LDapper 4.0.2 - by Carl W. Bell|
Copyright © 1997-2018 Baylor University.
Disclaimer: Although LDapper seems to work fine, it is distributed "as is". Use at your own risk.
The latest version of LDapper can be found here.
LDapper is an LDAP (Lightweight Directory Access Protocol) client. You can use LDapper to search an LDAP server for entries matching specified criteria. You can also browse an LDAP server hierarchically.
Unlike older versions of LDapper which used the LDAP framework (or OpenLDAP libraries) directly, this version is really a "wrapper" around the built-in LDAP utility ldapsearch included with Mac OS X. You can think of LDapper as a GUI "front-end" to ldapsearch. Many of the options and preferences you specify simply modify the command line arguments to the ldapsearch command.
Note: When LDapper was originally developed, the intent was to add LDAP functionality to email programs that didn't support LDAP directly. Because of this, LDapper was designed around searching for email addresses, although it could be used for more general searches. These days, email applications typically support LDAP already. In this version of LDapper, the emphasis is on general searching rather than email addresses. Many features (e.g., mailto:, exporting email addresses, etc.) have been removed.
Choose the "File→New Search Window" menu command to open a new Search Window with default settings. You will need to have set up at least one directory in Preferences before you can do a search.
You can change several of the settings (e.g., the directory and search criteria) before doing a search. You can have up to 4 criteria for searching. Click the (+) and (-) buttons to add and remove criteria. When searching, LDapper will find entries that match ALL criteria (i.e., AND, not OR).
For each criterion, choose which attribute you want to search for. LDapper includes all of the basic attributes in the popup menu but you can also choose "Other..." to search for another, "non-basic", attribute. Next, choose the type of search (is, is similar to, contains, starts with, ends with, exists, is missing) and enter some text in the search field.
After you have specified the search criteria, click the Search button or choose the "LDAP→Search" menu command.
If required, you will be prompted for a password. If your password is stored in your keychain but you don't want to use it for some reason, or if you need to specify/change your identification, press the Option key while starting a search and you will be prompted to enter a password. You can choose to save the new password in your keychain.
When searching, LDapper will build the ldapsearch command using the options you specify and then run ldapsearch. It will parse any output from the ldapsearch command and add the entries returned to the Entry List. If you select one or more entries in the Entry List, their information (i.e., returned attribute and their values) will appear in the Details Text at the bottom of the window. LDapper can also save the all of the output from the ldapsearch command. You can switch between the Details Text and the Command Output Text by clicking on the "Details/Output" buttons. LDapper adds the actual ldapsearch command and its arguments at the top of the Command Output Text. You should be able to copy the command and paste it in Terminal to run the ldapsearch command directly. If you just want to get the command but not actually perform a search, press the Control key while starting a search. Also, any error text (i.e., stderr) will appear below the output.
When you first open a Search Window, LDapper adds columns to the Entry List for specific attributes. After you perform a search, LDapper can add any newly discovered attributes returned from the server and add columns for those attributes. Depending on your Preferences settings, columns for some returned attributes may not be shown after a search. Right-click (or control-click) in the Entry List header to view a popup menu where you can show/hide various columns.
Images and binary values cannot be displayed in the Entry List. Instead, you will see "(exists)" if that entry has a value. If an entry has multiple values for some attribute, you will see "(multiple values)". Move the cursor over that text to get a tooltip that displays the values. Images, binary values, and attributes with multiple values can all be found in the Details Text.
Choose the "File→Export Entries..." menu command to export the results of all or selected entries in the Entry List.
To save the information displayed in the Details Text, export as Plain Text (.txt) or Rich Text Format (.rtf). If any of the entries to be exported contain images, you can save as Rich Text Format with Attachments (.rtfd) to include the photos in the file. Note that an exported photo may be resized so that the maximum height or width is 256 pixels so it may be smaller that the actual image in the directory. You can also drag individual images from the Details text and LDapper will create jpeg files.
You can also export the entries in tabular format by exporting as Tab Delimited or Comma Separated Values. LDapper will export all columns, displayed or not, or you can specify that only visible columns be exported. There is also an option to export all of the attribute names as the first row of the file. You can also export the contents of the Command Output Text. This is always exported as plain text.
You can Copy the selected entries to place them (in tab delimited format) on the Mac Clipboard. This will only copy visible columns. Hold down the Option key before you Copy to include the attribute names as the first row. You can also drag and drop selected entries from the Entry List. And finally, if you double-click a value, you can copy its text directly. (You cannot modify it.)
When printing, click the "Show Details" button in the Print Window and you will see a popup button that allows you to select what to print - Details (Selected), Details (All), or Command Output. If you select "Print Summary Information" LDapper will include information about the search at the top of the first page. You can also modify the margins here.
Choose the "File→New Browse Window" menu command to open a new Browse Window. This will allow you to browse an LDAP server hierarchically, starting with the directory's Search Base. Click the small triangle to the left of an entry to expand it. This will display all of the entries one "level" down. Click the small triangle again to collapse the list. Selecting an entry will display its attributes and values in the Details Text below the list. LDapper only fetches an entry's information from the server when you actually select it. Unlike a Search Window, you cannot copy (or drag and drop) individual entries from the list but you can still export entries (and Command Output) to a file.
LDapper will remember the last search and use its criteria when you open a new search window.
LDapper also allows you to save searches, similar to a web browser's bookmarks. To view them, choose the "Window→Saved Searches" menu command. You can add, modify, and delete searches from this window. To save the criteria in an active Search Window, choose the "LDAP→Saved Searches→Save Current Search" menu command. You can reorder the saved searches by dragging them.
Each saved search has a name which appears in the Saved Searches menu. Choosing a saved search from that menu will apply that search's criteria to the Search Window, or if there isn't one, open a new Search Window with that search. You can also drag a saved search to a Search Window to use it (or click the "Use Selected Search" button.)
You will need to set up at least one directory before you can do a search. To add a directory, click the add [+] button below the Directories list. If you hold down the option key while clicking the add button, a copy of the selected directory will be added. Click the delete [-] or edit [pencil] buttons to delete or edit directories. You can rearrange the directories in the list by dragging them. This will affect the order that they appear in a Search/Browse window's directory menu.
There may be times when you need to copy directory settings to another Mac. Rather than reentering all of the settings manually, you can export all or selected directories to a file. This will be a property list (.plist) file which may be (carefully) edited if necessary. You can then import that file on a different Mac.
When editing a directory you can specify the directory's name (which can be whatever you want, but must be unique), the LDAP server's URI (e.g.,"ldap://ldap.example.com/"), and an optional (but sometimes not so optional) search base. You can specify a TCP port if it is different from the normal LDAP port (389) by adding a ":port#" to the end of the URI. Although LDAP URIs can contain many things, LDapper only uses the server and port. If your directory supports StartTLS, you can have LDapper request (or require) TLS. By default, LDapper assumes that an LDAP server is an LDAPv3 server but you can tell it that your server is LDAPv2 if necessary.
Searching a directory may require authentication. While editing the directory, click the "Authentication" tab. LDapper supports several authentication methods:
Most users will probably use "Simple - With Password". LDapper can store the directory's password in the Mac OS X keychain so you won't be required to enter it every time you search. If the password stored in your keychain gets out of sync with the password on the server (e.g., you changed your password), press the Option key when searching and LDapper will ignore the keychain and prompt you for the password. You will be able to save the new (and correct) password in your keychain. LDapper can also run the ldapwhoami command that you can use to test your authentication/authorization credentials.
In LDapper, there are three different types of LDAP attributes: normal, image, and binary. Most attributes are normal and contain simple, text values. Image attributes contain, unsurprisingly, base64 encoded images as their values. Binary attributes contain base64 encoded non-text values. Image (and binary) values cannot be displayed in a Search Window's entry list but will be included in the Details text. Also, you cannot search for image or binary attributes other than for their existence (or lack thereof).
There are many default attributes that LDapper already knows about. You can also add your own custom attributes. Each attribute has several properties - the attribute's name ("sn"), its "friendly name" ("Last Name"), and its type (normal, image, or binary). Some attributes are considered "basic" attributes and are included in a Search Window's popup menus, etc. Some attributes are automatically shown as columns a Search Window's entry list.
When searching, LDapper can automatically add any returned attributes to your custom attributes. It can also automatically display those attributes in columns. Note that if an attribute is not in the list, it cannot be displayed in a column, although it will still appear in the Details text.
You can modify several options to use when performing a search:
If you have any questions, comments, (constructive) criticism, or bug reports, you can contact me at the address(es) below.
Carl Bell's Web Page
Stuff I've Written
Carl W. Bell
Academic and Research Computing Services
Baylor University Electronic Library
One Bear Place #97148
Waco, TX 76798
This software, data and/or documentation contain trade secrets and confidential
information which are proprietary to Baylor University. Their use or disclosure
in whole or in part without the express written permission of Baylor University
This software, data and/or documentation are also unpublished works protected
under the copyright laws of the United States of America. If these works become
published, the following notice shall apply:
Copyright © 1997-2018 Baylor University
All Rights Reserved
The name of Baylor University may not be used to endorse or promote products
derived from this software without specific prior written permission. THIS
SOFTWARE, DATA AND/OR DOCUMENTATION ARE PROVIDED "AS IS" AND WITHOUT
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
When permission has been granted to make copies of this software, data and/or
documentation, the above notices must be retained on all copies.
Permission is hereby granted for non-commercial use and distribution of LDapper