LDAP-UX Client Services B.04.15 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

111

112

113

114

115

116

117

118

119

120

./ldapugadd -D -t passwd -d /net/home

Command Arguments Applicable to -D

The following describes arguments used in the above examples of the ldapugadd -D commands:

-D

Uses this option to change local host defaults in the

/etc/opt/ldapux/ldapug.conf file which are used by

ldapugadd when creating new user or group entries in an

LDAP directory server.

-u <min_uid>:<max_uid>

Sets new default minimum and maximum ranges that

ldapugadd uses when provisioning an UID number for new

user entries.

-g <default_gid>

Specifies the default group ID number used when creating

new user entries.

-g <min_gid>:<max_gid>

Sets new default minimum and maximum ranges that

ldapugadd uses when provisioning a GID number for new

group entries.

-s <default_shell>

Specifies the default login shell that ldapugadd uses when

creating a new user entry.

-s <default_home>

Specifies the default parent home directory that ldapugadd

uses when creating a new user home directory.

5.6.5 Modifying a User

You can use ldapugmod tool to modify exiting POSIX accounts or groups in an LDAP directory

server. This section provides examples of using ldapugmod to modify a user's information.

Use LDAP_BINDDN to specify the Distinguished Name (DN) of a user with sufficient directory

server privilege to modify users or groups in the directory server. Use LDAP_BINDCRED to specify

a password for the LDAP user specified by LDAP_BINDDN. Alternately, you can input LDAP

administrator bind identity and credential interactively with a prompt (-P) option.

The LDAP_UGCRED environment variable specifies the new password of a user or group being

modified. You must specify the -PW option when using LDAP_UGCRED. Alternately, you can use

the -PP command option to prompt for the password of the user or group being modified.

The following commands set the LDAP_BINDDN and LDAP_BINDCRED environment variables:

export LDAP_BINDDN = "cn=Jane Admin,ou=Admins,dc=example,dc=com" export LDAP_BINDCRED = "Jane's password"

The following commands are used to change the password of the user, mtam, using the new user

password defined in LDAP_UGCRED:

cd /opt/ldapux/bin export

LDAP_UGCRED = "new password" ./ldapugmod -t passwd -PW mtam

The following command replaces the uidNumber attribute with the new value for the user entry,

mswartz:

./ldapugmod -t passwd -u 300 mswartz

The following command replaces the sn attribute with the new value for the user entry, mLou:

./ldapugmod -t passwd mLou "sn=Lou"

The following command removes the sn attribute and value for the user entry, alee:

./ldapugmod -t passwd -R "sn=Ann Lee" alee

The following command replaces the gecos fields with the new values for the user entry, alouie:

./ldapugmod -t passwd -I "Ann Louie,Building-6,222-2222" alouie

The following command adds the description attribute and value to the user entry, mscott:

./ldapugmod -t passwd -A "description=test user entry" mscott

5.6 User and Group Management 119