LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

221

222

223

224

225

226

227

228

229

230

gidNumber: 350

MemberUid: tlee

Description: Group B Entry

Description: Best group in the world

Adding members to a group entry

The following command adds the three members atam, mlou, and mscott to the group entry

groupA:

./ldapugmod -t group -a atam,mlou,mscott GroupA

Removing members from a group entry

The following command removes member atam from the group entry, groupA:

./ldapugmod -t group -r atam GroupA

Command arguments

The following describes arguments and options used in the preceding examples:

-A <attrval> Specifies an attribute and value to be added to an entry. When

working with multi-valued attributes, you can use the -A option to add

a new value for a multi-valued attribute, without removing already

existing values for that attributes.

-g <gidNumber> Replaces the group's numeric ID number.

-a <member>[,...] Adds one or more members to the specified group. When specifying

a list of members, you must use a comma (with no white space) to

separate each member.

-r <member>[,...] Removes one or more members from the specified group. When you

specify a list of members, you must use a comma (with no white space)

to separate each member.

7.7.1.6 Deleting a user or a group (ldapugdel)

You can use ldapugdel to remove POSIX user and group entries from a directory server. With

the -O option, ldapugdel enables you to remove only POSIX related attributes and object classes

from a user or group entry without removing the entire entry.

The userPassword, uid, cn, and description attributes are commonly used by most other

user and group schemas. With the -O option, the ldapugdel tool does not attempt to remove

these attributes. The uidNumber, gidNUmber, loginShell, homeDirectory, gecos, and

memberUid attributes are relatively unique to the POSIX schema. All of them are removed when

the -O option is specified with the ldapugdel command accessing an HP directory server. When

accessing an HP directory server, the ldapugdel -t passwd -O command removes the

posixAccount object class and the following attributes:

• uidNumber

• gidNumber

• homeDirecotry

• loginShell

• gecos

The -O option functions properly with a Windows ADS because the Windows server uses standard

RFC 2307 attributes with exception of the homeDirectory attribute. If accessing a Windows

2003 R2 ADS, the ldapugdel -t passwd -O command removes the posixAccount object

class and following attributes:

• uidNumber

7.7 Managing users and groups 229