Using the StandardUserRecord Shorthand | Apple oxs instruction

56

In addition, you can include

•UserShell (the default shell)

•NFSHomeDirectory (the path to the user’s home directory on the user’s computer)

•Other user data types, described under “User Attributes” on page 57

For group accounts, the list of attributes must include

•RecordName (the group name)

•PrimaryGroupID (the group ID)

•GroupMembership

Here is an example of a record description:

0x0A 0x5C 0x3A 0x2C DSRecTypeStandard:Users 7

RecordName Password UniqueID PrimaryGroupID

RealName NFSHomeDirectory UserShell

Here is an example of a record encoded using the above description:

jim:Adl47E$:408:20:J. Smith, Jr.,

M.D.:/Network/Servers/somemac/Homes/jim:/bin/csh

The record consists of values, delimited by colons. Use a double colon (::) to indicate a value is missing.

Here is another example, which shows a record description and user records for users whose passwords are to be validated using the Password Server. The record description should include a field named dsAttrTypeStandard:AuthMethod, and the value of this field for each record should be dsAuthMethodStandard:dsAuthClearText:

0x0A 0x5C 0x3A 0x2C dsRecTypeStandard:Users 8 dsAttrTypeStandard:RecordName dsAttrTypeStandard:AuthMethod dsAttrTypeStandard:Password dsAttrTypeStandard:UniqueID dsAttrTypeStandard:PrimaryGroupID dsAttrTypeStandard:Comment dsAttrTypeStandard:RealName dsAttrTypeStandard:UserShell skater:dsAuthMethodStandard\:dsAuthClearText:pword1:374:11:comment: Tony Hawk:/bin/csh mattm:dsAuthMethodStandard\:dsAuthClearText:pword2:453:161::

Matt Mitchell:/bin/tcsh

As these examples illustrate, you can use the prefix dsAttrTypeStandard: when referring to an attribute, or you can omit the prefix.

Using the StandardUserRecord Shorthand

When the first record in a character-delimited import file contains StandardUserRecord, the following record description is assumed:

0x0A 0x5C 0x3A 0x2C DSRecTypeStandard:Users 7

RecordName Password UniqueID PrimaryGroupID

RealName NFSHomeDirectory UserShell

Chapter 7 Working With Users and Groups

Image 56

Apple oxs manual Using the StandardUserRecord Shorthand

Contents

Mac OS X Server Command-Line Administration 034-2354/10-24-03 Contents Setting General System Preferences Energy Saver SettingsViewing or Changing Sleep Settings Power Management Settings Working With Disks and Volumes Mounting and Unmounting VolumesMounting Volumes Unmounting Volumes Working With File Services AFP ServiceStarting and Stopping AFP Service Checking AFP Service Status Working With Print Service Starting and Stopping Print ServiceChecking the Status of Print Service Viewing Print Service Settings Changing Settings Using serveradmin 156 Changing Open Directory Service Settings 157 157 Configuring Ldap Index 171 Commands and Other Terminal Text Command Parameters and OptionsNotation Conventions Summary Default Settings Commands Requiring Root Privileges Using Terminal To open Terminal Correcting Typing Errors Repeating CommandsIncluding Paths Using Drag-and-Drop To type a command $ sudo serveradmin list Sending Commands to a Remote Server Sending a Single CommandExample ssh -l admin To open a connection to a remote server Updating SSH Key Fingerprints Getting Online Help for Commands Using TelnetTo enable Telnet access To disable Telnet access Serversetup Determining Whether a Service Needs to be RestartedPage Installing Server Software Automating Server SetupCreating a Configuration File Template To save a template configuration file during server setup Installing Server Software and Finishing Basic Setup Installing Server Software and Finishing Basic Setup Installing Server Software and Finishing Basic Setup Storing a Configuration File in an Accessible Location Changing Server SettingsNaming Configuration Files Viewing, Validating, and Setting the Software Serial Number Updating Server Software Moving a Server Page Examples Automatic RestartTo restart the local server To restart a remote server immediately Changing a Remote Server’s Startup Disk Shutting Down a ServerTo change the startup disk To shut down a remote server immediately Computer Name Date and TimeViewing or Changing the Computer Name To display the server’s computer name Viewing or Changing the System Time Zone Viewing or Changing the System DateViewing or Changing the System Time Energy Saver Settings Viewing or Changing Sleep SettingsViewing or Changing Automatic Restart Settings Viewing or Changing Network Time Server Usage Viewing or Changing the Startup Disk Power Management SettingsStartup Disk Settings Sharing Settings International SettingsViewing or Changing Remote Login Settings Viewing or Changing Language Settings Disabling the Restart and Shutdown Buttons Login SettingsTo view the current setting Viewing Port Names and Hardware Addresses Network Port Configurations Viewing or Changing Media SettingsCreating or Deleting Port Configurations Activating Port Configurations Changing a Server’s IP Address TCP/IP SettingsChanging Configuration Precedence To list TCP/IP settings for a configuration To view TCP/IP settings for port en0To view TCP/IP settings for a particular port or device To change TCP/IP settings for a particular port or device Viewing or Changing DNS Servers AppleTalk Settings Proxy SettingsViewing or Changing FTP Proxy Settings Enabling TCP/IP Viewing or Changing Web Proxy Settings Viewing or Changing Secure Web Proxy SettingsViewing or Changing Streaming Proxy Settings Viewing or Changing Gopher Proxy Settings AirPort Settings Viewing or Changing Socks Firewall Proxy SettingsViewing or Changing Airport Settings Computer, Host, and Rendezvous Name Viewing or Changing the Local Host Name Viewing or Changing the Rendezvous NamePage Unmounting Volumes Checking for Disk ProblemsMounting Volumes Monitoring Disk Space Reclaiming Disk Space Using Log Rolling Scripts Checking to See if Journaling is Enabled Turning on Journaling for an Existing VolumeManaging Disk Journaling Example Enabling Journaling When You Erase a Disk Setting Up a Case-Sensitive HFS+ File SystemErasing, Partitioning, and Formatting Disks Disabling Journaling Imaging and Cloning Volumes Using ASR To image a boot volumeTo restore a volume from an image Hdiutil convert -format Udzo pathtoimage -o compressedimage To create a user with a specific UID and home directory To create a userTo create a user with a specific UID Importing Users and Groups To import users and groups Creating a Character-Delimited User Import File Writing a Record DescriptionUse the shorthand StandardGroupRecord DSRecTypeStandardGroups Using the StandardUserRecord Shorthand Format Sample values User AttributesAttribute Attribute Format Sample values MCXSettings AdminLimitsAuthentication AuthenticationHint Mail Attributes in User Records MailAttribute field Description Sample values NotificationState KNotificationStateNotificationOff is assumed NotificationStaticIP Value Checking a Server User’s Name, UID, or Password Checking a User’s Administrator Privileges Creating a User’s Home DirectoryCreating a Group Folder Mounting a User’s Home DirectoryPage Listing Share Points To list existing share points Examples Creating a Share PointTo create a share point AFP Service Changing AFP Settings List of AFP Settings Admin31GetsSp AdminGetsSpAllowRootLogin AttemptAdminAuth GuestAccess AdminUsersDefault = afpserver LogLogin Unixwithclassicadminpermissions Default = classicpermissionsNoadminkills SpecialAdminPrivs List of AFP serveradmin Commands Listing Connected UsersTo list connected users Output Disconnecting AFP Users Sending a Message to AFP UsersTo send a message To disconnect users Value Description Canceling a User DisconnectTo cancel a disconnect Listing AFP Service Statistics To list samples NFS Service Starting and Stopping NFS ServiceChecking NFS Service Status Viewing NFS Settings FTP Service Parameter ftp Changing FTP SettingsFTP Settings List of FTP serveradmin Commands Ftpcommand= DescriptionPage Viewing SMB Settings Changing SMB SettingsTo list all SMB service settings Or see List of SMB Service Settings on List of SMB Service Settings Parameter smb Description Netbios name Local masterLog level Max smbd processes Listing SMB Users List of SMB serveradmin CommandsSmbcommand= Description Disconnecting SMB Users Value returned by getConnectedUsers Listing SMB Service Statistics Updating Share Point Information Viewing SMB Service Logs Smb-logVar/log/samba/log.smbd Name-logPage Checking the Status of Print Service Viewing Print Service Settings Parameter print Description Changing Print Service SettingsPrint Service Settings Queue Data Array Parameter printDescription Here is an example of a queue array parameter block Print Service serveradmin Commands Pausing a QueueListing Queues To pause a queue To hold a job Listing Jobs and Job InformationHolding a Job Viewing Print Service Log Files To release the jobPage Checking NetBoot Service Status Viewing NetBoot Settings Changing NetBoot Settings NetBoot Service SettingsGeneral Settings Parameter netboot Description Storage Record Array Filters Record Array Image Record Array NetBootPortsRecordsArrayarrayindexm IsEnabledAtIndexPort Record Array EthernetPage Checking the Status of Mail Service Viewing Mail Service Settings Parameter mail Description Changing Mail Service SettingsMail Service Settings Postfixdisablevrfycommand PostfixlmtpsaslpasswordmapsPostfixsmtpsaslpasswordmaps Postfixsmtpsaslauthenable Postfixdeliverlockdelay PostfixmailboxcommandPostfixdefaultverpdelimiters Postfixcleanupservicename Postfixforkdelay PostfixdisablemimeoutputconversionPostfixsmtpdtimeout Postfixsmtpderrorsleeptime Postfixdelaywarningtime PostfixtriggertimeoutPostfixrelaytransport Postfixaliasmaps Postfixsmtpdnoopcommands PostfixalternateconfigdirectoriesPostfixdefaulttransport Postfixsmtpddelayreject Postfixqueueservicename PostfixipctimeoutPostfixdefaultprivs Postfixinflowdelay Postfixshowqservicename PostfixsmtppixworkarounddelaytimePostfixqmqpdtimeout Postfixignoremxlookuperror Postfixbounceservicename PostfixcontentfilterPostfixqmqpderrordelay Postfixsmtpdsenderloginmaps Postfixdefaultextrarecipientlimit PostfixlmtpdatadonetimeoutPostfixlmtpdataxfertimeout Postfixsmtpdatadonetimeout Imappoptimeout ImapmupdateserverImaptimeout Imapenablepop Imapdefaultpartition Imapsrvtab Default = /etc/srvtab ImapimapauthloginImapenableimap Imapallowanonymouslogin Mail serveradmin Commands Command Listing Mail Service Statistics Viewing the Mail Service Logs To display the log locations Setting Up SSL for Mail Service Generating a CSR and Creating a Keychain 120 Obtaining an SSL Certificate Importing an SSL Certificate Into the Keychain Setting Up SSL for Mail Service on a Headless Server Creating a Passphrase File Checking Web Service Status Viewing Web Settings Changing Web Settings Serveradmin and Apache SettingsChanging Settings Using serveradmin An appropriate value for the setting Web serveradmin Commands Viewing Service LogsListing Hosted Sites To list sites Viewing Service Statistics Requestspersecond forCacherequestspersecond for Cachethroughput for Addsite.in File Example Script for Adding a WebsiteAddsite File To run the script IpaddressPort Root Dhcp Service Starting and Stopping Dhcp ServiceChecking the Status of Dhcp Service Viewing Dhcp Service Settings Parameter dhcp Description Changing Dhcp Service SettingsDhcp Service Settings Subnet Parameter Dhcp Subnet Settings ArrayAbout Subnet IDs Leasetimesecs NetaddressNetmask Netrangeend Adding a Dhcp Subnet To add a subnetWINSscopeid WINSsecondaryserver List of Dhcp serveradmin Commands Viewing the Dhcp Service LogCommand Dhcpcommand=Description Location of the DNS service log DNS Service Firewall Service Listing DNS Service StatisticsStarting and Stopping Firewall Service Sample Output Checking the Status of Firewall Service Viewing Firewall Service SettingsChanging Firewall Service Settings Firewall Service Settings Defining Firewall Rules IPFilter Groups With Rules ArrayAdding Rules by Modifying ipfw.conf Parameter ipfilter Description Unmodified ipfw.conf file Rule Adding Rules Using serveradminExample Firewall serveradmin Commands IPFilter Rules Array NAT Service Parameter nat Description Changing NAT Service SettingsNAT Service Settings Parameter natDescription NAT serveradmin CommandsViewing the NAT Service Log VPN Service Starting and Stopping VPN ServiceChecking the Status of VPN Service Viewing VPN Service Settings List of VPN Service Settings Parameter vpnServers Description PPPDSACLEnabled Com.name.ppp.l2tp PPPAuthenticatorPlugins Arrayindex n Com.name.ppp.l2tpPPPLCPEchoEnabled Com.name.ppp.l2tp PPPVerboseLogging Com.name.ppp.l2tp PPPDSACLEnabled Com.name.ppp.pptp PPPAuthenticatorPlugins Arrayindexn Com.name.ppp.pptpPPPLCPEchoEnabled Com.name.ppp.pptp PPPCCPEnabled Com.name.ppp.pptp List of VPN serveradmin Commands Viewing the VPN Service LogVPN Service Log on this Be restarted. See Determining Whether a Service Needs to be IP Failover RequirementsFailover Operation Hardware To enable IP failover Enabling IP Failover Pre and Post Scripts Configuring IP FailoverNotification Only Enabling PPP Dial-In Page Testing Your Open Directory Configuration Testing Open Directory PluginsGeneral Directory Tools Modifying an Open Directory Node Parameter dirserv Description Registering URLs With Service Location Protocol SLPChanging Open Directory Service Settings Program Used to Configuring LdapStandard Distribution Tools Delay Rebind Idle TimeoutIdle Rebinding Options Additional Information About Ldap Password Server NetInfo Kdcsetup KerberosautoconfigKerberos and Single Sign On Tool in usr/sbin Description Stopping Qtss Service Checking Qtss Service Status Viewing Qtss Settings Changing Qtss SettingsTo list all Qtss service settings $ sudo serveradmin settings qtss Qtss Settings Descriptions of SettingsQtss parameters you might change Parameter qtss Description ModulesarrayidQTSSAdminModule AdministratorGroup ModulesarrayidQTSSAdminModuleAuthenticate ModulesarrayidQTSSAdminModule Enableremoteadmin ModulesarrayidQTSSAdminModule Disableoverbuffering ModulesarrayidQTSSReflectorModule Enablebroadcastannounce ModulesarrayidQTSSReflectorModuleEnablebroadcastpush ModulesarrayidQTSSReflectorModule Serverdefaultauthorizationrealm Qtss serveradmin Commands Listing Current Connections Viewing Qtss Service Statistics Error.log Forcing Qtss to Re-Read its PreferencesTo force Qtss to re-read its preferences Library/QuickTimeStreaming/Logs Created To set up /Sites/Streaming in older home directoriesPreparing Older Home Directories for User Streaming Page Index Kerberosautoconfig tool Installer command 21 IP addressKdcsetup utility 160 Kerberos 173 Used by ldapsearch 157 scripts 174 175