LDAP-UX Client Services B.05.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

2.5.1 Importing name service data into your directory

To import your name service data into your LDAP Directory, consider the following:

• If you have already imported data into your directory with the NIS/LDAP Gateway product,

LDAP-UX Client Services can use that data and you can skip to Section 2.4.5 (page 68).

• If you are using NIS, the migration scripts take your NIS maps and generate LDIF files.

These scripts can then import the LDIF files into your directory, creating new entries in the

directory. This only works if you are starting with an empty directory or creating an entirely

new subtree in your directory for your data.

If you are not using NIS, the migration scripts can take your user, group, and other data

from files, generate LDIF, and import the LDIF into your directory.

• If you integrate the name service data into your directory, the migration scripts may be

helpful depending on where you put the data in your directory. You could use them just to

generate LDIF, edit the LDIF, then import the LDIF into your directory. For example, you

could manually add the posixAccount object class to your existing entries under ou=People

and add their HP-UX information there.

• If you used the guided installation (autosetup) to create a new directory server, ensure

that the user and group numbers to be imported or migrated do not collide with those

created by autosetup (see “Ensure user and group numbers do not collide with those

created by a guided New Directory Server mode installation” (page 90)).

2.5.1.1 Ensure user and group numbers do not collide with those created by a guided New

Directory Server mode installation

The information in this section is a post-installation task for guided installations only

(autosetup); it does not pertain to customized installations (setup).

If you used the guided installation (autosetup) and created a new directory server instance,

autosetup created one new HP-UX account, the Domain Administrator (also known as

domadmin). It also created three new groups: DomainAdmins, HostAdmins, and UserAdmins.

LDAP-UX assigned a UID number to domadmin and GID numbers to the three groups. Once

you start to migrate user information into this directory server, you need to ensure that the user

and group numbers to be migrated do not collide with those created by autosetup. If you

already know that some user or group numbers will collide with those created by autosetup,

you can change the UID or GID numbers now by using the ldapugmod tool. To determine the

UID numbers and GID numbers that were assigned by autosetup, use the ldapuglist tool,

as shown in the following example. Log in as the domadmin user on the local host.

brewer (): /opt/ldapux/bin/ldapuglist -n domadmin

dn: uid=domadmin,ou=People,dc=mydomain,dc=example,dc=com

cn: Domain Administrator

uid: domadmin

uidNumber: 123

gidNumber: 220

loginShell: /usr/bin/sh

homeDirectory: /home/domadmin

gecos: Domain Administrator

brewer (): /opt/ldapux/bin/ldapuglist -t group -f "cn=*Admins"

dn: cn=UserAdminss,ou=Groups,dc=mydomain,dc=example,dc=com

cn: UserAdmins

cn: UserAdminss

gidNumber: 1910

dn: cn=HostAdmins,ou=Groups,dc=mydomain,dc=example,dc=com

cn: HostAdmins

gidNumber: 1920

memberUid: domadmin

90 Installing and configuring LDAP-UX Client Services