ldapugadd.1m (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

ldapugadd(1M) ldapugadd(1M)

dn: cn=${cn},ou=users,${basedn}

objectclass: group

${posixProfile}

sAMAccountName: ${cn}

msSFU30NisDomain: ${domain}

Each template ﬁle must follow the LDIF data format and also allow for substitution of values from the

ldapugadd command. Two default template ﬁles (for user and group entries) for standard directory

servers, along with two default template ﬁles for ADS are provided under

/etc/opt/ldapux/ug_templates

. The following guidelines can be used when creating template

ﬁles.

• Each template ﬁle is used for deﬁning only one entry in the directory server.

• Each template ﬁle may contain comment lines. Each comment line must begin with the pound (

character.

• Each template ﬁle can be built using custom attributes and values. Customized attribute values are

deﬁned using the

${name}

construct. However, for each non-RFC2307 attribute used, when

ldapugadd creates a new entry, each one of those attributes must be speciﬁed on the command line

as an attr =value pair.

•

ldapugadd supports several pre-deﬁned substitution constructs, where name is represented by:

posixProfile Represents all RFC2307-type attributes and values for the particular name service

(either passwd or group). If ldapux (5) has deﬁned attribute mapping for particular

attributes, the mapped attributes will be substituted in its place. When used for

posixAccount-type entries, the following attributes and values will be added to the

entry:

• cn

• uid

• userPassword

• uidNumber

• gidNumber

• gecos

• homeDirectory

• loginShell

When used with posixGroup-type entries, the following attributes and values will be

added to the entry:

• cn

• userPassword

• gidNumber

• memberUid

Note: Since use of posixProﬁle supports attribute mapping, if the above attributes

have been mapped as conﬁgured in the LDAP-UX conﬁguration proﬁle, the mapped

attributes and values will be added to the entry instead of the RFC2307 deﬁned attri-

butes. For example, if the posixAccount attribute gecos has been mapped to cn l

telephoneNumber then cn, l and telephoneNumber will be added to the entry instead

of gecos. And for another example with posixGroups ,ifmemberUid has been mapped

to uniqueMember , then uniqueMember will be added (using the DN syntax) to the

entry instead of memberUid .

basedn Represents the distinguished name of the default search base (defaultSearchBase)as

obtained from the ldapux (5) conﬁguration proﬁle.

uid Represents the user’s account name when used in a passwd template ﬁle.

uidNumber Represents the user’s account ID number when used in a passwd template ﬁle.

cn Represents the user’s full name when used in a passwd template ﬁle. Represents the

group name when used in a group template ﬁle.

gidNumber Represents the group ID number when used in a group template ﬁle.

• The ﬁrst line of the template ﬁle is used to deﬁne the distinguished name of the new entry. Since each

DN is unique, the ﬁrst component of the DN (the Relative Distinguished Name or RDN) must be able

to construct a unique value for each new entry. Thus the RDN should be constructed using a

HP-UX 11i v3: June 2010 Web Release − 7 − Hewlett-Packard Company 7