LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS
-Z Requires an SSL connection to the LDAP directory server, even if the LDAP-UX configuration
profile does not specify the use of SSL. Using the -Z option requires that you define either
a valid LDAP directory server or CA certificate in the /etc/opt/ldapux/cert8.db
file. An error occurs if the SSL connection cannot be established.
-ZZ Attempts a TLS connection to the directory server, even if the LDAP-UX configuration profile
does not specify the use of TLS. If a TLS connection cannot be established, a nonTLS and
nonSSL connection will be established. HP recommends that you do not use -ZZ unless
alternative methods are used to protect from network eavesdropping. Use of -ZZ requires
that you define either a valid LDAP directory server or CA certificate in the /etc/opt/
ldapux/cert8.db file.
-ZZZ Requires a TLS connection to the LDAP directory server, even if the LDAP-UX configuration
profile does not specify the use of TLS. Using the -ZZZ option requires that you define
either a valid directory server or CA certificate in the /etc/opt/ldapux/cert8.db
file. An error will occur if the TLS connection can not be established.
-F Forces creation of new user or group entries even if the following error conditions occur:
• The user name or group name already exists in the directory server.
• The user ID or group ID number already exists in the directory server.
• The shell specified with the -s option does not exist on the local system or is not an
executable.
• You attempt to add a member to a group when that member is not defined in the
LDAP directory server.
Some directory servers perform their own attribute uniqueness checks. In this case, even
if you specify the -F option, ldapugadd is unable to add the new entry.
-S Displays the distinguished name (DN) of the newly created entry.
9.3.5.4 Arguments
The following describes command arguments:
-h <hostname> Specifies the host name and optional port number (hostname:port) of the
LDAP directory server. This option overrides the server list specified by the
LDAP-UX configuration profile. The <hostname> field supports specification
of IPv4 and IPv6 addresses. If you specify a port for an IPv6 address, you
must specify the IPv6 address in square-bracketed form. If the optional port
is unspecified, the port number defaults to 389 or 636 for SSL connections
(-Z).
-p <port> Specifies the port number of the LDAP directory server to contact. The
ldapugadd tool ignores this option if the port number is specified in the
<hostname> parameter as part of the -h option.
-b <base> This option overrides the value of the ${basedn} substitution construct used
in the respective template file. Instead of discovering the ${basedn} value
from the LDAP-UX configuration profile, the tool uses the value defined in the
<base> argument. See Section 9.3.5.6 (page 306) for additional information.
The <base> value is an LDAP distinguished name.
-t <type> Specifies the service type of entry the ldapadd tool operates. The valid
service types of this argument are passwd and group. The passwd type
represents LDAP user entries that contain POSIX account-related information.
The group type represents LDAP group entries that contain POSIX
298 Command and tool reference