OpenSSO and ldapvi

WARNING - guru level information in this blog entry. Don't try ANY of this unless you're CERTAIN you know what you're doing. Editing OpenSSO's configuration directly can easily lead to an unusable deployment. You have been warned!

The Suretec guys blogged about ldapvi the other day, which prompted me to deploy ldapvi and point it at OpenSSO's embedded OpenDS instance.

Deploying ldapvi on a Mac is very simple, thanks to MacPorts. Just do

sudo port install ldapvi

Now you can point it at your OpenSSO deployment like so:

ldapvi -d --host ldap://localhost:50389 -D "cn=Directory Manager" -w password

I get a screen like this:

One neat feature is that ldapvi transparently deals with the base64 encoded XML data in the directory - you can see it if you search for sunKeyValue:;

Now you can do some serious configuration hacking, especially with vi's global search and replace! But remember, with great power comes great responsibility. Backup your configuration before you try anything, and restart OpenSSO after any change you make in the directory. OpenSSO caches its configuration, and it won't notice changes you make 'under the covers'.

Comments:

Post a Comment:
Comments are closed for this entry.
About

superpat

Search

Archives
« April 2014
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today