Manualshelf

Internet Express for Tru64 UNIX Version 6.8 Administration Guide (14233)

ManualsBrandsHP ManualsSoftwareTru64 UNIX 5.1B
81828384858687888990
ldap_get_user -S filter
For example, a search filter might look like the following:
uid=bjensen
(&(uidNumber>=10)(uidNumber<=20))
Note:
You must quote the filter string according to your shell.
To retrieve a range of users (where start is the starting UID in the range and end is the optional
ending UID in the range):
ldap_get_user -R start[-end]
If you do not specify end, the search retrieves all users from the starting UID through the highest
UID in the LDAP directory server.
To retrieve specific users:
ldap_get_user user [ user ...]
4.4.6 Synchronizing with a Password File
Use the ldap_sync_user utility to synchronize the ldap directory entries for users with the
contents of a passwd file. This utility adds, updates or deletes users as needed to ensure that the
contents of the directory match the supplied entries. This utility is intended to provide easy
synchronization of the directory server with an alternate source for login information (such as
NIS), where the alternate source is considered the master source of the information.
If a problem is encountered , the ldap_sync_user utility returns an exit code greater than 0.
For a description of the options you can use with this utility, see Table 4-2.
To synchronize users:
ldap_sync_user [-b branch ] [ filename]
4.4.7 Adding a Group Entry
Use the ldap_add_group utility to retrieve group(4) entries from the LDAP directory server.
(Use the ldap_mod_group utility to add users to groups. See Section 4.4.8 for more information.)
The ldap_add_group utility adds groups to the first directory server specified in the
ldapcd.conf file. If multiple servers are listed, only the first is used, even if it is not operational.
The ldap_add_group utility constructs the distinguished name (DN) as follows:
groupname_attribute=groupname,branch
The groupname_attribute is replaced by the attribute name specified by the gr_name entry
in the ldapcd.conf file. The groupname is the group name. The branch is one of three possible
values, taken in this order:
1. Value specified on the command line using the -b option
2. Value of the userbranch attribute in the ldapcd.conf file
3. Value of the searchbase attribute in the ldapcd.conf file
If a problem is encountered when creating a group in the LDAP directory server, the
ldap_add_group utility returns an exit code greater than 0.
For a description of the options you can use with this utility, see Table 4-2.
To add one or more groups from a file:
ldap_add_group -f input-file
To add one or more groups from stdin:
cat filename | ldap_add_group -f -
4.4 Utilities for Maintaining User Information in the LDAP Directory Server 87