LDAP-UX Client Services B.04.15 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

111

112

113

114

115

116

117

118

119

120

/home/tscott gecos[cn]: Tom Scott gecos[l]: Building-12 gecos[telephoneNumber]:

555-555-6666

5.6.3 Listing Groups

You can use ldapuglist to list and enumerate POSIX-like group entries in an LDAP directory

server. Below are examples of how to use ldapuglist to display group entries.

Run the following command to list all the posixGroup entries that Mike Phillips belongs to:

cd /opt/ldapux/bin ./ldapuglist

-t group -f "(memberUid=mphillips)"

The output is as follows:

dn: cn=group1,ou=groups,dc=example,dc=com

cn: group1 gidNumber: 550 memberUid: mphillips memberUid: mlou memberUid:

apierce memberUid: bjones dn: cn=group2,ou=groups,dc=example,dc=com

cn: group2 gidNumber: 580 memberUid: vtam memberUid: ajones memberUid:

mphillips

Run the following command to list a regular posixGroup entry which contains cn=groupA:

./ldapuglist -t group -f "(cn=groupA)"

The output is as follows:

dn: cn=groupA,ou=groups,dc=example,dc=com

cn: groupA gidNumber: 620 memberUid: user1 memberUid: user3 memberUid:

user5

Run the following command to list a regular posixGroup entry for the group name, groupB:

./ldapuglist -t group -n groupB

The output is as follows:

dn: cn=groupB,ou=groups,dc=example,dc=com

cn: groupB gidNumber: 620 memberUid: user1 memberUid: user3 memberUid:

user5

Command Arguments

The following describes the ldapuglist options/arguments used in the above examples:

-t <type> Specifies the type of entry the ldapuglist tool needs to discover and process.

<type> can be passwd or group. The passwd type indicates

posixAccount-type entries. The group type indicates posixGroup-type entries.

-n <name> Specifies a single account or group name. Use of -n is the same as -f

“(uid=<name>)” for accounts and -f “(cn=<name>)” for groups.

-f <filter> Specifies an LDAP-style search filter, <filter>, used to select specific entries

from the LDAP directory server. When you use the -f option, the filter

specified by <filter> applies to Posix-style users or groups (depending on

whether you specify the -t passwod or -t group option).

-m

Displays the names of the mapped attributes when returning results.

5.6.4 Adding a User or a Group

When adding user or group entries to the LDAP directory server, the ldapugadd tool uses

template files to discover the required data models for a new user and group entry. Template

files define what object classes and attributes are required to create new user and group entries.

LDAP-UX provides the flexibility that allows you to define unique data models for user and

group entries. LDAP-UX supports two default template files (for passwd and group services)

for a standard LDAP directory server, along with two default template files for Windows Active

Directory Server. These template files can be found under /etc/opt/ldapux/ug_templates

directory. For detailed information on how to define template files and how to name and create

template files, see “Template Files” (page 167).

5.6 User and Group Management 115