Most active commenters
  • woumn(9)

Show HN: Moribito – A TUI for LDAP Viewing/Queries

(github.com)
103 points woumn | 25 comments | 02 Sep 25 13:10 UTC | HN request time: 1.272s | source | bottom

Check out my TUI I wrote for viewing and querying an LDAP. I need to do basic queries and validation daily for work, and as I work on a mac, there are really no good options. The major player is the Apache Directory Studio which is... not great. So I decided to create a new one.
1. jcims ◴[02 Sep 25 14:22 UTC] No.45103519[source]
Miss my days tinkering with LDAP. This looks great, thanks!
replies(1): >>45106197 #
2. zephyreon ◴[02 Sep 25 14:25 UTC] No.45103551[source]
As someone that spends an inordinate amount of time in LDAP for work, it warms my heart to see this project. Will definitely try it out!
replies(1): >>45103559 #
3. zephyreon ◴[02 Sep 25 14:26 UTC] No.45103559[source]
Apache Directory Studio is extremely cumbersome / heavy so this is much appreciated.
replies(2): >>45103766 #>>45104524 #
4. mbreese ◴[02 Sep 25 14:42 UTC] No.45103766{3}[source]
That was what I immediately was thinking about. I wish I had had a tool like this when admining an LDAP server for a compute cluster. This would have made my life much easier, as opposed to using Apache Directory Studio through SSH tunnels.

I’m glad this tool exists.

5. dionian ◴[02 Sep 25 14:59 UTC] No.45103988[source]
We need more TUIs! Love it!
replies(2): >>45104037 #>>45104318 #
6. woumn ◴[02 Sep 25 15:04 UTC] No.45104037[source]
Thank you!
7. joelp ◴[02 Sep 25 15:26 UTC] No.45104318[source]
The OP should post this on terminal trove [0]

There are lots of TUIs there.

[0] https://terminaltrove.com/

replies(2): >>45104488 #>>45105107 #
8. majkinetor ◴[02 Sep 25 15:29 UTC] No.45104366[source]
This is epic, especially as it is repository friendly. Thank you.
replies(1): >>45104485 #
9. woumn ◴[02 Sep 25 15:37 UTC] No.45104485[source]
You're very welcome!
replies(1): >>45105167 #
10. woumn ◴[02 Sep 25 15:37 UTC] No.45104488{3}[source]
Will do!
11. woumn ◴[02 Sep 25 15:38 UTC] No.45104524{3}[source]
I hate it so much. And it barely works with newer macs.
12. 7y3g3g2h2u28 ◴[02 Sep 25 15:40 UTC] No.45104543[source]
176 276 123
13. throw0101a ◴[02 Sep 25 15:44 UTC] No.45104620[source]
Is it possible to view/edit the "cn=config" tree of OpenLDAP to make configuration changes with this?

I often do

    ldapvi -h ldapi:/// -Y EXTERNAL -b 'cn=config'
and another tool could be useful.
replies(1): >>45105726 #
14. victor106 ◴[02 Sep 25 15:51 UTC] No.45104723[source]
Does this work with AD?
replies(1): >>45105702 #
15. dionian ◴[02 Sep 25 16:17 UTC] No.45105107{3}[source]
Nice, thanks for the link. Right up my alley
16. majkinetor ◴[02 Sep 25 16:21 UTC] No.45105167{3}[source]
Tested it now somewhat. Some points so far:

1. Installation script doesn't work on Windows. Exit 1 is particularly problematic as it kills the current shell

2. No search on current page vim style (/) or full page up/down J/K

3. On Query page j works but k somewhat scrambless the page in Windows terminal

Not sure how seriously you want to support Windows, I could rise tickets on Github

replies(1): >>45105696 #
17. woumn ◴[02 Sep 25 16:52 UTC] No.45105696{4}[source]
I don't have a way to debug windows, so atm it's kind wysiwyg.

#2 is a great idea. open a ticket if you'd like.

18. woumn ◴[02 Sep 25 16:52 UTC] No.45105702[source]
Haven't tested, but i think it should. it's using Go's LDAP library in the background
19. woumn ◴[02 Sep 25 16:54 UTC] No.45105726[source]
It would be possible, but I don't have a good ldap server to test on, especially one I can modify config changes. If you'd like to contribute to the repo, adding a test ldap server that can be used for development would enable a lot more features.
replies(2): >>45107741 #>>45115048 #
20. oaiey ◴[02 Sep 25 17:25 UTC] No.45106197[source]
Me too. I also believe that LDAP and directory services are overlooked today
21. johntash ◴[02 Sep 25 17:28 UTC] No.45106250[source]
As someone else who has to do a lot of work with LDAP, thank you!

You might want to consider adding a LICENSE file to the repo. That's the first place I looked before noticing it at the bottom of the readme.

replies(1): >>45108080 #
22. bravetraveler ◴[02 Sep 25 19:18 UTC] No.45107741{3}[source]
May find this worth a whirl, hosted instance: https://www.freeipa.org/page/Demo

Verified the services respond/credentials work [through the UI, my ldapsearch-fu is weak] :)

23. woumn ◴[02 Sep 25 19:43 UTC] No.45108080[source]
I am thinking you opened an issue. Thank you! I added one.
24. throw0101a ◴[03 Sep 25 12:44 UTC] No.45115048{3}[source]
If you have a Debian or Ubuntu system available, installing the `slapd` package (OpenLDAP) would be sufficient to get something on localhost or ldapi:///. RH-based systems have openldap* packages.

You don't really have to do much more than that for the purpose of testing this (no creating of accounts, groups, sub-trees, etc).

Perhaps at most go to the stanza/paragraph that defines "olcDbIndex" values, add a new one, and see if a new index file is created in "olcDbDirectory" (often /var/lib/ldap):

* https://www.zytrax.com/books/ldap/apa/indeces.html

* https://warlord0blog.wordpress.com/2020/10/19/ldap-indexes/