LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

231

232

233

234

235

236

237

238

239

240

ug_templates directory. A full or relative path name must

begin with a slash (/) or a period (.) character.

If you do not specify this argument, ldapugadd uses the default

template file /etc/opt/ldapux/ug_templates/

ug_passwd_default.tmpl.

-x <domain>

Optional. Specifies the user’s domain name. Use this option to

specify the ${domain} value that can be used in the template

file. If you do not specify this value, the domain name is created

by using the first dc component of the new user’s distinguished

name. If the distinguished name does not contain any dc

components, and the ${domain} variable is specified in the

template file, ldapugadd generates an error.

-m

Optional. Creates a new home directory for the defined user.

User and group ownership of the newly created directory is

assigned to the user and his/her primary login group. If the -k

option is specified, the files and sub-directories found in

<skel_dir> are copied to the user’s home directory, and user

and group ownership permissions are altered as specified above.

If the -k option is not specified, skeleton files are copied from

/etc/skel. The -m option requires the user has sufficient

privilege to create the new home directory, copy skeleton files

and change ownership of those files and directories. The

ldapugadd tool creates a user’s home directory only after

successfully adding the user entry to the directory server and

adding the user to the primary and secondary groups. If

ldapugadd is unable to properly create the user’s home

directory, per the above process, the newly created changes in

the directory server are not removed. See the “Security

Considerations” section below for more information.

-k <skel_dir> Optional. The ldapugadd tool ignores the -k option unless you

specify the -m option. The <skel_dir> argument specifies a

directory which contains skeleton files and directories that need

to be copied into newly created user home directories. Also see

-m.

<attr>=<value>[...]

Optional. Enables specification of arbitrary LDAP attributes and

values. Because of potential object class requirements, additional

information beyond the basic POSIX account and group data

you might need to specify in order to create new entries in the

LDAP directory server. For example, if the person object class

is used as a structural class for posixAccounts, then the sn

(surname) attribute must be specified in order to properly create

a new entry. This attribute needs to be defined in the template

file, and attribute/value pair needs to be specified at the end of

the ldapugadd command line. The<attr>=<value> parameter

is used to specify attributes required by the template file.

However, if an attribute is specified which is not defined in the

defined template file, that attribute/value pair is considered as

an optional attribute/value which will be added to the entry

exactly as specified. <attr>=<value> parameters are optional,

but you must specify them as the last parameters on the

command line.

7.3 LDAP user and group management tools 239