The ldap_add_user utility adds users to the first directory server specified in the ldapcd.conf file. If multiple servers are listed, only the first is used, even if it is not operational. The distinguished name (DN) is constructed as follows:

logname_attribute=logname,branch

The logname_attribute is replaced by the attribute name specified by the pw_username entry in the ldapcd.conf file. The logname is the user's login name. The branch is one of three possible values, taken in this order:

1.Value specified on the command line using the -boption

2.Value of the userbranch attribute in the ldapcd.conf file

3.Value of the searchbase attribute in the ldapcd.conf file

If a problem is encountered when adding a user to the LDAP database, the ldap_add_user utility returns an exit code greater than 0.

For a description of the options you can use with this utility, see Table 5.

To add one or more users from a file:

ldap_add_user -f input-file

To add one or more users from stdin:

cat filename ldap_add_user -f -

Note:

The input must be in passwd(4) format.

Deleting a User Entry

The ldap_del_user utility works in a similar fashion to ldap_add_user, except that users are removed, rather than added, to the directory server.

If a problem is encountered when deleting a user from the LDAP directory server, the ldap_del_user utility returns an exit code greater than 0.

For a description of the options you can use with this utility, see Table 5.

For example, to delete a user from the command line:

ldap_del_user logname [ logname ... ]

To delete one or more user or users listed in a file:

ldap_del_user -f input-file

To delete one or more users from stdin:

cat filename ldap_del_user -f -

Note:

The input must be in passwd(4) format, but only the login name portion of each record is used. Anything beyond the first colon (:) in each input record is ignored.

A list of names (one per line) is also acceptable as input.

Retrieving a User Entry

Use the ldap_get_user utility to retrieve passwd entries for specified users in the LDAP directory server. Unless otherwise specified, the ldap_get_user utility selects all users on the default user branch or search base. Use the -soption to select a subset of users (see Table 5).

If a problem is encountered when retrieving a user from the LDAP directory server, the ldap_get_user utility returns an exit code greater than 0.

For a description of the options you can use with this utility, see Table 5.

82 User Authentication

Page 82
Image 82
HP UX Internet Express Software manual Deleting a User Entry, Retrieving a User Entry