LDAP-UX Client Services B.05.01 Administrator Guide for HP directory servers and Windows ADS
This only works if you are starting with an empty directory or creating an entirely new subtree
in your directory for your data.
If you are not using NIS, the migration scripts can take your user, group, and other data from
files, generate LDIF, and import the LDIF into your directory.
• If you integrate the name service data into your directory, the migration scripts might be helpful
depending on where you put the data in your directory. You could use them just to generate
LDIF, edit the LDIF, then import the LDIF into your directory. For example, you could manually
add the posixAccount object class to your existing entries under ou=People and add their
HP-UX information there.
• If you used the guided installation (autosetup) to create a new directory server, ensure that
the user and group numbers to be imported or migrated do not collide with those created by
autosetup (see Section 2.5.1.1 (page 90)).
2.5.1.1 Prevent user and group number collisions with those created by autosetup
The information in this section is a postinstallation task for guided installations only (autosetup);
it does not pertain to customized installations (setup).
If you used the guided installation (autosetup) and created a new directory server instance,
autosetup created one new HP-UX account, the Domain Administrator (also known as domadmin).
It also created three new groups: DomainAdmins, HostAdmins, and UserAdmins. LDAP-UX
assigned a UID number to domadmin and GID numbers to the three groups. Once you start to
migrate user information into this directory server, you must ensure that the user and group numbers
to be migrated do not collide with those created by autosetup. If you already know that some
user or group numbers will collide with those created by autosetup, you can change the UID or
GID numbers now by using the ldapugmod tool. To determine the UID numbers and GID numbers
that were assigned by autosetup, use the ldapuglist tool, as shown in the following example.
Log in as the domadmin user on the local host.
brewer (): /opt/ldapux/bin/ldapuglist -n domadmin
dn: uid=domadmin,ou=People,dc=mydomain,dc=example,dc=com
cn: Domain Administrator
uid: domadmin
uidNumber: 123
gidNumber: 220
loginShell: /usr/bin/sh
homeDirectory: /home/domadmin
gecos: Domain Administrator
brewer (): /opt/ldapux/bin/ldapuglist -t group -f "cn=*Admins"
dn: cn=UserAdminss,ou=Groups,dc=mydomain,dc=example,dc=com
cn: UserAdmins
cn: UserAdminss
gidNumber: 1910
dn: cn=HostAdmins,ou=Groups,dc=mydomain,dc=example,dc=com
cn: HostAdmins
gidNumber: 1920
memberUid: domadmin
dn: cn=DomainAdmins,ou=Groups,dc=mydomain,dc=example,dc=com
cn: Domain Administrators
cn: DomainAdmins
gidNumber: 1900
memberUid: domadmin
Use the ldapugmod tool to change numbers as needed. In the following example, the ldapugmod
tool changes the GID number of DomainAdmins from 1900 to 1999.
90 Installing and configuring LDAP-UX Client Services for an HP server environment