LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

161

162

163

164

165

166

167

168

169

170

-s <default_shell>

Specifies the default login shell that ldapugadd uses when

creating a new user entry.

-s <default_home>

Specifies the default parent home directory that ldapugadd

uses when creating a new user home directory.

5.5.5 Modifying a user

You can use ldapugmod tool to modify exiting POSIX accounts or groups in an LDAP directory

server. This section provides examples of using ldapugmod to modify a user's information.

Use LDAP_BINDDN to specify the distinguished name (DN) of a user with sufficient directory

server privilege to modify users or groups in the directory server. Use LDAP_BINDCRED to specify

a password for the LDAP user specified by LDAP_BINDDN. Alternately, you can input LDAP

administrator bind identity and credential interactively with a prompt (-P) option.

The LDAP_UGCRED environment variable specifies the new password of a user or group being

modified. You must specify the -PW option when using LDAP_UGCRED. Alternately, you can use

the -PP command option to prompt for the password of the user or group being modified.

The following commands set the LDAP_BINDDN and LDAP_BINDCRED environment variables:

export LDAP_BINDDN = "cn=Jane Admin,ou=Admins,dc=example,dc=com"

export LDAP_BINDCRED = "Jane's password"

The following commands are used to change the password of the user, mtam, using the new user

password defined in LDAP_UGCRED:

cd /opt/ldapux/bin

export LDAP_UGCRED = "new password"

./ldapugmod -t passwd -PW mtam

The following command replaces the uidNumber attribute with the new value for the user entry,

mswartz:

./ldapugmod -t passwd -u 300 mswartz

The following command replaces the sn attribute with the new value for the user entry, mLou:

./ldapugmod -t passwd mLou "sn=Lou"

The following command removes the sn attribute and value for the user entry, alee:

./ldapugmod -t passwd -R "sn=Ann Lee" alee

The following command replaces the gecos fields with the new values for the user entry, alouie:

./ldapugmod -t passwd -I "Ann Louie,Building-6,222-2222" alouie

The following command adds the description attribute and value to the user entry, mscott:

./ldapugmod -t passwd -A "description=test user entry" mscott

Command arguments

The following describes arguments/options used in the above examples for the ldapugmod -t

passwd commands:

-PW Sets the user or group password attribute. If you specify -PW, you must

specify either the LDAP-UGCRED environment variable or the -PP option.

-A <attrval>

Specifies an attribute and value to be added to a user or group entry.

When working with multi-valued attributes, you can use the -A option

to add a new value for a multi-valued attribute, without removing already

existing values for that attributes.

-R <attrval>

Specifies an attribute and value to be removed from a user or group entry.

When working with multi-valued attributes, you can use the -R option

to remove a specified value for a multi-valued attributes.

-u <uidNumber>

Replaces the user's numeric id number.

168 Administering LDAP-UX Client Services