LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

301

302

303

304

305

306

307

308

309

310

the requested subtree, along with creation of the required attributes in that entry must be

granted to the LDAP administrator identity when executing ldapugadd.

• As with any POSIX-type identity, the HP-UX operating system uses the specified user and group

ID number to determine rights and capabilities in the OS and in the file system. For example,

the root user ID 0, typically has unlimited OS administration and file access rights. Before

creating a new entry, you must be aware of the selected user and group ID number and any

policy that might be associated with that ID.

• If you use ldapugadd to randomly assign a user or group ID number, it only searches for ID

collisions found in the LDAP directory server, and not other policy repositories. When you set

user and group ID number ranges by using the -D -u or -D -g option, you must set a range

that is not used by other user or group ID repositories, and ensure that collisions will not occur

with existing users or groups that exist in other repositories.

• Modification of this identity repository will likely have impacts as defined by the organization’s

security policy. Users of ldapugadd are expected to have full knowledge of the impact to

the organization’s security policy when adding new identity information to that identity

repository.

9.3.5.8 Specific return codes for ldapugadd

The ldapugadd tool returns a list of return codes shown in Table 29.

Table 29 Return codes for ldapugadd

MessageReturn Code

Failed to add a user to the group.ADD_USER_TO_GRP_FAILED

Specified Skeleton directory does not exist.ADD_SKELDIR_DOESNOT_EXIST

The ldapugadd tool failed the internal putenv function

call with the specified bind environment variable, it returns

this error.

ADD_SETENV_FAILED

Information is missing. For examples, UID number is

missing, group number is missing.

ADD_INFO_MISSING

Failed to get a valid gid number or UID number when

creating a new user or group entry.

ADD_GETNUM_FAILED

A syntax error exists in the specified template file.ADD_SYNTAX_ERR

Attribute is required. For examples, attribute “sn” is

required, attribute “telephonenumber” is required.

ADD_ATTR_REQUIRED

Specified option has invalid range value. For example,

option -u has invalid range value.

ADD_NUM_RANGE_ERR

Option -g <default_gid> or -g

<min_gid>:<max_gid> has been specified more than

once.

ADD_WRONG_G_OPT

You do not have the permission to alter

/etc/opt/ldapux/ldapug.conf.

ADD_NOT_PERMIT

The specified keyword value is invalid, ldapugadd

ignored the keyword. For example, if /usr/bin/jsh

does not exist in the system, the ldapugadd -D -s

/usr/bin/jsh command displays the following warnings:

WARNING: LOGIN_SHELL_DOESNOT_EXIST:

WARNING: ADD_INVALID_KEY

Invalid keyword (default_loginShell),

ignored.

ADD_INVALID_KEYWORD

310 Command and tool reference