LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

231

232

233

234

235

236

237

238

239

240

7.7.1.7.8 Displaying attribute mapping for a specific name service

To display attribute mapping information defined in the LDAP-UX configuration profile, use the

ldapcfinfo -t <type> -m command. The valid <type> value can be passwd or group.

For example, the following command displays the attribute mapping for the gecos attribute that

is mapped to the cn, l, and telephone attributes:

./ldapcfinfo -t passwd -m gecos

The output of the command follows:

gecos=cn l telephoneNumber

As another example, the following command displays the attribute mapping for the gecos and

uidNumber attributes. In this example, gecos is mapped to the cn, l, and telephone attributes,

and uidNumber is mapped to the employeeNumber attribute:

./ldapcfinfo -t passwd -m gecos,uidNumber

The output of the command follows:

gecos=cn l telephoneNumber

uidNumber=employeeNumber

7.7.2 Windows utilities for managing Windows ADS users, groups, and hosts

Select one of the following methods to add data to Windows ADS.

• You can create user, group, and other service objects by using the object classes and attributes

specified by RFC 2307. In this situation you must import an ldif file with all RFC 2307 object

classes and attributes specified.

• Alternatively, you can add users, groups, and hosts using the Windows 2003 R2 or 2008

Active Directory Users and Computers administrative tool. If using Active Directory Users and

Computers, perform the following to set POSIX attributes:

1. Start Active Directory Users and Computers.

2. Click the users (or computers) you want to set for POSIX attributes.

3. Select Properties from the Action menu.

4. Click the Unix Attributes tab.

5. In the NIS Domain box, select a NIS domain from the list. Server for NIS creates a default

NIS domain based on your Active Directory domain name.

6. For users, fill in the UID, Login Shell, Home Directory, and Primary group name/GID fields.

Click OK.

For hosts, fill in the IP Address and the Alias Name. Click OK.

• Add networks, protocols, services, rpc objects, or set POSIX attribute memberUID for groups

using the ADSI Edit snap-in tool. These object classes and attributes cannot be populated from

the Active Directory Users and Computers tool.

1. On your domain controller, click Start, then Run. In the Open dialog box, entermmc, then

click OK.

2. Click the Microsoft Management Console menu, then select Add/Remove Snap-In.

3. In the Add/Remove Snap-In dialog box, click Add.

4. In the Add Standalone Snap-In dialog box, select ADSI Edit, then click Add and then

Close.

5. ADSI Edit appears in the Add/Remove Snap-In dialog box. Click OK.

6. In the Microsoft Management Console, click ADSI Edit and select Connect to... from the

Action menu.

7. In the Connection dialog box, select Naming Context, and select Domain NC from the

drop-down list at the right. Then click OK..

8. Domain NC appears on the right pane. Double-click it to expand the list.

234 Administering LDAP-UX Client Services