Doc Links

zFlex Integrator! Announcements

LDAP Administrator and Management Tool
  1. How to Search for Users or Objects that has been Modified or Changed

    Using the granularity of timestamp operational attributes like modifyTimestamp and createTimestamp, you can query for user entries (with TDS/SDS) to get a listing of those modified or changed or created.

    TDS 6.2 and later:

    Timestamp Attribute Granularity with IBM Security Directory Server (previously known as IBM Tivoli Directory Server):
    For Directory Server v6.2 and later versions:

    Starting with Directory Server v6.2 an enhancement was made to increase the granularity of the timestamp operational attributes to the microsecond.

    In GMT format yyyymmddhhmmss.ffffffZ  
    where "f" represents the fraction of a second 

    LDAPSearch Command line Example:


    **Notes: To search for these operation attributes you can issue the following search command (and pick one either BASE or SUB or ONE - to set as the searchtype

    idsldapsearch -h <hostname> -p <port> -D <adminDN> -w <password> -s <base | sub | one> -b <baseDN> "objectclass=*" modifytimestamp createtimestamp








    However, if there are updates you will see a control panel that looks like the below diagram with what module(s) are being updated.




  2. The zFlex Integrator V3 software now supplies the AutoUpdate functionality. This feature makes possible to distribute new features and keep the product up-to-date with changes. The Auto Update consists of Update Center and a client within zFlex Integrator. The update process can be manually triggered form the Help menu on the toolbar.  The Update option  (commonly on some web server) offers an set of updates and the AutoUpdate client connects to your server and pull any changes/updates/patches down and allows an user to install them and to also restart the zFlex Integrator application for you.

    Update Drop Down Option:

    To kick off the Auto Update feature, simple go to the Help menu on the top tool bar.  Then select the option for "Check for Updates".

    That will trigger the automation and it will check and if any changes are found it will update your copy of the zFlex Integrator V3 software.  Otherwise, no action will be taken if your software is up to date.

    zFlex Integrator Installer Option




    zFlex Integrator Installer

    * IF NO Updates are found.  We are all good.



    However, if there are updates you will see a control panel that looks like the below diagram with what module(s) are being updated.




  3. Using JNDI with Hashtable


    So, I got a message from a user trying to connect via JNDI and was using a hashtable.  There was some confusion regarding what values to put where.  So I decided to just show in a template form (below) how that code needs to be setup to connect with our free zFlex LDAP server.

    We at zFlex Software offer a Free Online Development LDAP in the Cloud, but it's the IBM version of LDAP (based on OpenLdap).  There are differences with IBM's version when compared with Microsoft's Active Directory (AD).

    From admin's desk:

    For Active Directory (Microsoft LDAP Product) it is "CN" or "sAMAccountName".  zFlex is hosting a Development LDAP from IBM SDS and uses "UID".   So, all of your login (with one exception the ro_admin - will use cn) will use UID.


    For example in the logs I see the following failures for bind does not exist:

    Hashtable env = new Hashtable();

               env.put(Context.INITIAL_CONTEXT_FACTORY, INITCTX);

               env.put(Context.PROVIDER_URL, "ldap://");

               env.put(Context.SECURITY_AUTHENTICATION, "simple");


               env.put(Context.SECURITY_CREDENTIALS, "zflexpass);

               DirContext ctx = new InitialDirContext(env); 




    Hope this help other potential guest users of our Free Online Development LDAP Server!!


    Survey Poll regarding the type of Errors you get when Using our Free Online Cloud LDAP Server.


  4. So, we have a request from a user to login to our zFlex Online LDAP server using php code.  Well we decided to put together a snippet of code that can be used to authenticate a guest user on our server using php code.  Here is the sample below:



    // using ldap bind
    $ldaprdn  'uid=guest3,ou=users,ou=guests,dc=zflexsoftware,dc=com';     // ldap rdn or dn  (we will use the full DN)

    $ldappass 'guest3password';  // associated password for guest1

    // connect to ldap server
    $ldapconn ldap_connect("")
        or die(
    "Could not connect to zFlex LDAP server.");

    if (
    $ldapconn) {

    // binding to zflex ldap server
    $ldapbind ldap_bind($ldapconn$ldaprdn$ldappass);

    // verify binding
    if ($ldapbind) {
    "LDAP bind successful...";
        } else {
    "LDAP bind failed...";



    From admin's desk:

    There are some other parameters which can be used to set the base search location and then the userid (uid) attribute can be used.  So only "guest1" would be entered as the userid and NOT the full DN.


    Hope this help other potential guest users of our Free Online Development LDAP Server!!


  5. I have seen a couple of tools that shows the number of entries (or typically users or objects) under a LDAP branch (node).  Working with a colleague who is helping to improve our LDAP Browser, we wanted to add that "nice to know" feature to the tree.  So that is where "numSubordinates" comes in to play.

    The ldap search has a great number of parameter to get data about the structure and schema and it's contents.  Here I want to quickly show the power of that one little parm.  Without it, we would have to dump the entire tree of objects and do some type of scripting to read and count each one.  Fortunately, the numSubordinate will do that job for us.  See below:


    From Search Command:

    zflexldap: # idsldapsearch -D cn=root -w ? -h localhost -p 53889 -b "ou=members,ou=megachurch,o=church,dc=zflexsoftware,dc=com" -s base "objectclass=*" numSubordinates




    From Search Command (megachurch OU branch difference):

    zflexldap:# idsldapsearch -D cn=root -w ? -h localhost -p 53889 -b "ou=megachurch,o=church,dc=zflexsoftware,dc=com" -s base "objectclass=*" numSubordinates




    From Search Command (staff OU branch):

    zflexldap: # idsldapsearch -D cn=root -w ? -h localhost -p 53889 -b "ou=staff,ou=megachurch,o=church,dc=zflexsoftware,dc=com" -s base "objectclass=*" numSubordinates




    Visual example:




    The image depicts the "members" ou shows that 1000+ objects are under that tree node.  That ou=staff has 3 (which is reflected from the command given earlier).


    Visual view of the ldap tree with the counts:



About zFlex Software

zFlex Software have over of 25 years experience working with the IT field.  Over 15 years working directly with IBM products and projects in Enterprise System Environments.  We focus on IBM product installation, Infrastructure Setup and Solution Design in the Mainframe (z/OS), Linux, Solaris and Window platforms.   Knowledge of these various platforms makes our consulting very flexible for Integration tasks around these various platforms, enabling zFlex to meet your business needs.

© 2016 zFlex Software,LLC. All Rights Reserved. Designed By zFlex Software