Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Command-Line
181182183184185186187188189190
Chapter 9 Maintaining Open Directory Services 185
If you delete a user account in Workgroup Manager by clicking the User button (not
the All Records button) on the left, selecting the user account, and clicking Delete
in the Workgroup Manager toolbar (or by choosing Server > Delete Selected User),
Workgroup Manager removes the user account’s Password Server slot and Kerberos
identity for you.
Likewise, if you delete a computer record by selecting it in a computer group and
clicking the Delete (–) button, Workgroup Manager removes the computer record’s
Password Server slot and Kerberos identity for you.
Changing a User’s Short Name
To change a users rst short name, you can use the ldapmodrdn command-line tool in
Terminal. Any short name except the rst name can be changed in the Basic pane of a
Workgroup Manager user window.
WARNING: Changing a users rst short name can have unexpected and undesirable
consequences. Other services use each user’s rst short name as a unique and
persistent identier.
For example, changing a user’s rst short name does not rename the user’s home folder. The
user has the same home folder (even though its name doesn’t match the user’s new rst
short name) unless the user accesses his or her home folder through a group membership.
The following example shows how to change the short name of a user account using
ldapmodrdn:
$ ldapmodrdn -U diradmin -Y "cram-md5" -W -r "uid=oldshortname,cn=users,d
c=example,dc=com" "uid=newshortname"
This example assumes youre using Terminal on the Open Directory master server or
you’ve set up an SSH connection to the Open Directory master server using Terminal
on another computer.
In the example, you replace diradmin with the name of a directory administrator,
oldshortname with the short name that you want changed, and newshortname with
the new short name.
You must also replace dc=example,dc=com with the servers search base sux. You can
determine the servers search base sux by looking at the Protocols settings pane of
the Open Directory service in Server Admin.
If you use ldapmodrdn to change the rst short name of a user record with multiple
short names, the record’s second short name becomes the rst short name and the
new short name becomes the record’s last short name.
To reorder short names, use the ldapmodify command-line tool. For more information,
see the ldapmodify man page.