HP-UX Reference (11i v2 07/12) - 1M System Administration Commands A-M (vol 3)
l
ldapugadd(1M) ldapugadd(1M)
dn: cn=${cn},ou=users,${basedn}
objectclass: group
${posixProfile}
sAMAccountName: ${cn}
msSFU30NisDomain: ${domain}
Each template file must follow the LDIF data format and also allow for substitution of values from the
ldapugadd command. Two default template files (for user and group entries) for standard directory
servers, along with two default template files for ADS are provided under
/etc/opt/ldapux/ug_templates
. The following guidelines can be used when creating template
files.
• Each template file is used for defining only one entry in the directory server.
• Each template file may contain comment lines. Each comment line must begin with the pound (
#) char-
acter.
• Each template file can be built using custom attributes and values. Customized attribute values are
defined using the
${name
} construct. However, for each non-RFC2307 attribute used, when
ldapugadd creates a new entry, each one of those attributes must be specified on the command line as
an attr=value pair.
• ldapugadd supports several pre-defined substitution constructs, where name is represented by:
posixProfile Represents all RFC2307-type attributes and values for the particular name service
(either passwd or group). If LDAP-UX has defined attribute mapping for particular
attributes, the mapped attributes will be substituted in its place. When used for
posixAccount-type entries, the following attributes and values will be added to the entry:
• cn
• uid
• userPassword
• uidNumber
• gidNumber
• gecos
• homeDirectory
• loginShell
When used with posixGroup-type entries, the following attributes and values will be
added to the entry:
• cn
• userPassword
• gidNumber
• memberUid
Note: Since use of posixProfile supports attribute mapping, if the above attributes have
been mapped as configured in the LDAP-UX configuration profile, the mapped attributes
and values will be added to the entry instead of the RFC2307 defined attributes. For
example, if the posixAccount attribute gecos has been mapped to cn l telephoneNumber
then cn, l and telephoneNumber will be added to the entry instead of gecos. And for
another example with posixGroups,ifmemberUid has been mapped to uniqueMember,
then uniqueMember will be added (using the DN syntax) to the entry instead of mem-
berUid.
basedn Represents the distinguished name of the default search base (defaultSearchBase)as
obtained from the LDAP-UX configuration profile.
uid Represents the user’s account name when used in a passwd template file.
uidNumber Represents the user’s account ID number when used in a passwd template file.
cn Represents the user’s full name when used in a passwd template file. Represents the
group name when used in a group template file.
gidNumber Represents the group ID number when used in a group template file.
• The first line of the template file is used to define the distinguished name of the new entry. Since each
DN is unique, the first component of the DN (the Relative Distinguished Name or RDN) must be able to
construct a unique value for each new entry. Thus the RDN should be constructed using a
${name}
HP-UX 11i Version 2: December 2007 Update − 7 − Hewlett-Packard Company 469