The Netscape Directory SDK 4.1 for Java includes several tools that can be used to test your LDAP configuration. All of the tools are provided in source code form and will need to be compiled. This article provides instructions for compiling and using these tools.

After extracting the source code for the Netscape Directory SDK, the Java tools will be included in the directory: mozilla/directory/java-sdk/tools and are named:

• LDAPSearch.java
• LDAPModify.java
• LDAPDelete.java
• LDAPTool.java

After installing / building the Netscape Directory SDK for Java, you will need to ensure the JAR file for the SDK: "ldapjdk.jar" is included in your CLASSPATH. For example:

# CLASSPATH=$JAVA_LIB/ldapjdk.jar:$CLASSPATH; export CLASSPATH

Now go to your tools directory and compile all Java source code files:

# cd mozilla/directory/java-sdk
# javac *.java

Basic search on a public LDAP directory (Netscape)

# java LDAPSearch -h memberdir.netscape.com -b "o=netcenter.com" "objectClass=*" cn

Here is a search on my LDAP directory used to store Oracle TNS Service Names

# java LDAPSearch -h dbautil -b "cn=OracleContext,dc=idevelopment,dc=info" "cn=O*" cn orclnetdescstring

    dn: cn=OracleContext,dc=idevelopment,dc=info
    cn: OracleContext

    dn: cn=OBTEL_SERVER1,cn=OracleContext,dc=idevelopment,dc=info
    cn: OBTEL_SERVER1
    orclnetdescstring: (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=server1.idevelopment.info)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=OBTEL_SERVER1.IDEVELOPMENT.INFO)))

    dn: cn=OBTEL_SERVER2,cn=OracleContext,dc=idevelopment,dc=info
    cn: OBTEL_SERVER2
    orclnetdescstring: (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=server2.idevelopment.info)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=OBTEL_SERVER2.IDEVELOPMENT.INFO)))

    dn: cn=OBTEL_SERVER3,cn=OracleContext,dc=idevelopment,dc=info
    cn: OBTEL_SERVER3
    orclnetdescstring: (DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=server3.idevelopment.info)(PORT=1521)))(CONNECT_DATA=(SERVICE_NAME=OBTEL_SERVER3.IDEVELOPMENT.INFO)))

If you wanted to limit the search results to 10 entries, use the -z flag

# java LDAPSearch -h dbautil -b "cn=OracleContext,dc=idevelopment,dc=info" -z 10 "cn=O*" cn orclnetdescstring

The following two examples demonstrate that searches are case-insensitive.
Both return the same results.

# java LDAPSearch -h alex -b "o=airius.com" "(cn=Jeff*)" cn
# java LDAPSearch -h alex -b "o=airius.com" "(cn=jeff*)" cn

Search for entries whose names begin with "jeff", "sandy", or the letter "m".

# java LDAPSearch -h alex -b "o=airius.com" "(|(cn=Jeff*)(cn=sandy)(cn=m*))" cn

The syntax for telephoneNumber is special in that all of the following will return the same results.

# java LDAPSearch -h alex -b "o=airius.com" "(telephoneNumber=+1-408-*)" cn telephoneNumber
# java LDAPSearch -h alex -b "o=airius.com" "(telephoneNumber=+1 408*)" cn telephoneNumber

The following search uses the "sounds like" operator. I provide the results for this search to demonstrate how the "sounds like" operator works. This does not work on all LDAP servers. For example, I got the following error when trying to use the "sounds like" operator on Oracle Internet Directory: "netscape.ldap.LDAPException: error result (53); Function Not Implemented; LDAP server is unwilling to perform"

# java LDAPSearch -h alex -b "o=airius.com" "(cn~=brian)" cn

dn: uid=bplante, ou=People, o=airius.com
cn: Brian Plante

dn: uid=jbrown, ou=People, o=airius.com
cn: Judy Brown

Complex search filter. The following search indicates that we want all entries in which (1) the entry includes the object class person, (2) the first name begins with the letter J, and (3) the area code of the telephone number is grater than or equal to 407 or the entry has a mail attribute.

# java LDAPSearch -h alex -b "o=airius.com" "(&((objectClass=person)(cn=j*)(|(telephoneNumber=>407)(mail=*))))" objectClass cn telephoneNumber mail

Using the LDAPModify program to add entries

# java LDAPModify -c -a -D "cn=orcladmin" -w "welcome" -f "airiusplus.ldif"