LDAP-UX Client Services B.04.15 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

151

152

153

154

155

156

157

158

159

160

6.3.5 The ldapugadd Tool

You can use the ldapugadd tool to add new POSIX accounts and groups to an LDAP directory

server (as noted by the first and second syntaxes in “Synopsis” (page 159) below). You can use

ldapugadd to modify the /etc/opt/ldapux/ldapug.conf file to set defaults for creation

of new users or groups (as noted by the third syntax “Synopsis” (page 159) below).

The ldapugadd tool uses user and group template files that allow ldapugadd to conform to

the information model used for the types of entries being created. To use ldapugadd, you must

provide LDAP administrator credentials that have sufficient privilege to perform the user or

group add operation in the LDAP directory server.

This tool provides command-line options that enable you to add the following information to

the user or group entry:

For POSIX Accounts

• User's full name

• User ID (account name)

• User ID number

• User password

• Primary group membership

• Home directory

• Login shell

• Gecos

• Comments

For POSIX Groups

• Group ID (group name)

• Group ID number

• Group members

LDAP-UX supports a local LDAP UG configuration file, /etc/opt/ldapux/ldapug.conf.

The ldapugadd tool uses the ldapug.conf file to manage the default values for the

configuration parameters, uidNumber_range, gidNumber_range, user_gidNumber,

default_homeDirectory and default_loginShell. The ldapugadd tool uses these values

when creating new user and group entries in an LDAP directory server if a command-line option

is not provided for that specific value. You can use the ldapugadd -D command to change the

value defined in the ldapug.conf file. See “LDAP UG Tool Configuration File” (page 167) for

more information.

Template files are required by the ldapugadd tool. These template files define what data is

required to create new user and group entries and allow ldapugadd to discover required

attributes. Because each organization may have different required data models for user and

group entries (LDAP directory servers allow for a variety of attributes to be stored in user and

group entries), these templates may define arbitrary data models beyond just the required POSIX

attributes. Before creating new entries, applications can use the ldapcfinfo tool to discover

the attributes required by the templates that are not part of the standard POSIX data model. For

more information, see “Template Files” (page 167) .

6.3.5.1 Syntax Translation

LDAP-UX supports syntax translation for the memberUid and gecos attributes. This translation

allows storage of this information in a format more interoperable with other directory-enabled

applications. The LDAP user and group tools allow creation and modification of these attributes

in the LDAP-native syntaxes, even when specified using POSIX syntaxes.

158 Command and Tool Reference