I'm currently configuring permissions on an existing openldap server using ldapadd | ldapmodify and ldif files (created following these examples). I'm then testing using ldapsearch. All the tests I run as cn=admin are successful (not very difficult I guess since it's the built-in all mighty admin account) but I'm just unable to give special permissions to other users (though the bind works). Bottom line is, I found the management of ldap permissions being very painful.
[Q1] What tools do you use to visualize existing permissions on an LDAP server and change them as needed?
To manipulate the LDAP directory I use Apache directory studio
[Q2] What other tools to you use to manipulate the LDAP directory?
Best Answer
To visualize and administer LDAP, there are many options, here are some.
I personally use ldapsh to perform some quick ldap edits. It visualizes your ldap tree as directory structure which is easy to navigate and make edits using vim or your fav editor.