Monday, December 14, 2009

How much do you rely on the TDS Web Admin Tool?

I usually setup TDS as an enterprise LDAP, but usually as part of a larger security initiative such as Identity and Access Management. Since LDAP is the underlying user registry for ITIM and ITAM we typically do not use the TDS Web Admin tool for much more than some initial setup and configuration of the LDAP. Beyond that ITIM and ITAM have their own management tools.

But, if your goals for LDAP were simpler and you are not implementing an Identity Management solution, well you are limited to a few different tools to manage your LDAP directory:

Command Line tools such as ldapsearch, ldapadd, idsldapsearch, idsldapadd, etc....
TDS Web Admin Tool (GUI)
3rd Party tools such as Softerra's LDAP Administrator

Those who are new to LDAP in general and do not prefer to use command line tools, naturally gravitate to the TDS Web Admin Tool. In general its a pretty good tool and in TDS 6.2 it is much better than 6.0 for tasks such as setting up replication, but its still a bit buggy.

For example I ran into a problem recently where we had a boolean attribute configured as a mandatory attribute for our objectclass. Using TDS Web Admin Tool to create a new user entry results in an objectclass violation. Meanwhile using idsldapadd works just fine. It turned out to be a legitimate bug with a fix on the way, but there are other quirky issues with this tool.

Another problem I noticed in one case I have 5000 entries populated in the LDAP. If I navigate through the directory tree I can see the entries listed, but if I click on an entry it should open up the edit screen for that entry. Instead it does nothing at all. Yet, if I use the directory search tools in TDS Web Admin GUI I can find a specific entry and then click on the entry which correctly opens the edit screen for that same entry. Weird.

Another issue which I would consider a bug and I don't know if IBM will ever address this:

If I customize the LDAP Schema by using custom schema files I.e. V3.myschema.oc and V3.myschema.at, the Web Admin Tool does not acknowledge this and continues to drop stuff in V3.modifiedschema instead. TDS supports creating custom schema files by allowing you to reference the custom files in ibmslapd.conf. This is one way of keeping your custom schema organized neatly. In fact if you keep all of your custom attributes and classes in order by OID (assuming you are using a legitimately registered OID) then it makes it easy to know what OID to use next for any new attributes or classes. Also, if you have replicas, schema updates to the replicas is a simple matter of copying your updates schema files over to the replicas and restarting them.

Anyhow, most folks managing LDAP servers seem to prefer using 3rd Party tools if they need a good GUI style interface, but it would be nice if the Web Admin Tool was a little less buggy.

5 comments:

Deepak said...

We are using TAM for eBusiness and I had a question related to it.

Can you please tell me if I need to create user in both TAM and TDS to be able to use TAM ? Can I just live by creating user in just one place i.e. TAM.

Anonymous said...

ASHLEE SIMPSON NUDE
[url=http://www.projectopus.com/user/58029]ASHLEE SIMPSON NUDE[/url]
ASHLEE SIMPSON NUDE
[url= http://www.projectopus.com/user/58029 ] ASHLEE SIMPSON NUDE [/url]
TARA REID NUDE
[url=http://www.projectopus.com/user/58031]TARA REID NUDE[/url]
TARA REID NUDE
[url= http://www.projectopus.com/user/58031 ] TARA REID NUDE [/url]
ROSARIO DAWSON NUDE
[url=http://www.projectopus.com/user/58033]ROSARIO DAWSON NUDE[/url]
ROSARIO DAWSON NUDE
[url= http://www.projectopus.com/user/58033 ] ROSARIO DAWSON NUDE [/url]
MICHELLE WILLIAMS NUDE
[url=http://www.projectopus.com/user/58035]MICHELLE WILLIAMS NUDE[/url]
MICHELLE WILLIAMS NUDE
[url= http://www.projectopus.com/user/58035 ] MICHELLE WILLIAMS NUDE [/url]
DREW BARRYMORE NUDE
[url=http://www.projectopus.com/user/58037]DREW BARRYMORE NUDE[/url]
DREW BARRYMORE NUDE
[url= http://www.projectopus.com/user/58037 ] DREW BARRYMORE NUDE [/url]

Anonymous said...

ZAC EFRON NUDE
[url=http://videoexclg26.vidiLife.com]ZAC EFRON NUDE[/url]
ZAC EFRON NUDE
[url= http://videoexclg26.vidiLife.com ] ZAC EFRON NUDE [/url]
MILEY CYRUS PORN
[url=http://videoexclg27.vidiLife.com]MILEY CYRUS PORN[/url]
MILEY CYRUS PORN
[url= http://videoexclg27.vidiLife.com ] MILEY CYRUS PORN [/url]
LISA SIMPSON PORN
[url=http://videoexclg28.vidiLife.com]LISA SIMPSON PORN[/url]
LISA SIMPSON PORN
[url= http://videoexclg28.vidiLife.com ] LISA SIMPSON PORN [/url]
OLIVIA MUNN NUDE
[url=http://videoexclg29.vidiLife.com]OLIVIA MUNN NUDE[/url]
OLIVIA MUNN NUDE
[url= http://videoexclg29.vidiLife.com ] OLIVIA MUNN NUDE [/url]
GALLERY OF LINDSAY LOHAN
[url=http://videoexclg30.vidiLife.com]GALLERY OF LINDSAY LOHAN[/url]
GALLERY OF LINDSAY LOHAN
[url= http://videoexclg30.vidiLife.com ] GALLERY OF LINDSAY LOHAN [/url]

Anonymous said...

BRAD PITT NUDE
[url=http://videoexclg46.vidiLife.com]BRAD PITT NUDE[/url]
BRAD PITT NUDE
[url= http://videoexclg46.vidiLife.com ] BRAD PITT NUDE [/url]
LUCY PINDER NUDE
[url=http://videoexclg47.vidiLife.com]LUCY PINDER NUDE[/url]
LUCY PINDER NUDE
[url= http://videoexclg47.vidiLife.com ] LUCY PINDER NUDE [/url]
LAURA PREPON NUDE
[url=http://videoexclg48.vidiLife.com]LAURA PREPON NUDE[/url]
LAURA PREPON NUDE
[url= http://videoexclg48.vidiLife.com ] LAURA PREPON NUDE [/url]
LIV TYLER NUDE
[url=http://videoexclg49.vidiLife.com]LIV TYLER NUDE[/url]
LIV TYLER NUDE
[url= http://videoexclg49.vidiLife.com ] LIV TYLER NUDE [/url]
EVA LONGORIA NAKED
[url=http://videoexclg50.vidiLife.com]EVA LONGORIA NAKED[/url]
EVA LONGORIA NAKED
[url= http://videoexclg50.vidiLife.com ] EVA LONGORIA NAKED [/url]

Super Bowl Commercials 2012 said...

Thanks for sharing your info. I really appreciate your efforts and I will be waiting for your further write ups thanks once again.