LEX Online Manual Content

• Introduction to LEX
  • First steps
    • License Splashscreen
    • ReadOnly PopUp
    • First LDAP Connection
  • LEX GUI Elements
    • The Treeview Panel
      • Reloading the Tree Structure
      • Hiding the Tree Structure
      • The currently selected Container
    • The Object List Panel
      • Reloading the Object List
      • Object List Scope
      • Object List Filter
      • Object Names Display
      • Object Attribute Columns
      • Sorting the Object List
      • Object Icons
    • The Attribute List Panel
      • Showing and Hiding the Attribute List
      • Attribute List Position
      • Refreshing the Attribute List Contents
      • Attribute List Filter
    • The Address Bar
    • The Command Button Bar
    • The Status Bar
    • The Attribute Window
      • Attribute Window Hotkeys
      • Attribute Window Command Buttons
      • Refreshing the Attribute Window Contents
      • Attribute Window Filter
      • Text Output
  • Command Line Parameters
• Command Buttons
  • Treeview Buttons
    • Expand/Collapse Tree Panel
    • Reload Directory Info
    • Reload Entire Directory Tree
    • Search
  • Object List Buttons
    • Expand/Collapse Tree Panel
    • Expand/Collapse Attribute List
    • Reload Object List
    • Go Up one Level
    • Show Objects in all Subcontainers
    • Create New Object
    • Delete Object
    • Show Friendly Object Names
    • Show Distinguished Name in Novell Notation
    • Show Hex Output for Hex Values
    • Set Object Filter
  • Attribute List Buttons
    • Toggle Attribute List Position
    • Reload Attribute Info
    • Add New Attribute
    • Add Attribute Element to an Array
    • Remove Attribute
    • Show only Attributes that have Values
    • Show Multivalued Attributes
    • Set Attribute List Filter
  • Attribute Window Buttons
    • Reload Attribute Info
    • Compare this Object with another
    • Add New Attribute
    • Add Attribute Element to an Array
    • Remove Attribute
    • Show only Attributes that have Values
    • Show Friendly Object Names
    • Show Distinguished Name in Novell Notation
    • Show Hex Output for Hex Values
    • Show Multivalued Attributes
    • Set Attribute List Filter
    • Show Attribute Names and Values
• Menu Help
  • Connection Menu
    • Connect
    • Save
    • New LEX
    • Disconnect
    • Connection Info
    • Attributes
    • RootDSE
    • Exit
  • Edit Menu
    • Copy Attribute Name
    • Copy Attribute Value
    • Paste Attribute
    • Search
    • Undelete
    • Set Password
    • Permissions
    • New Object
    • Delete Object
    • Move Object
    • Rename Object
    • Add New Attribute
    • Add Array Member
    • Remoe Attribute
    • Set empty Value
    • Quick Edit Value
    • Edit Attribute Value
  • View Menu
    • Set Attribute as List Column
    • Column Field Chooser
      • Object type
      • Date modified
      • Modifiers name
      • Date created
      • Creators Name
      • More
      • Load Column Set
      • Save Column Set
    • Filter Display for this Attribute
    • Jump to Object
    • Toolbars
      • Address Bar
      • Button Bar
      • Status Bar
    • Directory Tree
    • Attribute List
    • List Output Settings
      • Show Objects in all Subcontainers
      • Show Friendly Object Names
      • Show DNs in Novell Notation
      • Show Hex Output for Attributes with Hex Values
    • Attribute Output Settings
      • Show Hex Output for Attributes with Hex Values
      • Show only Attribute that have Values
      • Show Multivalued Attributes
    • Refresh
    • Reload Entire Tree
  • Favorites Menu
    • Add to Favorites
    • Organize Favorites
    • Sort by Name
  • Tools Menu
    • Use in Filter Factory
    • Select for Compare
    • Compare with...
    • Directory Export - Object List
    • Directory Export - Attribute List
    • Directory Import - LDIF
    • Filter Factory
    • TreeMap Factory
    • Observation Factory
    • Pipe Factory
    • Additional Infos/Tools
      • Resolve SID Attributes to Objects
      • Converter for numeric values
      • Converter for hex values
      • Converter for GUID values
      • Converter for SID values
    • Options
  • Help Menu
    • Index
    • Search
    • Online Support
    • Check for Updates
    • Activate existing License
    • About
• Application Options
  • General Tab
  • LDAP Settings Tab
  • Object Filter Tab
  • Attribute Filter Tab
  • Container Classes Tab
  • Attribute Syntaxes Tab
  • Linked Attributes Tab
  • Dialog Settings Tab
  • Colors Tab
• Application Hotkeys
• Connecting to LDAP Servers
  • The LDAP Connections Dialog
    • Server Tab
    • Advanced Tab
    • Attribute Filter Tab
    • Column Tabs
  • Connection Profiles
  • LDAPS / LDAP over SSL
• Working with LDAP Objects
  • Creating Directory Objects
  • Renaming Directory Objects
  • Moving Directory Objects
  • Deleting Directory Objects
  • Editing Multiple Objects
  • LDAP Object Classes
  • LDAP Attributes
    • Attribute Syntaxes
    • Attribute Editors
      • String Editor
      • Integer Editor
      • Boolean Editor
      • DN Editor
      • Generalized Timestring Editor
      • Binary / Hex Editor
      • Password Editor
      • Bitmap Editor
      • GUID Editor
      • Microsoft Security Descriptor Editor
      • Microsoft Access Control Entry Editor
      • Microsoft SID Editor
      • Microsoft Large Integer Editor
      • Microsoft Interval Editor
      • Microsoft Timestamp Editor
      • Microsoft DN with Binary Editor
      • Microsoft DN with String Editor
      • Novell Object ACL Editor
      • Novell Path Editor
      • Novell EMail Address Editor
      • Novell Timestamp Editor
      • Novell Backlink Editor
      • Novell Typed Name Editor
      • Flag Attribute Editor
    • Operational Attributes
    • Binary Attributes
    • Displaying Multivalued Attributes
    • Displaying Hex/Octetstring Attributes
    • Displaying DN Attributes
    • Displaying Unused Attributes
  • Undeleting Active Directory Objects
    • AD Tombstone Reanimation
    • AD Recycle Bin
  • Copy and Paste of Attribute Values
• Working with LDAP Directories
  • ReadOnly Mode
  • Directory Tree Caching
  • Container Class Evaluation
• Building LDAP Filters
  • LDAP Filter Syntax
  • The Filter Factory
  • The Filter Constructor
  • The Single Filter Editor
  • Famous Filters
• Searching The Directory
  • Search Results
  • Searching the Global Catalog in AD Environments
• Comparing Objects
  • Compare Window Hotkeys
  • Compare Window Command Buttons
• Exporting Directory Data
  • Exporting Object List Data
  • Exporting Attribute List Data
• Importing Directory Data
• Licensing Contract for Users

The First LDAP Connection

To connect to an LDAP server, you have to do some configuration for the connection first - all the according options are shown in the LDAP Connections dialog:



All the configuration you need for connecting to an LDAP server is done in the panel area on the right side of this dialog. You don't have to care about the additional tabs Advanced, Attribute Filter and Columns. you won't need in in your first connection configuration. The following list shows you the mandatory initial settings for a LDAP connection on the Server tab:

LDAP server address:



The Server field can be an IP address or a network name of an LDAP server. If you are not sure about the TCP Port number of the server you want to connect to, choose the standard port 389. If your server allows only connections which are protected by SSL (Secure Socket Layer) encryption, then you have to activate the according checkbox.

LEX can try to detect some LDAP servers for you (Option Detect). The automatic detection mechanism finds NetWare eDirectory Servers when they are configured as LDAP servers and when your workstation is somehow connected to them with an Novell Client for Windows. The automatic detection mechanism also finds Active Directory Domain Controllers when your workstation is member in an AD domain, or when there is any DNS information available about AD specific SRV records in any DNS zone which is known to your workstation (use IPCONFIG /ALL to see what DNS domains are searched by your workstation). After all, you can enter any domain name in the Server field and the detection mechanism tries to retrieve some DC information in the given domain name. Sometimes the AD DC detection over DNS doesn't retrieve any information, depending on how the according DNS servers are requestable for service records (SRV).

The RootDSE button shows you the RootDSE entry if some address is given in the Server field and if the server is reachable on the given LDAP Port. In the RootDSE entry, every LDAP server announces some information about itself.

User / Password:



You have to authenticate somehow to the LDAP server. This authentication process is called 'bind' operation in the world of LDAP. So you have several different choices here:

• You could try a connect as an anonymous user (activate the Anonymous bind checkbox). Please note that in many directory environments an anonymous user cannot read anything in the directory but the RootDSE entry (the basic information provided by the LDAP server about his configuration).
• You can use your current credentials (activate the Use current credentials checkbox). These credentials are typically your Windows credentials (either domain based or the local credentials). You can use this credentials with every server which accept this kind of Windows username/password combinations - for example for connecting to an Active Directory Domain Controller when your workstation is part of the same AD forest as the DC. In most cases, the current credentials doesn't work with OpenLDAP-, eDirectory-, DirX-, iPlanet- or any other generic LDAP servers.
• You could enter a username/password combination which is accepted by the according LDAP server. Note that in many cases, the username has to be given as an LDAP Distinguished name, for example as 'cn=user,ou=container1,ou=container2,o=organization,c=country' or something similar to this.

LDAP Base DN:



This is the LDAP base from which LEX displays the LDAP hierarchy of the chosen server. You can enter any kind of container object which you want to be the top level of the LDAP structure you plan to access with LEX. The LDAP base has to be an LDAP distinguished name, like 'ou=container1,ou=container2,o=organization,c=country '. If you want to see an entire namespace in an LDAP server, just enter the top level hierarchy, for an Active Directory domain named 'ldapexplorer.com' this would look like 'dn=ldapexplorer,dc=com'. Many LDAP server provide public information about the namespaces they hold in their database(s), you can fetch this distinguished names with the option Fetch.

---

If you have entered all the relevant information to open your first connection to an LDAP server with the Explore option, you could choose to save this connection profile, so that you can launch this LDAP connection very quickly the next time you use LEX. Just choose Save for this and choose a name for the connection configuration - when you want to use this connection in the future, you just have to double-click the appropriate entry in the list on the left side:



If you choose to save the connection profile together with the user password, please note that the connection information is stored on your hard disk as a Rijndael encrypted file (AES Advanced Encryption Standard) in your Profile and Filter Storage Path. So if a user password is contained in the profile, it is very well protected against disclosure.

Another effect of saving the connection profile: Next time you start LEX, the last used connection profile connects automatically. This behavior is set by default and can be changed with Tools - Options - General.