LDAP-UX Client Services B.05.00 with Microsoft Windows Active Directory Server Administrator's Guide (obsolete beyond B.05.00)
dn: cn=Mike Lee,cn=Users,dc=org,dc=example,dc=com
cn: Mike Lee
uid: mlee
uidNumber: 900
gidNumber: 2000
loginShell: /usr/bin/sh
homeDirectory: /home/mlee
gecos: mlee,Building-5,555-555-5555
dn: cn=Michael Sheu,cn=Users,dc=org,dc=example,dc=com
cn: Michale Sheu
uid: msheu
uidNumber: 880
gidNumber: 2010
loginShell: /usr/bin/sh
homeDirectory: /home/msheu
gecos: msheu,Building-8,555-555-5000
dn: cn=Pat Fong,cn=Users,dc=org,dc=example,dc=com
cn: Pat Fong
uid: pfong
uidNumber:750
gidNumber: 2000
loginShell: /usr/bin/sh
homeDirectory: /home/pfong
gecos: pfong,Building-10,555-552-5000
...
...
The following command displays an account entry which contains uid=tscott:
./ldapuglist -t passwd -m -f "(uid=tscott)"
In this example, the gecos attribute has been mapped to cn, l, and telephoneNumber. With
the -m option, the ldapuglist tool displays the entry with the mapped attribute names. If
ldapuglist is used to access a Windows 2003 R2 or 2008 Active Directory Server with the
RFC 2307 schema installed, the output of the command is as follows:
dn: cn=Tom Scott,cn=Users,dc=org,dc=example,dc=com
cn[cn]: Tom Scott
uid[uid]: tscott
uidNumber[uidNumber]: 900
gidNumber[gidNumber]: 2010
loginShell[loginShell]: /usr/bin/sh
homeDirectory[unixHomeDirectory]: /home/mlee
gecos[cn]: tscott
gecos[l]: Building-12
gecos[telephoneNumber]: 555-555-6666
6.7.3 Listing groups
You can use ldapuglist to list and enumerate POSIX-like group entries in a directory server.
Below are examples of how to use ldapuglist to display group entries.
Run the following command to list all the posixGroup entries that Mike Phillips belongs to:
cd /opt/ldapux/bin
./ldapuglist -t group -f "(memberUid=mphillips)"
The output is as follows:
dn: cn=group1,ou=groups,dc=org,dc=example,dc=com
cn: group1
gidNumber: 550
memberUid: mphillips
memberUid: mlou
memberUid: apierce
6.7 User and group management 117