LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

261

262

263

264

265

266

267

268

269

270

7.3.8.2 Options and Arguments

The ldaphostmgr tool supports the following options and arguments:

-a

Adds a new host to the directory server. The host is added to the

base specified by the host service search descriptor in the

LDAP-UX configuration profile entry (unless the -D option is used

to specify the fully qualified DN). When an entry is created, the

device and ipHost object classes are used. Optionally, additional

object classes can be used to describe the host entry. See

Section 7.3.8.3 (page 274) for more information.

On ADS, the Computer object class is used.

The -a (add), -d (delete), and -m (modify) options are mutually

exclusive. The -m option is the default if none of these three options

is specified.

-m Modifies an existing host entry. The -a (add), -d (delete), and -m

(modify) options are mutually exclusive. The -m option is the

default if none of these three options is specified.

-d

Deletes a host entry. This removes the specified host entry from

the directory server, and removes the host as a member from any

group that contains this host as a member. The -a (add), -d

(delete), and -m (modify) options are mutually exclusive. The -m

option is the default if none of these three options is specified.

-F

Forces creation of a new host entry even if the following error

conditions occur:

• Setting the owner of a host to an owner that does not exist. If

the -O option specified a DN, then that DN is used as the

owner. If a user or group is specified, then the owner is set to

the DN of the user identity used by ldaphostmgr when

performing the command. In this case, if the current user

identity is already marked as an owner of the host, a

MODIFY_FAILED error is returned.

• Creating or changing the key for the specified remote host,

even if the identity of the remote host could not be verified.

This usage is not recommended since the key loaded into the

directory server cannot be trusted.

The -F option does not override any enforcement that occurs on

the directory server itself, such as adding an attribute without also

adding a corresponding required object class or modifying an

attribute for which the user does not have sufficient directory

privilege.

-I

Adds/modifies additional information about the host:

entityVersion=$(/usr/bin/uname -sr)

entityModel=$(/usr/bin/model)

On ADS, instead of entityVersion, the operatingSystem

and operatingSystemVersion attributes are used.

entityModel is not defined in an ADS environment.

Note that if an -I option is specified and the host being managed

is remote, a remote login to that host is required and performed

by ldaphostmgr to discover that information. This means that

when the LDAP credentials are specified (through the prompt or

LDAP_BINDDN), those credentials must also represent a POSIX

account, such that a remote login to that host can be performed

7.3 LDAP user and group management tools 267