server stuff. No comment what the ideal LDAP client would be, I've only been using the console stuff and GQ and don't have real experience about all the other LDAP clients, but please choose wisely... :-)
RedHat/Fedora should change from using the shadow utils package for user management to using libuser. That way you can have pluggable backends and administer shadow/passwd and LDAP repositories with the same set of commands. Not that I've ever gotten round to setting this up myself... ;)
And I just noticed that Nalin is the Author of libuser.
Hello? Ping!!
Thoughts? Comments?
Does anyone have experience with Luma (luma.sourceforge.net)? It looks very promising, and it is developed in Python (like system-config-*) and PyQt (unlike anything by Red Hat). The LDAP browser interface is far better than Directory Administrator or anything else I have tried. Luma has a 'massive user creation' function, which I'd certainly find useful. Unfortunately the Luma versions I have tried did not work too well with the schemas on an oldish OpenLDAP server, so I was unable to create users. I realize that PyQt may not be acceptable to Red Hat / Fedora in a component like this. Anyway, it would be nice to see a Luma RPM for Fedora, because the program is a bit of a pain to install otherwise.
Please channel your problems with luma to the luma mailinglists at sourceforge.net. DirectoryAdministrator does not apply LDAPv3 if I remember correctly, while at least Luma and possibly GQ does this. Luma 1.5 will be released next week, with a good set of improvements. Luma 1.4 rebuild mandrake rpm works on fedora - I've been told. Maybe the Fedora-team can use the efforts put into building this rpm from Mandrake?
Nils, this could be quite easy to do now. You can just generate an alternate libuser config file (with modules == create modules == ldap) and run s-c-users as usual. Designing an intuitive GUI for the config file creation looks like the hardest part.
There is phpldapadmin package (http://phpldapadmin.sourceforge.net). We use it more than a year, it seems to be very useful! Phpldapadmin over php over httpd sits at the same host where openldap runs. Admins use the favourite browsers to do things... :-) We have made an rpm (with some addons). Mail me directly if it is interesting to someone.
I am trying to add phpldapadmin for Fedora Extra, see bug #168210
phpldapadmin is part of Fedora Extras for some time.