> Wondering if any of you have thoughts/experiences with ApacheDS? Since we develop mostly Java application we use it for development and testing: developers don't have to install an OS dependent LDAP implementation (especially the poor souls working on Windows). In production we use openldap from CentOS (5.6). As far as authentication / role management goes we have never noticed any significant difference between testing and production. (except for a few attributes where null/empty values are accepted by one but not the other). But we are definitely not pushing them to the limit in our deployments. Please note that we are still on ApacheDS 1.0 since we put this in place a while ago and never felt the need to upgrade it for our development / testing needs. I'd be interested in your analysis and final choice if you test it for production deployments. This is something that I'm considering as well, because of our Java focus. A bit OT with regard to the OP question: this is the occasion to signal that Apache Directory Studio (http://directory.apache.org/studio/), a sister project, is an excellent and powerful LDAP client. It works well in order to access CentOS openldap servers (and obviously ApacheDS as well), and runs well on a CentOS desktop (with the default OpenJDK).