Skip to main content
There are several ways to connect to an LDAP server with Loom LDAP Browser. Choose the method that best fits your workflow.

Connection Methods

1

Command-Line Arguments

Connect directly on startup by passing connection parameters:
loom-ldapbrowser -H ldap.example.com \
  -D "cn=admin,dc=example,dc=com" \
  -b "dc=example,dc=com"

Available CLI Options

OptionDescription
-H, --host <HOST>LDAP server hostname
-p, --port <PORT>LDAP port (default: 389)
-D, --bind-dn <DN>Bind DN for authentication
-b, --base-dn <DN>Base DN for browsing
-c, --config <PATH>Custom config file path
CLI arguments override the first connection profile in your config file.
2

Connection Dialog

Press F2 at any time to open the connection dialog.From here you can:
  • Select from saved connection profiles
  • Create a new connection
  • Edit connection parameters before connecting

Dialog Navigation

KeyAction
Tab / Shift+TabMove between fields
eEnter edit mode (from view mode)
cConnect with current settings
F2Cycle TLS mode (edit mode)
F3Cycle credential method (edit mode)
F10 / Ctrl+EnterSave profile (edit mode)
EscCancel and close
When you’re viewing an existing profile, press e to edit its fields, or press c to connect immediately.
3

Profiles Layout

Press F1 to switch to the profiles layout, where you can:
  • Browse all saved connection profiles
  • Organize profiles into folders
  • Connect to a profile by pressing c
Navigate the profiles tree with vim-style keys (j/k) or arrow keys, then press c to connect to the selected profile.See Connection Profiles for detailed information about managing profiles.
4

Auto-Connect on Startup

The first profile in your config.toml file will connect automatically when you launch the application (unless overridden by CLI arguments).
[[connections]]
name = "Production"
host = "ldap.example.com"
bind_dn = "cn=admin,dc=example,dc=com"
base_dn = "dc=example,dc=com"
If you don’t want auto-connect, leave the [[connections]] section empty or pass -H without a value on the command line.

Connection Parameters

When creating or editing a connection, you’ll configure these fields:

Required Fields

The LDAP server hostname or IP address.Examples:
  • ldap.example.com
  • ldap-prod.internal
  • 192.168.1.100

Optional Fields

FieldDefaultDescription
TLS ModeautoEncryption method (see below)
Credential MethodpromptHow to obtain password (see Authentication)
Page Size500Number of entries to fetch per page
Timeout30Connection timeout in seconds
Relax RulesfalseRelax LDAP protocol rules for compatibility
Read OnlyfalsePrevent all modifications
Folder(none)Folder path for organization

TLS Modes

Loom supports multiple TLS encryption modes:

Password Prompts

When a connection uses credential_method = "prompt", you’ll be prompted for the bind password:
  • Before TUI starts: If connecting on startup, you’ll see a terminal prompt
  • In the TUI: If opening a new connection, a password dialog appears

Skip the Prompt

Set the LOOM_PASSWORD environment variable to provide the password automatically: 
export LOOM_PASSWORD="your-password"
loom-ldapbrowser -H ldap.example.com -D "cn=admin,dc=example,dc=com"
Exporting passwords in environment variables is not secure. Consider using the “command” or “keychain” credential methods instead.

Anonymous Bind

To connect anonymously (without authentication), leave the Bind DN field empty: 
loom-ldapbrowser -H ldap.example.com -b "dc=example,dc=com"
Or in your config: 
[[connections]]
name = "Anonymous"
host = "ldap.example.com"
base_dn = "dc=example,dc=com"
# bind_dn is omitted
Many LDAP servers restrict what anonymous users can see. You may have limited access to directory entries.

Multiple Connections

Loom supports multiple simultaneous connections through tabs:
  • Each tab represents an independent LDAP connection
  • Press Ctrl+Right or type gt to go to the next tab
  • Press Ctrl+Left or type gT to go to the previous tab
  • Press Ctrl+W to close the current tab

Opening Multiple Tabs

  1. Connect to your first server (any method)
  2. Press F2 to open the connection dialog again
  3. Select a different profile or enter new connection details
  4. Connect to create a new tab
Use the tab bar at the top to see all open connections. The active tab is highlighted.

Connection Status

The status bar at the bottom shows:
  • Current connection name or hostname
  • Detected server type (OpenLDAP, Active Directory, etc.)
  • Key hints for common operations

Troubleshooting

If the connection times out:
  • Verify the hostname and port are correct
  • Check if a firewall is blocking the connection
  • Try increasing the timeout_secs value
  • Test connectivity with: telnet ldap.example.com 389
If you see TLS or certificate errors:
  • Try tls_mode = "none" to test without encryption
  • Check if the server certificate is valid
  • Verify the server supports the TLS mode you’re using
  • For self-signed certificates, you may need to accept the certificate (feature support varies by platform)
If authentication fails:
  • Double-check the bind DN format
  • Verify the password is correct
  • Try connecting with an LDAP tool like ldapsearch to rule out server issues: 
    ldapsearch -H ldap://ldap.example.com -D "cn=admin,dc=example,dc=com" -W -b "dc=example,dc=com" "(objectClass=*)"
If the server type shows as “Unknown”:
  • This doesn’t affect functionality
  • Some servers don’t expose vendor or version information
  • Operations will still work normally

Next Steps

Browsing

Learn how to navigate the directory tree

Authentication

Configure credential methods and password storage

Connection Profiles

Organize and manage saved connections

Searching

Search the directory with LDAP filters

Build docs developers (and LLMs) love

Get started for freeTalk to us