The remaining fields allow you to change the name of the LDAP attribute within the Object Class selected for the Group structure. The name of each attribute must be a member of the object class specified in the Object Class Name field.
•The Group Name field represents the name of the LDAP attribute to be used within the Group Object Class to store the name of a UNIX user group. The default value is cn.
•The Group ID Name field represents the name of the LDAP attribute to be used within the Group Object Class to store the Group ID (gid) number. The default value is gidNumber.
•The Password Name field is the name of the attribute to be used for storing Group Password entries. The default value is userPassword.
•The Group Members Name field represents the name of the attribute to be used to store the member IDs belonging to groups. The default value is MemberUID.
6.Click on Submit.
If the ldapcd.conf file was successfully updated, the Configure Group Attributes form is redisplayed with the Success icon at the top.
Testing the LDAP Module Configuration
When you choose Test Configuration from the LDAP Module for System Authentication Module Administration menu, the Administration utility performs the following tasks:
•Reads the ldapcd.conf file and verifies its contents
•Connects to the directory server specified in ldapcd.conf
•Verifies that you can use the distinguished name and password in the ldapcd.conf file to bind to the directory server
•Checks that the attributes that are mapped to the passwd and group structures are in the schema
Enabling and Disabling the LDAP Module
You can enable or disable the LDAP Module for System Authentication as follows:
1.From the Administration utility Main menu, choose Manage Components.
2.From the Manage Components menu, under Users, choose LDAP Module for System Authentication.
3.From the LDAP Module for System Authentication Administration menu, choose Enable/Disable Module.
4.The current status of the LDAP Module for System Authentication is displayed at the top of the form.
If the module is currently enabled, you can disable or restart the module. If the module is currently disabled, you can enable it by clicking on Start.
Note:
Whenever you enable or disable the LDAP Module for System Authentication, you must reboot the system. Otherwise, some applications (such as cron and Advanced Server for UNIX) will not detect the change in authentication method.
Importing and Exporting Users from /etc/passwd
The following sections describe how to import users into, and export users from, the directory server.