ldapsh - Open Source LDAP Shell

  _     _                 _
 | | __| | __ _ _ __  ___| |__
 | |/ _` |/ _` | '_ \/ __| '_ \
 | | (_| | (_| | |_) \__ \ | | |
 |_|\__,_|\__,_| .__/|___/_| |_|
ldapsh README (12/4/2002)


    An innovative filesystem style abstraction of an LDAP directory hierarchy combined with a client similar to a standard shell, allowing a user to easily navigate an LDAP server using a familiar interface (assuming the user has used a command line shell).


    • Edit entries with VI
    • Standard shell commands: ls, cat, cp, mkdir, rmdir
    • Readline support
    • Should work with any LDAPv3 compliant server
    • Includes C library for accessing an LDAP server
    • Developed in C for fast performance


    For information about building ldapsh, view the INSTALL file.


    This software is under development. I do not take any responsiblity for any damage to data contained on your system.


    ldapsh is released under the GNU General Public License. libldapsh is released under the GNU LGPL.


    Currently, support can be provided by the author. If you wish to help support ldapsh, please let me know, and I will start a mailing list.


    View the AUTHORS file for a list of devlopers. Actually, it's only me right now, so don't bother :). If you interested in helping with the development of ldapsh, please contact Eric Kilfoil . QUICK START

        [unixsh]$ ./configure
        [unixsh]$ make
        [unixsh]$ su -
        [unixsh]$ make install
    Create a ~/.ldapshrc containing the following lines:

            defaultuser cn=manager,dc=example,dc=net
            basedn dc=example,dc=net
    Change the values of the defaultuser to the BindDN you wish to bind as and change the base dn your server's base dn. Use a basedn of 'auto' to attempt to autodetect the base dn.

        [unixsh]$ ldapsh
        [ldapsh]$ connect localhost
        BindDN [cn=manager,dc=example,dc=net]: 
        Bind Password: 
        [ldapsh]$ ls
    Type 'help' for online help.


    • rvim: restricted VIM
      Currently, ldapsh is dependent upon finding rvim in your shell's path. If rvim is not found, bad things will happen. This will eventually be a configuration option, but it does not seem worth it at the moment.

    • openldap libraries
      While ldapsh may work with other LDAP libraries, it has not been tested. If you find that ldapsh works with a library other than OpenLDAP, please send an email to eric@ypass.net with the version and vendor of the ldap library you are using (i.e. Sun, Netscape).

    • LDAP server
      ldapsh should be able to communicate with any available LDAP server that supports the LDAPv3 specification.


    ldapsh is a mix between a CLI client (such as an FTP client) and a UNIX shell. You must connect to an LDAP server before you can issue any commands. To connect to a server, use the 'connect' command.
            $ connect localhost
    This will make a connection to the LDAP server and prompt you for a BindDN. Type the DN you wish to use for binding to the LDAP server, or press enter to use the default.
            Bind DN [cn=manager,dc=example,dc=net]:
    You will be prompted for the the Bind password. Enter the password for the user you are binding as. If the authentication information is correct, you will be connected to the server.

    The default BindDN is configurable in the ~/.ldapshrc file. See CONFIGURATION FILES for more information.

    Once you are connected to the server, your shell prompt will identify the uid that you are bound as, the server you are bound to and the directory you are current in. You will always start out at the BaseDN of the directory server's hierarchy. The BaseDN is configured automatically by default. ldapsh will attempt to determine your base DN by querying the LDAP server you are connected to for it's namingContext. If more than one naming context is returned, ldapsh will cowardly refuse to continue. To manually specify the base DN, edit the 'basedn' config statement accordingly.

    To view the controls returned from your LDAP server, issue the following command at a UNIX shell prompt:

            $ ldapsearch -h localhost -x -s base -b "" "+"
    Type 'help' for a list of available commands. You can type 'help [command]' to see information for a specific command.


    Create a file in your home directory called .ldapshrc

    The currently supported configuration directives are:

    • defaultuser
      The default user to use when binding to the directory server.

    • basedn
      The base DN of the LDAP hierarchy you wish to browse. If 'auto' is specified (without quotes), the base DN will be requested from the LDAP server upon connection.

    • debug
      Print debugging information. Debug information is really only useful for developers, although some of it is may be fairly amusing to watch.

    • ldapcache
      Enable ldap caching in the libldap library. This is supported in OpenLDAP and possibly other LDAP libraries.