SUMMARY: Adding new LDAP group

From: Dave Martini <martini_at_mrpeabody.llnl.gov> Date: Wed Jan 11 2006 - 18:02:34 EST · This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:54 EST

Looks like most are using command line and not the Directory
Console GUI to add groups. I see the group now in Directory Server 
Console although don't see how within the console to add someone to the 
new group but I'm sure it can be done via command line.

Dave.

James Scott provided me with the commands to create the groups. Thanks 
James.

Another way to look these objects is:
  ldapaddent -d group  [ |grep GROUP ]
                passwd  [ |grep USER ]

Run these from a ldapclient machine:

To add a group:
  1. Create file
     vi /tmp/j
         admin::1002:

  2. Add file to LDAP
      ldapaddent -D "cn=directory manager" -f /tmp/j group
      ldapaddent -d group |grep admin

To add a user, it would be easier create a file with the format setup 
like /etc/passwd and add it to the LDAP server

  1. Create file(s)
     vi /tmp/k
         NUSER:x:1001:12:New User:/home/NUSER:/bin/ksh
     vi /tmp/l
         NUSER::::::::

  2. Add file(s) to LDAP
   ldapaddent -D "cn=directory manager" -f /tmp/k passwd
   ldapaddent -D "cn=directory manager" -f /tmp/l shadow
   ldapaddent -d passwd |grep NUSER

  3. Change password in ldap

  4. Create directory and change ownership

Below is my original question

I'm using SunOne Directory Server 5.2 on Solaris 9.
Client is Solaris 9.

Trying to get a posixgroup setup but can't see the group with ldaplist.

ldapclient# ldaplist -l group
ldaplist: Object not found

I have a basic question of the right way to create this group with id 777.

When I create a new user I go under

object pull down menu
new
other
account

Then I click on

Add Value
posixaccount

Then I  click on

Add Value
shadowaccount

Then I click on
Add attribute
gecos
loginshell
userpassword

What's the correct way to add a group??

I tried doing this:

object pull down menu
new
other
posixgroup

but still can't see it with a ldaplist -l group

Do I need to add values/attributes like I did for the account above?
Is there a mechanism for adding people to the group once I create it?

Thank You.
Dave Martini
LLNL
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers