Manualshelf

LDAP-UX Client Services B.04.15 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software
71727374757677787980
1. Use the Directory Server Console to create a dynamic group. See the “Step1: Creating a
Dynamic Group” section for details.
2. Add the posixgroup objectclass and gidNumber attribute information to the dynamic
group entry created in step 1. See the “Step 2: Adding POSIX Attributes to a Dynamic Group”
for details.
4.2.1.1 Step 1: Creating a Dynamic Group
You can use the Directory Server Console to create a dynamic group. For detailed information
on how to use the Directory Server Console to create a dynamic group, refer to Chapter 5
Advanced Entry Management” of the Red Hat Directory Server Administrator's Guide available
at the following web site:
http://docs.hp.com/en/internet.html
The following shows an example of a dynamic group entry created using the Directory Server
Console:
dn: cn=dyngroup,ou=groups,dc=example,dc=hp,dc=com
cn=dyngroup
objectClass: top
objectClass: groupofuniquenames
objectClass: groupofnames
objectClass: groupofurls
memberURL: ldap:///dc=example,dc=hp,dc=com??sub?(l=California)
The memberURL attribute in the above example specifies a sub-tree search starting at any level
under dc=example, dc=hp, dc=com to find all entries matching (l=California). Any entries which
have objectclass account” and an attribute “l” with the value of “California” will be
returned. With LDAP-UX, an additional criteria will be added that the user entry must be a
POSIX account.
4.2.1.2 Step 2: Adding POSIX Attributes to a Dynamic Group
To create an HP-UX POSIX dynamic group, you must use the Directory Console, or the
ldapmodify tool to add the following objectclass and attribute information to the dynamic
group entry created in Step 1: Creating a Dynamic Group:
posixgroup objectclass
gidNumber attribute
cn attribute if it does not exist in the group entry.
4.2.1.2.1 Adding Attributes to a Dynamic Group Using ldapmodify
Procedures
As an example, to create an HP-UX POSIX dynamic group, use the ldapmodify tool to add
posixgroup and gidNumber information to the dynamic group entry created from the Directory
Server Console as follows:
1. Create an LDIF update file.
For example, the following LDIF update file, new.ldif, adds a posixgroup objectclass
and the gidNumber attribute to the “dn:
cn=dyngroup,ou=groups,dc=example,dc=hp,dc=com entry:
dn: cn=dyngroup,ou=groups,dc=example,dc=hp,dc=com
changetype: modify add: objectClass objectClass: posixgroup - add:
gidNumber gidNumber: 500
74 Dynamic Group Support