Good LDAP editors are hard to find; the best is Soferra’s LDAP Administrator which unfortunately only works on Windows platforms. Sometime in 2005 I stumbled accross ldapvi, an interactive program for Unix/Linux written by David Lichteblau which allows editing of LDAP entries pulled from an LDAP server using my favorite editor (vi) or whatever is set in my $EDITOR environment variable. A pointer made me look at it again. The program has had numerous changes done to it, which now make it very workable. Care to see a sample session? I’ll set my editor to ed so that I can show you what is happening. Tremendous. Do note that we aren’t simply editing LDIF here, well we are, but that LDIF is being pulled from the LDAP server and optionally written back. Object classes and attribute types and values can be added modified or deleted, as long as the directory server accepts the changes of course (think: schema checking). At the main prompt, a plus sign (+) will re-enter the editor with schema comments; I can see which attribute types are allowed by the object classes. This definitely goes into my toolbox again, and I’m going to read the manual.