LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS
Table 27 Common return codes (continued)
MemberUid is mapped to only dynamic group attributes, the add
operation fails.
ADD_GR_MEMBER_FAILED
The LDAP search returns no entries.ENTRY_NOT_FOUND
Cannot convert the specified distinguished name (DN) to its
component parts.
EXPLODE_DN_FAILED
Cannot convert the specified RDN to its component parts.EXPLODE_RDN_FAILED
The modification operation failed.MODIFY_FAILED
9.3.4 The ldapuglist tool
You can use the ldapuglist tool to display and enumerate POSIX-like account and group entries
stored in an LDAP directory server, without requiring extensive knowledge of the methods used to
retrieve and evaluate that information in the LDAP directory server.
The ldapuglist tool uses the LDAP-UX profile configuration, requiring minimal command line
options to discover where to search for user or group information, such as the LDAP directory server
host and proper search filters for finding users and groups. This tool provides command options
that enable you to alter these configuration parameters.
The ldapuglist tool supports the followings:
• ldapuglist uses the existing LDAP-UX authentication configuration to determine how to
bind to the LDAP directory server.
• ldapuglist performs attribute value translation to POSIX-like syntaxes. For example, if group
membership is defined using X.500-style DN strings, ldapuglist converts those string to
simple member ids.
• ldapuglist supports attribute mappings as specified in the LDAP-UX configuration profile.
The mapped attributes and values can be displayed. The output format of ldapuglist is
similar to an LDIF format (RFC 2849). It is not LDIF. Major differences include:
◦ ldapuglist does not display object classes.
◦ By default, ldapuglist only displays POSIX-related attributes, unless you specifically
request an attribute list with the <attr> option on the command line.
◦ Output lines are not broken after 80 columns.
9.3.4.1 Synopsis
ldapuglist [options] [-t <type>] [-h <hostname>] [-p <port>] [-n <name>]
[-f|F <filter>] [-b <base>] [-s <scope> [-N <maxcount>] [<attr>...]
9.3.4.2 Options
The ldapuglist tool supports the following command options:
-m Displays the names of the mapped attributes when returning results. Without the -m option,
ldapuglist displays results as follows:
fieldname: value
Where fieldname is one of the predefined RFC 2307 attribute names, and value is
the value for that field.
With the -m option, the ldapuglist tool displays the actual attribute mapping name as
follows:
fieldname[mapped attributename]: value
9.3 LDAP user and group management tools 287