Notes:
The input must be in group(4) format, but only the group name will be used.
A list of group names (one per line) is also acceptable as input.
Retrieving a Group EntryUse the ldap_get_group utility to retrieve group(4) entries for selected groups in the LDAP directory server. Unless otherwise specified, the ldap_get_group utility selects all groups on the default group branch or search base. Use the
If a problem is encountered when retrieving a group from the LDAP directory server, the ldap_get_group utility returns an exit code greater than 0.
For a description of the options you can use with this utility, see Table 5.
For example, to retrieve all groups:
ldap_get_group [
Note:
In the following examples, the
To use a search filter to find groups:
ldap_get_group
To use a search filter with object class restrictions added to the search:
ldap_get_group
A search filter might look like the following:
gid=staff (&(gidNumber>=10)(gidNumber<=20))
Note:
You must quote the filter string in accordance with your shell.
To retrieve a range of groups (where start is the starting GID in the range and end is the optional ending GID in the range):
ldap_get_group
If you do not specify end, the search retrieves users from the starting GID to the highest GID in the LDAP directory server.
To retrieve specific groups:
ldap_get_group group [ group ...]
Setting a User's Password in the LDAP Directory ServerAs root, you can set a user's password in the LDAP directory server by using the ldap_passwd utility:
ldap_passwd loginname new_passwd
The ldap_passwd utility attempts to clear the local ldapcd daemon's cache.
Starting the ldapcd DaemonUse the ldap_enable utility to configure the system to use the LDAP caching daemon (ldapcd) with the existing ldapcd.conf configuration file.
You can also start the ldapcd daemon using the Administration utility; see Section : Enabling and Disabling the LDAP Module.
Utilities for Maintaining User Information in the LDAP Directory Server | 85 |