LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

221

222

223

224

225

226

227

228

229

230

• gidNumber

• loginShell

• gecos

Accessing either an HP or Windows server, the ldapugdel -t group -O command removes

the posixGroup object class and following attributes:

• gidNumber

• memberUId

• userPassword

Use LDAP_BINDDN to specify the distinguished name (DN) of a user with sufficient directory server

privilege to delete users or groups in the LDAP directory server. Use LDAP_BINDCRED to specify

a password for the LDAP user specified by LDAP_BINDDN. Alternately, you can interactively specify

LDAP administrator bind identity and credential by using the prompt (-P) option with the command.

Deleting a user account entry

The following command deletes the entire user account entry skeith:

cd /opt/ldapux/bin

./ldapugdel -t passwd skeith

Deleting the posixAccount object class and associated attributes but not the entire user entry

The following command, when accessing an HP directory server, deletes only the posixAccount

object class and associated attributes uidnumber, gidNumber, homeDirectory, loginShell,

and gecos, without deleting the entire user entry msmith:

./ldapugdel -t passwd -O msmith

When accessing a Windows ADS, the command deletes only the posixAccount object class and

associated attributes uidnumber, gidNumber, loginShell, and gecos, without deleting the

entire user entry.

Run the following command to delete only the posixGroup object class and associated attributes,

gidNumber, memberUid, and userPassword, without deleting the entire group entry groupB:

./ldapugdel -t group -O groupB

Deleting a group entry that has a specified DN

The following command accessing an HP directory server deletes the entire group entry that has

the distinguished name “cn=groupA,ou=groups,dc=example,dc=com":

./ldapugdel -t group -D "cn=groupA,ou=groups,dc=example,dc=com"

For a Windows ADS, the following command deletes the entire group entry that has the distinguished

name “cn=groupA,cn=users,dc=example,dc=com":

./ldapugdel -t group -D "cn=groupA,cn=users,dc=example,dc=com"

Command arguments

The following describes the ldapugdel options and arguments used in the preceding examples:

-t <type> Specifies the type of entry the ldapugdel tool needs to delete. <type> can be

passwd or group. The passwd type represents LDAP user entries which contain

POSIX account-related information. The group type represents LDAP group entries

which contains POSIX group-related information.

-O Allows the ldapugdel tool to delete only the posixAccount or posixGroup object

class and associated attributes, without deleting the entire user or group entry.

-D The ldapugdel tool searches for the named user or group using the search rules

defined by the service search descriptor in LDAP-UX configuration profile. You can

230 Administering LDAP-UX Client Services