LDAP-UX Client Services B.05.00 with Microsoft Windows Active Directory Server Administrator's Guide (obsolete beyond B.05.00)

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

121

122

123

124

125

126

127

128

129

130

a Windows 2003 R2 ADS, the ldapugdel -t passwd -O command removes the

posixAccount object class and following attributes,

• uidNumber

• gidNumber

• loginShell

• gecos

The ldapugdel -t group -O command removes the posixGroup object class and following

attributes:

• gidNumber

• memberUId

• userPassword

6.7.7.1 Examples

This section provides examples of using ldapugdel.

Use LDAP_BINDDN to specify the Distinguished Name (DN) of a user with sufficient directory

server privilege to delete users or groups in the directory server. Use LDAP_BINDCRED to specify

a password for the LDAP user specified by LDAP_BINDDN. Alternately, you can input LDAP

administrator bind identity and credential interactively with a prompt (-P) option.

Run the following commands to specify the LDAP_BINDDN and LDAP_BINDCRED environment

variables:

export LDAP_BINDDN = "cn=Jane Admin,ou=admins,dc=org,dc=example,dc=com"

export LDAP_BINDCRED = "Jane's password"

Run the following commands to delete the entire user account entry, skeith:

cd /opt/ldapux/bin

./ldapugdel -t passwd skeith

In this example, ldapugdel is used to access a Windows 2003 R2 ADS. The following command

deletes only the posixAccount object class and associated attributes, uidnumber, gidNumber

loginShell and gecos, without delete the entire user entry, msmith:

./ldapugdel -t passwd -O msmith

Run the following command to delete the entire group entry with the Distinguished Name,

“cn=groupA,ou=groups,dc=example,dc=com":

./ldapugdel -t group -D "cn=groupA,ou=groups,dc=org,dc=example,dc=com"

In this example, ldapugdel is used to access a Windows 2003 R2 ADS. The following command

to delete only the posixGroup object class and associated attributes, gidNumber, memberUid

and userPassword, without delete the entire group entry, groupB:

./ldapugdel -t group -O groupB

Command Arguments

The following describes the ldapugdel options and arguments used in the above examples:

-t <type> Specifies the type of entry the ldapugdel tool needs to delete. <type> can be

passwd or group. The passwd type represents LDAP user entries which contain

POSIX account-related information. The group type represents LDAP group entries

which contains POSIX group-related information.

-O Allows the ldapugdel tool to delete only the posixAccount or posixGroup object

class and associated attributes, without deleting the entire user or group entry.

-D The ldapugdel tool searches for the named user or group using the search rules

defined by the service search descriptor in LDAP-UX configuration profile. You can

6.7 User and group management 125