Notes:

The input must be in group(4) format, but only the group name will be used.

A list of group names (one per line) is also acceptable as input.

Retrieving a Group Entry

Use the ldap_get_group utility to retrieve group(4) entries for selected groups in the LDAP directory server. Unless otherwise specified, the ldap_get_group utility selects all groups on the default group branch or search base. Use the -soption to select a subset of users (see Table 5).

If a problem is encountered when retrieving a group from the LDAP directory server, the ldap_get_group utility returns an exit code greater than 0.

For a description of the options you can use with this utility, see Table 5.

For example, to retrieve all groups:

ldap_get_group [ -b branch ] [ -f input-file]

Note:

In the following examples, the -bbranch and -finput-fileoptions (which are not shown) can also be used.

To use a search filter to find groups:

ldap_get_group -s filter

To use a search filter with object class restrictions added to the search:

ldap_get_group -S filter

A search filter might look like the following:

gid=staff (&(gidNumber>=10)(gidNumber<=20))

Note:

You must quote the filter string in accordance with your shell.

To retrieve a range of groups (where start is the starting GID in the range and end is the optional ending GID in the range):

ldap_get_group -R start[-end]

If you do not specify end, the search retrieves users from the starting GID to the highest GID in the LDAP directory server.

To retrieve specific groups:

ldap_get_group group [ group ...]

Setting a User's Password in the LDAP Directory Server

As root, you can set a user's password in the LDAP directory server by using the ldap_passwd utility:

ldap_passwd loginname new_passwd

The ldap_passwd utility attempts to clear the local ldapcd daemon's cache.

Starting the ldapcd Daemon

Use the ldap_enable utility to configure the system to use the LDAP caching daemon (ldapcd) with the existing ldapcd.conf configuration file.

You can also start the ldapcd daemon using the Administration utility; see Section : Enabling and Disabling the LDAP Module.

Utilities for Maintaining User Information in the LDAP Directory Server

85

Page 85
Image 85
HP UX Internet Express Software manual Retrieving a Group Entry, Setting a Users Password in the Ldap Directory Server