1. Explorer
The explorer page is the main and first page of godap - it's where you can explore your directory's objects and their attributes. Every object in the explorer is loaded by demand - it only loads child objects of a container/OU after you expand it by selecting it and using the Right Arrow key. You can also collapse containers/OUs with the Left Arrow, but the object won't get unloaded from the internal cache unless you manually reload it (or start godap with -M=false).
To reload a previously-loaded object in the tree, select it and hit r. In the object of the tree you can also pivot to inspect its' DACL by hitting the Ctrl+D key.
You can search the entire godap cache of loaded objects using regular expressions with Ctrl+F. The search filter will be matched against all loaded object DNs, attribute names and attribute values, and will highlight the place where the pattern was found.
To create a new attribute under an object, select it, click on the Attributes panel and hit Ctrl+N:
Note that not all attributes can be created on all classes of objects. This is not a limitation of godap, but usually a restriction imposed by the schema of the directory - you can try to create any attribute you want, but it'll only get created if the schema allows it.
To change the value of an existing attribute, select it in the Attributes panel and hit Ctrl+E:
If the attribute has multiple values, you can choose which one you want to edit by changing the Value Index field. If you want to append a value to the existing set of values, choose New for the Value Index. If the attribute contains binary values, you can also toggle the Use HEX encoding flag and specify the value as a hexadecimal sequence (e.g. 0a1a3f). Then write the New Value field and click on Update to apply the change.
To delete all values from a specific attribute, simply select it in the Attributes panel and hit Delete. Godap will prompt for confirmation and delete it after you confirm the action:
To delete a specific value from a multi-valued attribute, select the value in the Attributes panel and hit Delete. Godap will prompt for confirmation and delete it after you confirm the action:
If you use the Ctrl+N keybinding while selecting any object in the tree, you'll open the Object Creator:
This page allows you to create the following types of objects:
- OrganizationalUnit
- Container
- User
- Group
- Computer
These objects will be created with the minimum set of attributes, and you'll have to change the attributes afterwards if needed. For reference, these are the templates that godap uses to create objects:
When creating User objects, for example, they will be disabled at first, and you might want to enable them by using Ctrl+A to change their userAccountControl flags. User/computer accounts will also not have a password set after creation, so you might want to add one with Ctrl+P.
This page also offers a feature to set the Entry TTL of an object upon creation. This value is AD-specific, and setting it to any non-negative value will make the object a Dynamic Object and set its EntryTTL to the specified value in seconds. After that amount of seconds, the object will be completely removed from AD (note that it may take a few minutes after the TTL for the cleanup routine to run).
To move an object to another DN or simply rename it, select it in the tree, use the Ctrl+l keybinding, set the new DN and click on Update:
To delete an object simply select it in the tree and confirm the deletion:
To change the password of a principal, simply select it and hit Ctrl+P:
Note that TLS (either via LDAPS or StartTLS) is usually required to change a principal's password. Check the 0. General section for guidance on how to connect using LDAPS or upgrade an existing connection with StartTLS.
After selecting an object, hit Ctrl+A to change its' userAccountControl attribute interactively. In AD, the userAccountControl is a bitfield that governs parameters related to the account, such as whether it's disabled, whether a password is required, if the account is trusted for delegation, etc.
The attribute will be updated after clicking on the Update button.
You can export all loaded objects below (and including) a specific object by selecting it and hitting Ctrl+S. Example:
The resulting JSON will include all standard attributes of all of the objects below .SecFrame.com. For instance:
Note that this will NOT dump the entire AD environment, even if you select the root of the domain and hit Ctrl+S - godap will only export previously-loaded objects.