One of the best platform-neutral graphical user interfaces for managing an LDAP directory, such as Active Directory, is the LDAP Browser/Editor. It was written in Java and can run on virtually any machine that has Java 1.2.2 or greater installed. It can be downloaded from the following site: http://www.iit.edu/~gawojar/ldap/.

The original LDAP server produced at the University of Michigan included a set of command-line utilities that can query and update an LDAP directory. Over time these tools have become very popular on the UNIX platforms, and they can even be used to query and update Active Directory. The OpenLDAP project took over maintenance of the University of Michigan’s LDAP server and also the command-line tools. To download the latest version of the tools, go to the following site: http://www.openldap.org/.

Any programming language that supports LDAP can be used to programmatically access and manage Active Directory. See the other recipes in this chapter for using Perl, Python, Java, and PHP.