LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS

ManualsBrandsHP ManualsSoftwareHP-UX LDAP-UX Integration Software

321

322

323

324

325

326

327

328

329

330

9.3.8.2 Options and arguments

The ldaphostmgr tool supports the following options and arguments:

-a Adds a new host to the directory server. The host is added to the

base specified by the host service search descriptor in the LDAP-UX

configuration profile entry (unless the -D option is used to specify

the fully qualified DN). When an entry is created, the device and

ipHost object classes are used. Optionally, additional object classes

can be used to describe the host entry. For more information about

object classes, see Section 9.3.8.3 (page 337).

On ADS, the Computer object class is used.

The -a (add), -d (delete), and -m (modify) options are mutually

exclusive. The -m option is the default if none of these three options

is specified.

-m Modifies an existing host entry. The -a (add), -d (delete), and -m

(modify) options are mutually exclusive. The -m option is the default

if none of these three options is specified.

-d Deletes a host entry. This removes the specified host entry from the

directory server, and removes the host as a member from any group

that contains this host as a member. The -a (add), -d (delete), and

-m (modify) options are mutually exclusive. The -m option is the

default if none of these three options is specified.

-F Forces creation of a new host entry even if the following error

conditions occur:

• Setting the owner of a host to an owner that does not exist. If

the -O option specified a DN, then that DN is used as the

owner. If a user or group is specified, then the owner is set to

the DN of the user identity used by ldaphostmgr when

performing the command. In this case, if the current user identity

is already marked as an owner of the host, a MODIFY_FAILED

error is returned.

• Creating or changing the key for the specified remote host,

even if the identity of the remote host could not be verified.

This usage is not recommended since the key loaded into the

directory server cannot be trusted.

The -F option does not override any enforcement that occurs on

the directory server itself, such as adding an attribute without also

adding a corresponding required object class or modifying an

attribute for which the user does not have sufficient directory

privilege.

-I Adds/modifies additional information about the host:

entityVersion=$(/usr/bin/uname -sr)

entityModel=$(/usr/bin/model)

On ADS, instead of entityVersion, the operatingSystem

and operatingSystemVersion attributes are used.

entityModel is not defined in an ADS environment.

Note that if an -I option is specified and the host being managed

is remote, a remote login to that host is required and performed by

ldaphostmgr to discover that information. This means that when

the LDAP credentials are specified (through the prompt or

LDAP_BINDDN), those credentials must also represent a POSIX

330 Command and tool reference