ldapugdel.1m (2010 09)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

ldapugdel(1M) ldapugdel(1M)

• Since Active Directory schema and RFC2307 schema conﬂict in the shared deﬁnition

of the homeDirectory attribute,

ldapugdel will never remove the homeDirectory

attribute if

ldapugdel determines the entry being modiﬁed is stored on an Active

Directory server.

• If

ldapugdel discovers any attributes or object classes used by the Microsoft Ser-

vices for Unix schema on an Active Directory Server, use of the

-O option will remove

all MS SFU attributes in addition to the attributes deﬁned above.

For a user entry the following additional attributes will be removed:

• msSFU30Name

• msSFU30UidNumber

• msSFU30GidNumber

• msSFU30LoginShell

• msSFU30Password

• msSFU30Gecos

• msSFU30NisDomain

• msSFU30HomeDirectory

• msSFU30PosixMemberOf

• unixHomeDirectory

• unixUserPassword

For a group entry the following additional attributes will be removed:

• msSFU30Name

• msSFU30GidNumber

• msSFU30Password

• msSFU30MemberUid

• msSFU30NisDomain

• msSFU30PosixMember

• unixUserPassword

-D DN Normally ldapugdel will search for the named user or group using the search rules

described by the service search descriptor in the ldapux (5) conﬁguration proﬁle. With

-D, the exact DN of the entry being modiﬁed may be speciﬁed.

Only one of

-D, uid_name or group_name may be speciﬁed on the command line.

uid_name Speciﬁes the name of the user entry to remove. Note that

ldapugdel uses the

conﬁgured LDAP search ﬁlter to discover the entry to be removed, such as:

(&(objectclass=posixAccount)(uid=

name)).

If there is more than one entry that matches this search ﬁlter, only the ﬁrst entry

discovered entry will be removed.

Only one of

-D, uid_name ,orgroup_name may be speciﬁed on the command line.

group_name Speciﬁes the name of the group entry to remove. Note that

ldapugdel uses the

conﬁgured LDAP search ﬁlter to discover the entry to be removed, such as:

(&(objectclass=posixgroup)(cn=name)).

If there is more than one entry that matches this search ﬁlter, only the ﬁrst entry

discovered entry will be removed.

Only one of

-D, uid_name ,orgroup_name may be speciﬁed on the command line.

Binding to the Directory Server

ldapugdel has been designed to take advantage of the existing ldapux (5) conﬁguration for determining

to which directory server to bind and how to perform the bind operation. ldapugdel will consult the

ldapux (5) conﬁguration proﬁle for the following information:

• The list of LDAP directory server hosts.

• The authentication method (simple passwords, SASL Digest MD5, etc.).

HP-UX 11i v3: June 2010 Web Release − 3 − Hewlett-Packard Company 3