LDAP-UX Client Services B.04.15 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

161

162

163

164

165

166

167

168

169

170

6.3.5.5 LDAP UG Tool Configuration File

LDAP-UX supports a local configuration file, /etc/opt/ldapux/ldapug.conf. The

ldapugadd tool uses the ldapug.conf file to manage the following default values when

creating new user and group entries in an LDAP directory server:

• A default group ID for new users.

• The valid UID number range for new users.

• The valid GID number range for new groups.

• The base path for a new user's home directory. By default, LDAP-UX appends the user's

account name to the base path to create the full path name.

• The default login shell for new users.

LDAP-UX provides the default ldapug.conf file as follows:

# # This file

is used by the ldapugadd tool for management # of default values for

creating new user and group entries. # This file can not be modified

directly, but instead through # the ldapugadd -D command. # uidNumber_range=100:20000

gidNumber_range=100:2000 default_gidNumber=20 default_homeDirectory=/home

default_loginShell=/usr/bin/sh

NOTE: You can not modify the ldapug.conf file directly. To change the local host default

values defined in the /etc/opt/ldapux/ldapug.conf, you must use the ldapugadd -D

command with applicable command options to alter them. See the “Arguments Applicable to

-D” (page 160) section for details.

6.3.5.6 Template Files

Template files define user and group entries that allow ldapugadd to discover the required

data models for new user and group entries. Template files define what object classes and

attributes are required to create new user and group entries and allow ldapugadd to discover

required attributes and data elements before creating the entries. LDAP-UX provides customers

the flexibility that allows each directory deployment to define unique data models for users and

groups when adding new entries to an LDAP directory server.

6.3.5.6.1 Template File Naming

The ldapugadd tool supports multiple template files per name service. LDAP-UX only supports

the passwd and group services. All template files are stored in the

/etc/opt/ldapux/ug_templates directory. Define the template file name using the following

format:

ug_serviceName_Name.tmpl

Where

serviceName Is the name of the supported service, either passwd or group.

Name Is the arbitrary name of the specific template file. The name, default, is

reserved as the default template name and is used when a specific template

name is not specified.

For example, ug_passwd_default.tmpl is the default template file for the passwd name

service and ug_group_default.tmpl is the default template file for the group name service.

ug_passwd_vpn_user.tmpl may be used when creating new users of “VPN” type. Template

files stored outside of the ug_templates directory do not need to follow any specific format

described above.

When specifying the name of a template file as part of the -T option on the command line, either

the exact file name or a short name may be used. The file name can be either a full or a relative

path name, but it must begin with a slash (/) or a period (.) character. That file name can exist

anywhere in the file system.

6.3 LDAP User and Group Management Tools 167