LAST - LDAP Administration Super Tool
This is *very* new software. It's really still being prepared for public consumption. If you don't know at least a little perl, things will not make sense. Not even a little bit.

This is not, to steal a phrase from Qmail-LDAP, "point and click and then it works ware". You need to be very familiar with your directory, and familiar with perl to get much out of the software at this stage. I'm trying to make that better, but you have been warned.


Mailing Lists!
If you're going to use LAST, you should join the mailing lists. It's under heavy development, so it would be a good thing to keep up to date, as sometimes nasty bugs creep in.

There are two lists:

LAST-Announce (Archive)- Ultra-Low traffic; for keeping people up to date on new verisons of LAST
LAST-Hackers (Archive) - For users and developers of LAST. The program is not at a point yet where anyone whose using it doesn't qualify as a hacker; so join this list if you use LAST on a regular basis, or want to help out.


What's New?
LAST 0.7-beta
  1. Major LdapObject module internal changes; should result in much faster code. 0.8 will have more drastic changes.
  2. Fixed bug in lastmod that would create ".pm" files with invalid names.
  3. Makefile enhancements; detection of required modules. (Thanks James!)
  4. Added ability to specify what port LDAP runs on. Just add "$ldapport" to last.conf if you want to change the port number.
  5. Many Bugfixes.
LAST 0.6.1-beta
  1. Alan fixed bug in lastmod to accept values of 0. Values of 0 will still cause problems though, as the code uses boolean checks all over the place. We're working on it.
  2. Fixed show-stopping new bug that stopped any fields from being printed on the "Add an Object" form.
LAST 0.6-beta
  1. Fixed bug in correctly accepting multi-valued cgi fields. (Checkbox, multivalued select boxes)
  2. Fixed bug in correctly deleting fields; my code was overly complicated, and caused problems with textarea's. (Some fields would not delete the last entry)
  3. Fixed bug in lastmod to correctly format modules that did not contain any allowed fields.
  4. Fixed admin.cgi to allow a value of "none" for fields; internal checks previously relied on this behavior to indicate when a field should not have a value at all. It now accuratly uses "".
  5. Many more bugfixes that I can't remember right now.
LAST 0.5-beta
  1. Bugfixes galore. Especially in "lastmod", and inputtransform routines.
  2. Now uses CGI::EncryptForm! No more Crypt::TripleDES.
  3. Added "Display Names" for fields; so they can be more descriptive than just the field name. (See the demonstration for examples)
  4. Added the ability to specify the value seperator for mutlivalued fields. This means, specifically, that you can have a "textarea" widget, where each line is an entry. Or, if you hate the "#" symbol, you can use any other character (or string of characters) you choose.
  5. Added a new htmltype, "displayonly". This lets you show the default fields in the "view" window. (See the demo)
  6. Added a "Modify This Object" button to the view screen. (Thanks, Alan Sparks!)

Still reading? Cool.

LAST is a set of perl modules and a CGI script. It's designed to let you define the attributes of the different types of objects in your diretory, and then add/modify/delete/search them.

It does more than that, though. It also lets you define regular expressions or custom subroutines to ensure that fields have proper values; or apply subroutines to the value of a field to transform it's value. (Encrypt a password, for example). Want javascript field completion and form value checking? No problem, define the script in the module.

There are lots of web-based scripts for playing with your directory.. they all fall short in that they are far too generic. This one let's you be as generic or as specific as you want; all within the confines of one CGI script. :)

Okay, so there are a few things that is doesn't do very well:

  1. It uses LDAP simple authentication; I highly recommend that you don't pass the authentication requests across the public internet.
  2. It relies entirely upon the ACL restrictions you set in your directory.. this is fine (It Works for Me), but it should just be some authentication modules.
  3. It burns my toast *every single time*.

It is in use every day at InfoSpace and Cyber Trails. It has yet to do nasty things like corrupt our data.. but we make no garuntees.

Sorry, the demo is offline due to hardware failure. It will return ASAP.

You want the beta tarball, so you can start looking at the source and playing around? No real documentation, no long instructions, no real help at all?

Okay.. here you go:

last-0.7-beta.tar.gz

Please, write adam@sysadminsith.org with any suggestions, new modules, etc.

Adam