ldapugadd.1m (2010 09)
l
ldapugadd(1M) ldapugadd(1M)
uid_name is a required parameter, and it must follow all command-line options and must
precede the attr =value parameters (if provided).
-m Create a new home directory for the defined user. User and group ownership of the
newly created directory will be assigned to the user and his/her primary login group.
If
-k is specified, the files and sub-directories found in skel_dir will be copied to the
user’s home directory, and user and group ownership permissions altered as specified
above. If
-k is not specified, skeleton files will be copied from
/etc/skel.
The
-m option requires the user has sufficient privilege to create the new home directory,
copy skeleton files and change ownership of those files and directories.
ldapugadd will
create a user’s home directory only after successfully adding the user’s entry in the direc-
tory server.
If
ldapugadd is unable to properly create the user’s home directory, per the above pro-
cess, the newly created changes in the directory server will not be removed. See Security
Consideration below for more information.
-k skel_dir -k is ignored unless the
-m option is specified. skel_dir specifies a directory which con-
tains skeleton files and directories that should be copied into newly created user home
directories. See
-m above.
attr
=value Allows specification of arbitrary LDAP attributes and values. Because of potential
objectclass requirements, additional information beyond the basic POSIX account and
group data may be need to be specified in order to create new entries in the directory
server.
For example, if the "InetOrgPerson" objectclass is used as a structural class for posixAc-
counts , then the sn (surname) attribute must be specified in order to properly create a
new entry. This value would need to be defined in the template file (see Template Files ),
and would need to be specified at the end of the
ldapugadd command line.
The attr
=value parameter is generally used to specify attributes required by the tem-
plate file. However, if an attribute is specified which is not defined in the defined tem-
plate file, that attribute/value pair will be considered as an optional attribute/value which
will be added to the entry exactly as specified.
attr
=value parameters are optional, but must be specified as the last parameters on the
command line.
Arguments Applicable to ’-t group’
-g gid_number
Specifies the group’s numeric id number. If the specified gidNumber already exists in the
directory server,
ldapugadd will not add the new entry and return an error exit status,
unless the -F option is specified.
If this argument is not specified, a new group ID number will be provisioned by randomly
selecting a value from the gidNumber range specified by
ldapugadd -d -g
min_gid:max_gid.Ifldapugadd randomly selects a gidNumber that is already in use
on the directory server, ldapugadd will randomly select another gidNumber and try
again until it finds an unused gidNumber or exhausts retry attempts. Retry attempts
will be limited to 90% of the range of available gidNumbers (specified with -D -g
min_gid:max_gid and described above).
-x domain Specifies the group’s domain name. This variable is used to specify the ${domain } value
that can be used in the template file. If this value is not specified, the domain name will
be created by using the first "dc" component of the new group’s distinguished name. If the
distinguished name does not contain any "dc" components, and the ${domain } variable
is specified in the template file, ldapugadd will generate an error.
-M member[,...]
Defines initial group membership by adding the specified user accounts as members. The
members must be defined as a comma-separated list of account names, similar to the -G
requirements defined above. Use of -M requires that the specified user’s account already
be defined in the directory server, unless the -F option is specified.
When the
-F option is used, the users group membership will be defined using the mem-
berUid attribute, regardless of the attribute mapping configuration defined by ldapux (5).
HP-UX 11i v3: June 2010 Web Release − 5 − Hewlett-Packard Company 5