If a problem is encountered when creating a group in the LDAP directory server, the ldap_add_group utility returns an exit code greater than 0.

For a description of the options you can use with this utility, see Table 5.

To add one or more groups from a file:

ldap_add_group -f input-file

To add one or more groups from stdin:

cat filename ldap_add_group -f -

Note:

The input must be in group(4) format.

Maintaining Group Membership

Use the ldap_mod_group utility to add or remove users from groups in the LDAP database. The ldap_mod_group utility adds the specified login names to the specified group as group members. Use the -roption to remove the specified login names from the group member list.

If a problem is encountered when modifying group membership in the LDAP database, the ldap_mod_group utility returns an exit code greater than 0.

For a description of the options you can use with this utility, see Table 5.

For example, to add one or more users to a group:

ldap_mod_group group logname [ logname ...]

To remove one or more users from a group:

ldap_mod_group -r group logname [ logname ...]

To remove a user from all groups:

ldap_mod_group -R logname

Deleting a Group Entry

Use the ldap_del_group utility to delete one or more groups from the LDAP directory server. The ldap_del_group utility works in a similar fashion to ldap_add_group, except that groups are removed, rather than added, to the directory server.

If a problem is encountered when deleting a group from the LDAP directory server, the ldap_del_group utility returns an exit code greater than 0.

For a description of the options you can use with this utility, see Table 5.

For example, to delete groups from the command line:

ldap_del_group groupname [ groupname ... ]

To remove groups specified in a file:

ldap_del_group -f filename

To remove groups specified by stdin:

cat filename ldap_del_group -f -

84 User Authentication