ldapugadd.1m (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

ldapugadd(1M) ldapugadd(1M)

Use of -F is not recommended, and will not succeed if the directory server does not sup-

port the memberUid attribute.

ldapugadd will follow the same membership syntax as deﬁned by ldapux (5) attribute

mapping. Speciﬁcally, if ldapux (5) has mapped the RFC2307 group membership attri-

bute (memberUid ) to a DN-based membership attribute such as member or uni-

queMember, then

ldapugadd will deﬁne membership using the DN of the speciﬁed

user. If memberUid has been mapped to more than one attribute type,

ldapugadd will

use the ﬁrst attribute deﬁned by the mapping.

Note that

ldapugadd can only add members to a group that follow a static membership

syntax (like memberUid , member, and uniqueMember).

ldapugadd will fail if the only

mapping deﬁned uses a dynamic group membership syntax (like memberUrl).

-c comment Speciﬁes a comment that will be stored in the description attribute, as deﬁned by

RFC2307. Attribute mapping is not deﬁned for the description attribute. If unspeciﬁed,

the description attribute will not be added to the user’s entry.

-T template_file

Speciﬁes the LDIF template ﬁle that will be used to create new group entries. The

template_ﬁle parameter may either be a full or relative path name or a "short" name.

Refer to Template File Naming below for additional information.

group_name Required Argument. Contains the POSIX-style textual group name for the new group

entry. This name should conform to HP-UX group name requirements. Please refer to

group(4) for group name requirements. gid_name is a required parameter, must follow

all command-line options and must precede the attr

=value parameters (if provided).

attr

=value Allows speciﬁcation of arbitrary LDAP attributes and values. Refer to attr =

value in the

section above for additional information. attr

=value parameters are optional, but must

be speciﬁed as the last parameters on the command line.

Template Files

One of the beneﬁts of LDAP directory servers is the ﬂexibility to support customized data models to meet

organizational requirements. This ﬂexibility allows each directory deployment to deﬁne unique data

models for users and groups. Because of this, it’s not possible for

ldapugadd to be able to create new

user or group entries in the directory server and also follow the desired data model, without some

description of that data model.

Template ﬁles for user and group entries allow

ldapugadd

to discover the required data models for new

user and group entries. Template ﬁles deﬁne what data is required to create new user and group entries

and allow ldapugadd to discover required attributes and data elements before creating the entries.

To explain this concept, the below examples show the default templates for a standard directory server for

a passwd and group entry. Samples, such as the one below, are delivered with LDAP-UX, including sam-

ples for ADS.

Below is a sample default template for standard directory server:

dn: uid=${uid},ou=people,${basedn}

objectclass: InetOrgPerson

objectclass: posixAccount

sn: ${Surname}

${posixProfile}

dn: cn=${cn},ou=groups,${basedn}

objectclass: groupOfNames

objectclass: posixGroup

${posixProfile}

Below is a sample default template for Windows ADS:

dn: cn=${cn},cn=users,${basedn}

objectclass: user

${posixProfile}

sAMAccountName: ${uid}

msSFU30NisDomain: ${domain}

6 Hewlett-Packard Company − 6 − HP-UX 11i v3: June 2010 Web Release