LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

221

222

223

224

225

226

227

228

229

230

-g <default_gid> Specifies the default group ID number used when creating new

user entries.

-g <min_gid>:<max_gid> Sets new default minimum and maximum ranges that

ldapugadd uses when provisioning a GID number for new

group entries.

-s <default_shell> Specifies the default login shell that ldapugadd uses when

creating a new user entry.

-s <default_home> Specifies the default parent home directory that ldapugadd

uses when creating a new user home directory.

7.7.1.4 Modifying a user (ldapugmod)

You can use ldapugmod tool to modify exiting POSIX accounts or groups in an LDAP directory

server. This section provides examples of using ldapugmod to modify a user's information.

Use LDAP_BINDDN to specify the distinguished name (DN) of a user with sufficient directory server

privilege to modify users or groups in the directory server. Use LDAP_BINDCRED to specify a

password for the LDAP user specified by LDAP_BINDDN. Alternately, you can interactively specify

LDAP administrator bind identity and credential by using the prompt (-P) option with the command.

The LDAP_UGCRED environment variable specifies the new password of a user or group being

modified. You must specify the -PW option when using LDAP_UGCRED. Alternately, you may use

the -PP command option to prompt for the password of the user or group being modified.

Setting environment variables

The following commands set the LDAP_BINDDN and LDAP_BINDCRED environment variables:

export LDAP_BINDDN = "cn=Jane Admin,ou=Admins,dc=example,dc=com"

export LDAP_BINDCRED = "Jane's password"

The following command example changes the password of user mtam, using the new user password

defined in LDAP_UGCRED:

cd /opt/ldapux/bin

export LDAP_UGCRED = "new password"

./ldapugmod -t passwd -PW mtam

Modifying user attributes

The following command specifies sets the uidNumber attribute value for user entry mswartz to

300:

./ldapugmod -t passwd -u 300 mswartz

The following command sets the sn attribute value for user entry mLou to Lou:

./ldapugmod -t passwd mLou "sn=Lou"

The following command specifies a new loginShell attribute value for user mLou:

./ldapugmod -t passwd mLou "loginShell=/net/bin/ksh"

The following command replaces the gecos fields with the new values for the user entry, alouie:

./ldapugmod -t passwd -I "Ann Louie,Building-6,222-2222" alouie

The following command adds the description attribute and value to the user entry, mscott:

./ldapugmod -t passwd -A "description=test user entry" mscott

Removing user attributes

The following command removes the sn attribute and value for user entry alee:

./ldapugmod -t passwd -R "sn=Ann Lee" alee

7.7 Managing users and groups 227