LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

221

222

223

224

225

226

227

228

229

230

type indicates posixAccount-type entries. The group type indicates

posixGroup-type entries. Specification of the <type> parameter tells

ldapuglist how to handle processing of search filters and attribute

mappings. If you do not specify the -t option, ldapuglist assumes the

passwd type. For example, - t group.

-h <hostname> Specifies the host name and optional port number (hostname:port) of

the LDAP directory server. This option overrides the server list configured

in the LDAP-UX configuration profile. This field supports specification of

IPv4 and IPv6 addresses. Note that when you specify a port for an IPv6

address, you must specify the IPv6 address in square-bracketed form. If

the optional port is unspecified, the port number is assumed to be 389 or

636 for SSL connections (with the -Z option). For example, -h ldapsrvA.

-p <port>

Specifies the port number of the LDAP directory server to contact. The

ldapuglist tool ignores this option if you specify the port number in the

<hostname> as part of the -h option.

-n <name>

Provides a simplified method for discovering a single account or group.

Use of -n is the same as -f “(uid=<name>)” for accounts and -f

“(cn=<cname>)” for groups. Do not specify -f and -F on the command

line if you use -n. For example, the following command displays an account

entry for the user, mlee:

ldapuglist -t passwd -n mlee

The output from the above command is as follows:

dn: cn=Mike Lee,ou=people,dc=example,dc=com

cn: Mike Lee

uid: mlee

uidNumber: 900

gidNumber: 2010

loginShell: /usr/bin/sh

homeDirectory: /home/mlee

gecos: mlee,Building-5,555-555-5555

-f <filter> Specifies an LDAP-style search filter, <filter>, used to select specific

entries from the LDAP directory. When you use the -f option, the filter

specified by <filter> applies to Posix-style users or groups (depending

on whether you specify the -t passwd or -t group option).

The filter specified with -f is amended with the default ldapux(5) search

filter for either the user or group object types. In addition, when you use

-f, if a known attribute for the particular service has been mapped as

defined in the LDAP-UX configuration profile, then the mapped attribute

name is substituted in the search filter.

For example, if the uidNumber attribute has been mapped to the

employeeNumber attribute, the following command lists a POSIX account

that has uidNumber=51552:

ldapuglist -t passwd -f “(uidNumber=51552)”

For the above example, the mapped attribute name is substituted in the

search filter, and the resulting search filter used by LDAP-UX is as follows:

(&(objectclass=posixAccount)(employeeNumber=51552))

The -f option also supports generation of search filters for the

multi-mapped attributes, gecos and memberUid. In the case of gecos,

each mapped attribute is used in the search filter using the LDAP and

operation (&). In the case of memberUid, each mapped attribute is used in

the search filter using the LDAP or operation (|).

7.3 LDAP user and group management tools 225