WARNING - guru level information in this blog entry. Don't try ANY of this unless you're CERTAIN you know what you're doing. Editing OpenSSO's configuration directly can easily lead to an unusable deployment. You have been warned!
Deploying ldapvi on a Mac is very simple, thanks to MacPorts. Just do
sudo port install ldapvi
Now you can point it at your OpenSSO deployment like so:
ldapvi -d --host ldap://localhost:50389 -D "cn=Directory Manager" -w password
I get a screen like this:
One neat feature is that ldapvi transparently deals with the base64 encoded XML data in the directory - you can see it if you search for sunKeyValue:;
Now you can do some serious configuration hacking, especially with vi's global search and replace! But remember, with great power comes great responsibility. Backup your configuration before you try anything, and restart OpenSSO after any change you make in the directory. OpenSSO caches its configuration, and it won't notice changes you make 'under the covers'.