HP-UX Reference (11i v2 07/12) - 1M System Administration Commands A-M (vol 3)

ManualsBrandsHP ManualsSoftwareHP-UX Reference Manuals

491

492

493

494

495

496

497

498

499

500

ldapugmod(1M) ldapugmod(1M)

group ID number speciﬁed exists. If not,

ldapugmod will exit with an error, unless the

-F option has been speciﬁed.

Note, ldapugmod does not modify the user’s group membership when chaining the pri-

mary group ID. Adding the user as a member of the new group, and possibly removing the

member from the previous group, must be done with separate

ldapudmod operations.

Refer to the WARNING section below for additional impacts when using this option.

-s login_shell Replaces the full path name to the executable that will be used to handle login sessions for

this user. If login_shell is an empty string,

ldapugmod will remove the loginShell (or

mapped) attribute.

ldapudmod will issue a WARNING if the speciﬁed login shell does not

exist on the local system.

Note, refer to the WARNING section below for impacts when using this option.

-d home_directory

Replaces the full path name (including the user name) of the user’s home directory. If

home_directory is an empty string,

ldapugmod will remove the homeDirectory (or

mapped) attribute.

Note, refer to the WARNING section below for impacts when using this option.

-m Move the user’s home directory to the location speciﬁed with the

-d option. -m requires

the

-d option be speciﬁed. If the speciﬁed home_directory already exists, the user’s current

home directory does not exist or the user running

ldapugmod does not have sufﬁcient

permissions to move the directory, ldapugmod will return an error.

-I gecos Replaces the GECOS ﬁeld(s) for the user. If gecos is an empty string,

ldapugmod will

remove the gecos (or mapped) attribute(s). Typically the GECOS contains four ﬁelds which

represent (in order):

• The user’s full name

• The user’s work location

• The user’s work telephone number

• The user’s home telephone number (often omitted)

Each ﬁeld in the gecos must be separated by a comma. Although each ﬁeld value speciﬁed

within the gecos can contain white space (such as "Bill Smith,Building 6,555-1234"), white

space should not be used between the each ﬁeld and the separating commas (such as "Bill

Smith, Building 6, 555-1234").

Note that LDAP-UX supports mapping of the gecos ﬁeld to multiple attributes. If attribute

mapping has been speciﬁed in the LDAP-UX conﬁguration proﬁle, each ﬁeld will be mapped

to its representative attribute, in the order speciﬁed.

WARNING: If the

-I option is speciﬁed and attribute mapping has been deﬁned for the

gecos attribute, be careful not to specify the same attributes and values in the command

line that are also used in the gecos map. For example, suppose the gecos has been mapped

to cn, l and telephoneNumber. The following command might produce unpredictable

results:

ldapugmod -I "Jim Smith,Boston,55-5-1234" jsmith \

"cn=Jim Smith" "sn=Smith" \

"telePhoneNumber=555=1234"

In the above example, because of the gecos attribute mapping, the cn and

telePhoneNumbers are speciﬁed twice and will result an error when the same attribute and

value are added to the directory server. ldapcfinfo can be used to determine gecos

attribute mapping conﬁguration.

If gecos is an empty string, ldapugmod will remove the gecos or implied mapped, attri-

butes. Note that this use of the -I option is discouraged, since the gecos attribute is often

mapped to required attributes.

Since the gecos attribute may be mapped to one or several attributes, the number of values

speciﬁed with -I (between the commas) should, but is not required to, match the number

of mapped attributes. If there are more mapped attributes than speciﬁed values in -I,

then trailing mapped attributes will be removed from the directory server. If there are

more values that mapped attributes, extra values will be combined in the last mapped

492 Hewlett-Packard Company − 4 − HP-UX 11i Version 2: December 2007 Update