HP CIFS Server 3.0f Administrator's Guide verison A.02.03
Smbldap Tools
The following lists HP CIFS Server smbldap tools available for you to maintain users and groups data in
the Directory Server. For HP CIFS Server A.01.* versions, these tools are located in the
/opt/samba/LDAP/smbldap-tools directory. For HP CIFS Server A.02.* versions, these tools are
located in the /opt/samba/LDAP3/smbldap-tools directory :
smbldap-groupadd.pl adds a new group (objectclass: posixGroup)
smbldap-groupdel.pl deletes a group (objectclass: posixGroup)
smbldap-groupmod.pl modifies a group (objectclass: posixGroup)
smbldap-groupshow.pl views a group (objectclass: posixGroup).
smbldap_conf.pm global configuration file
smbldap-useradd.pl adds a new user (objectclass: posixAccount, sambaAccont, or both
depending on the tool option used)
smbldap-userdel.pl deletes a user (objectclass: posixAccount, sambaAccount, or both
depending on the tool option used)
smbldap-usermod.pl modifies a user data (objectclass: posixAccount, sambaAccount, or
both depending on the tool option used)
smbldap-usershow.pl views a user data (objectclass: posixAccount, sambaAccont or both
depending on the tool option used)
smbldap-passwd.pl adds or modifies the samba password, posix password, or both
smbldap-migrate-accounts.pl migrates user accounts from the existing smbpasswd file to the LDAP
directory.
smbldap-migrate-groups.pl migrates Windows NT groups from to the LDAP directory.
smbldap-populate.pl adds or populates the LDAP directory with some users and groups
with well-known RIDs.
For HP CIFS Server A.02.* versions, you must edit the
/opt/samba/LDAP3/smbldap-tools/smbldap_conf.pm configuration file with appropriate
configuration values before you attempt to run these tools. You can use the tool option, -?, for the detailed
usage of each tool. For more information on how to use these tools, refer to
/opt/samba/LDAP3/smbldap-tools/FILES and /opt/samba/LDAP3/smbldap-tools/README.
For HP CIFS Server A.01.* versions, the smbldap_conf.pm file is in the
/opt/samba/LDAP/smbldap-tools directory.
NOTE: In order to run these management tools, perl on HP-UX 11i (PA-RISC) and HP-UX 11i (IA) version
5.6.1.E or greater is required. A free download software is available at
http://software.hp.com.
The smbldap_conf.pm
Before you run Samba management tools, you can edit the script configuration file,
/opt/samba/LDAP3/smbldap-tools/smbldap_conf.pm, to set the $SID, $masterLDAP, $suffix,
$binddn and $bindpasswd local site variables with the LDAP directory server name, LDAP base Distinguish
Name (DN), directory manager name and password. First start the samba daemon if it is not already running
with startsmb. Set the environment variables throughout your configuration file to appropriate values for
your environment, including $SID. The current SID default is
SID='S-1-5-21-3516781642-1962875130-3438800523'. You need to execute the net rpc getsid
command and obtain the appropriate SID. Otherwise, all the accounts that you add to the LDAP directory
will not have the correct SID and will be invalid.Ensure that the organizational units (ou) are consistent with
your LDAP subschema, particularly three units, usersou, groupsou, and computersou. The values of
these three units are as follows:
• $usersou = q (People);
• $groupsou = q (Groups);
• $computersou = q (Computers).
LDAP management Tools 97