So the user/group management I was able to achieve by appending ldapmodify commands.
dn: uid=chandank,ou=People,dc=my,dc=net objectclass: person objectclass: inetorgperson objectclass: posixAccount cn: chandan sn: k givenName: Chandan uid:chandank uidNumber:9000 gidNumber:9000 objectclass: mepOriginEntry mepManagedEntry: cn=chandank homeDirectory: /home/chandank loginShell: /bin/bash dn: cn=testgroup,ou=Groups,dc=my,dc=net changetype: modify add: uniqueMember uniqueMember: uid=chandank,ou=People,dc=my,dc=net Thanks Chandan On Wednesday, March 20, 2013, Chandan Kumar wrote: > > Thanks that helped. > > The main reason for my LDAP deployment is for Centralized Linux User > management for all Linux Servers. What would be the simplest way to do > basic user/group management such as > > 1. Adding/Removing users to/from Groups. > 2. Creating new groups and adding the users to it. > 3. Moving users across the groups. > > From the documentation it appears that the static group is what I should > be looking at, not sure though. > > Basically I already have many users whose accounts need to be migrated to > directory server (as of now Manually managed by puppet). I was wondering if > I could do that in some ldif commands. > > I am really poor with ldif statements. I was trying to do it with Managed > group but I could not do it. > > How a ldif command would look like if I want to add a user say testuser, > and also add it to 3 different usergroups (testuser (created by Managed > Plugin), testsupport, testadmin, testsales). > > > Thanks > Chandan > > On Wednesday, March 20, 2013, Rich Megginson wrote: > > On 03/20/2013 10:07 AM, Chandan Kumar wrote: > > Hi Nathan, > > Thanks. Yes it was a stupid Typo. Is there any way to modify/delete > entries created by the Managed Entries plugin? > > When I try to delete those group entries it denies say "It needs to be > Manually Unlinked" not sure how to un-link them. Any idea on that? > > > You have to remove objectclass: mepManagedEntry and mepManagedBy: > uid=jsmith,ou=people,dc=example,dc=com from the group entry > > > -- > http://about.me/chandank > > > On Tue, Mar 19, 2013 at 10:55 PM, Nathan Kinder <nkin...@redhat.com>wrote: > > On 03/19/2013 02:33 PM, Chandan Kumar wrote: > > Hello, > > I am deploying the 389 server (On CentOS 6) to manage the Linux > Users/Password. So as part of Linux User management, I was trying to get > the Managed Entries work for Posix user creation. > > I am following the standard Redhat documentation. > > > https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html-single/Deployment_Guide/index.html#managed-entries > > So I created the templates, exactly the way explained in the doc, but when > I create the users it is not creating corresponding Groups. > > I am using following ldap commands to add entries. I could see the this > plugin created in from the console server -> data -> Plugins -> Managed > Entries -> <My plugin> > > > User creation statements > > > dn: uid=pappu1,ou=People,dc=ma,dc=net > objectclass: person > objectclass: inetorgperson > objectclass: posixAccount > cn: Pappu > sn: Papa > givenName: pappu1 > uid:pappu1 > uidNumber:9003 > gidNumber:9003 > objectclass: mepOriginEntry > mepManagedEntry: cn=Pappu Group > homeDirectory: /home/pappu1 > > The plugin > > dn: cn=Posix User-Group,cn=Managed Entries,cn=plugins,cn=config > objectclass: extensibleObject > cn: Posix User-Group > originScope: ou=people,dc=ma,dc=ma > > You have a typo in your originScope setting. It should be > "ou=people,dc=ma,dc=net". > > -NGK > > originFilter: objectclass=posixAccount > managedBase: ou=groups,dc=ma,dc=net > managedTemplate: cn=Posix User-Group Template,ou=Templates,dc=ma,dc=net > > The template > > dn: cn=Posix User-Group Template, ou=Templates,dc=ma,dc=net > objectclass: mepTemplateEntry > cn: Posix User-Group Template > mepRDNAttr: cn > mepStaticAttr: objectclass: posixGroup > mepMappedAttr: cn: $cn Group Entry > mepMappedAttr: gidNumber: $gidNumber > mepMappedAttr: memberUid: $uid > > > -- > > > > -- > > -- > http://about.me/chandank > > -- -- http://about.me/chandank
-- 389 users mailing list 389-us...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
