Windows PowerShell command on Get-command ldapaddent
MyWebUniversity

Manual Pages for UNIX Operating System command usage for man ldapaddent




System Administration Commands                     ldapaddent(1M)





NAME

     ldapaddent - create LDAP  entries  from  corresponding  /etc

     files


SYNOPSIS

     ldapaddent [-cpv] [-a authenticationMethod] [-b baseDN]

          -D bindDN [-w bind_password] [-j passwdFile] [-f filename]

          database



     ldapaddent [-cpv] -a sasl/GSSAPI [-b baseDN] [-f filename]

          database



     ldapaddent -d [-v] [-a authenticationMethod] [-D bindDN]

          [-w bind_password] [-j passwdFile] database




     ldapaddent [-cpv] -h LDAP_server[:serverPort] [-M domainName]

          [-N profileName]  [-P certifPath] [-a authenticationMethod]

          [-b baseDN] -D bindDN [-w bind_password] [-f filename]

          [-j passwdFile] database




     ldapaddent [-cpv] -h LDAP_server[:serverPort] [-M domainName]

          [-N profileName]  [-P certifPath] [-a authenticationMethod]

          [-b baseDN] [-f filename] database




     ldapaddent -d [-v] -h LDAP_server[:serverPort] [-M domainName]

          [-N profileName]  [-P certifPath] [-a authenticationMethod]

          [-b baseDN] -D bindDN [-w bind_password] [-j passwdFile]

          database



DESCRIPTION

     ldapaddent creates entries in  LDAP  containers  from  their

     corresponding  /etc  files. This operation is customized for
     each of  the  standard  containers  that  are  used  in  the
     administration  of  Solaris  systems.  The database argument
     specifies the type of the data being processed. Legal values

     for  this  type are one of aliases, auto_*, bootparams, eth-

     ers, group, hosts (including both IPv4 and IPv6  addresses),
     ipnodes  (alias  for  hosts),  netgroup, netmasks, networks,
     passwd, shadow, protocols, publickey, rpc, and services.  In
     addition  to the preceding, the database argument can be one

     of the RBAC-related files (see rbac(5)):



         o    /etc/user_attr



         o    /etc/security/auth_attr






SunOS 5.11           Last change: 1 Jul 2010                    1








System Administration Commands                     ldapaddent(1M)





         o    /etc/security/prof_attr



         o    /etc/security/exec_attr




     By default, ldapaddent reads from  the  standard  input  and

     adds  this  data  to  the LDAP container associated with the
     database specified on the command line. An input  file  from

     which data can be read is specified using the -f option.




     If you specify the -h option, ldapaddent establishes a  con-

     nection  to  the  server indicated by the option in order to

     obtain a DUAProfile specified by the -N option. The  entries

     will  be stored in the directory described by the configura-

     tion obtained.



     By default (if the -h option is not specified), entries will

     be  stored in the directory based on the client's configura-

     tion. To use the utility in the default  mode,  the  Solaris
     LDAP client must be set up in advance.



     The location where entries are to be written can be overrid-

     den by using the -b option.




     If the entry to be added exists in the directory,  the  com-

     mand  displays  an  error and exits, unless the -c option is

     used.


     Although, there is a  shadow  database  type,  there  is  no
     corresponding  shadow  container.  Both  the  shadow and the

     passwd data is stored in the people container itself.  Simi-

     larly,  data from networks and netmasks databases are stored
     in the networks container.



     The user_attr data is stored by default in the  people  con-

     tainer.  The  prof_attr  and  exec_attr  data  is  stored by

     default in the SolarisProfAttr container.


     You must add entries from the  passwd  database  before  you

     attempt  to  add entries from the shadow database. The addi-

     tion of a shadow entry that does not  have  a  corresponding
     passwd entry will fail.







SunOS 5.11           Last change: 1 Jul 2010                    2








System Administration Commands                     ldapaddent(1M)





     The passwd database must precede the user_attr database.



     For better performance, the recommended order in  which  the
     databases should be loaded is as follows:

         o    passwd database followed by shadow database

         o    networks database followed by netmasks database

         o    bootparams database followed by ethers database


     Only the first entry of a given  type  that  is  encountered

     will  be  added  to  the LDAP server. The ldapaddent command

     skips any duplicate entries.

OPTIONS

     The ldapaddent command supports the following options:



     -a authenticationMethod


         Specify authentication method. The default value is what
         has  been  configured  in  the  profile.  The  supported
         authentication methods are:

             o    simple


             o    sasl/CRAM-MD5



             o    sasl/DIGEST-MD5



             o    sasl/GSSAPI

             o    tls:simple


             o    tls:sasl/CRAM-MD5



             o    tls:sasl/DIGEST-MD5

         Selecting simple causes passwords to be  sent  over  the
         network  in clear text. Its use is strongly discouraged.
         Additionally, if the client is configured with a profile
         which  uses  no  authentication,  that  is,  either  the

         credentialLevel attribute is set to anonymous or authen-

         ticationMethod  is  set  to none, the user must use this
         option to  provide  an  authentication  method.  If  the

         authentication   method   is   sasl/GSSAPI,  bindDN  and
         bindPassword is not required and the hosts  and  ipnodes
         fields of /etc/nsswitch.conf must be configured as:

           hosts: dns files
           ipnodes: dns files




SunOS 5.11           Last change: 1 Jul 2010                    3








System Administration Commands                     ldapaddent(1M)




         See nsswitch.conf(4).



     -b baseDN


         Create entries in the baseDN directory.  baseDN  is  not
         relative  to  the  client's  default  search  base,  but
         rather. it is the actual location where the entries will
         be  created.  If  this  parameter  is not specified, the
         first search descriptor defined for the service  or  the
         default container will be used.



     -c


         Continue adding entries to the directory even  after  an
         error. Entries will not be added if the directory server

         is not responding or if there is an authentication prob-

         lem.



     -D bindDN


         Create an  entry  which  has  write  permission  to  the

         baseDN.  When used with -d option, this entry only needs

         read permission.



     -d


         Dump the LDAP container to the standard  output  in  the
         appropriate format for the given database.



     -f filename


         Indicates input file to read in an /etc/ file format.



     -h LDAP_server[:serverPort]


         Specify an address (or a name) and an optional  port  of
         the LDAP server in which the entries will be stored. The
         current naming service specified  in  the  nsswitch.conf
         file  is  used.  The  default value for the port is 389,
         except when  TLS  is  specified  as  the  authentication
         method.  In  this  case,  the  default  LDAP server port
         number is 636.



     -j passwdFile






SunOS 5.11           Last change: 1 Jul 2010                    4








System Administration Commands                     ldapaddent(1M)




         Specify a file containing the password for the  bind  DN
         or  the  password  for the SSL client's key database. To
         protect the password, use this  option  in  scripts  and
         place  the  password  in  a  secure file. This option is

         mutually exclusive of the -w option.




     -M domainName


         The name of a domain served by the specified server.  If
         not specified, the default domain name will be used.



     -N profileName


         Specify the DUAProfile name. A profile with such a  name

         is  supposed  to  exist  on  the  server specified by -h

         option. Otherwise, a default DUAProfile  will  be  used.
         The default value is default.



     -P certifPath


         The certificate path for the location of the certificate
         database.  The value is the path where security database
         files reside. This is used for  TLS  support,  which  is

         specified in the authenticationMethod and serviceAuthen-

         ticationMethod attributes. The default is /var/ldap.



     -p



         Process the password field when loading password  infor-

         mation  from  a  file. By default, the password field is
         ignored because it is usually not valid, as  the  actual
         password appears in a shadow file.



     -w bindPassword


         Password to be used for authenticating  the  bindDN.  If
         this parameter is missing, the command will prompt for a
         password. NULL passwords are not supported in LDAP.


         When you use -w bindPassword to specify the password  to

         be  used  for authentication, the password is visible to
         other users of the system by means of the ps command, in
         script files or in shell history.


         If you supply "-" (hyphen) as a password,  you  will  be

         prompted to enter a password.





SunOS 5.11           Last change: 1 Jul 2010                    5








System Administration Commands                     ldapaddent(1M)





     -v


         Verbose.


OPERANDS
     The following operands are supported:

     database

         The name of the  database  or  service  name.  Supported

         values  are: aliases, auto_*, bootparams, ethers, group,

         hosts (including IPv6  addresses),  netgroup,  netmasks,
         networks, passwd, shadow, protocols, publickey, rpc, and

         services.  Also  supported  are  auth_attr,   prof_attr,

         exec_attr, user_attr, and projects.




EXAMPLES

     Example 1 Adding Password Entries to the Directory Server


     The following example shows how to add password  entries  to
     the directory server:



       example# ldapaddent -D "cn=directory manager" -w secret \

             -f /etc/passwd passwd




     Example 2 Adding Group Entries


     The following example shows how to add group entries to  the

     directory  server  using sasl/CRAM-MD5 as the authentication

     method:



       example# ldapaddent -D "cn=directory manager" -w secret \

            -a "sasl/CRAM-MD5" -f /etc/group group





     Example 3 Adding auto_master Entries




     The following example shows how to add  auto_master  entries

     to the directory server:



       example# ldapaddent -D "cn=directory manager" -w secret \





SunOS 5.11           Last change: 1 Jul 2010                    6








System Administration Commands                     ldapaddent(1M)





            -f /etc/auto_master auto_master




     Example 4 Dumping passwd Entries from the Directory to File


     The following example shows how  to  dump  password  entries
     from the directory to a file foo:



       example# ldapaddent -d passwd > foo




     Example 5 Adding Password Entries to  a  Specific  Directory
     Server


     The following example shows how to add password entries to a
     directory server that you specify:



       example# ldapaddent -h 10.10.10.10:3890 \

       -M another.domain.name -N special_duaprofile \

       -D "cn=directory manager" -w secret \

       -f /etc/passwd passwd




EXIT STATUS
     The following exit values are returned:

     0

         Successful completion.


     >0

         An error occurred.


FILES

     /var/ldap/ldap_client_file

     /var/ldap/ldap_client_cred


         Files containing the LDAP configuration of  the  client.

         These  files are not to be modified manually. Their con-

         tent  is  not  guaranteed  to  be  human  readable.  Use
         ldapclient(1M) to update these files.





SunOS 5.11           Last change: 1 Jul 2010                    7








System Administration Commands                     ldapaddent(1M)





ATTRIBUTES

     See attributes(5) for descriptions of the  following  attri-

     butes:




     ____________________________________________________________

    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |

    |_____________________________|_____________________________|

    | Availability                | system/network/nis          |

    |_____________________________|_____________________________|

    | Interface Stability         | Committed                   |

    |_____________________________|_____________________________|




SEE ALSO

     ldap(1), ldaplist(1),  ldapmodify(1),  ldapmodrdn(1),  ldap-

     search(1),  idsconfig(1M),  ldapclient(1M),  suninstall(1M),
     nsswitch.conf(4), attributes(5)


CAUTION

     Currently StartTLS is not supported by libldap.so.5,  there-

     fore the port number provided refers to the port used during
     a TLS open, rather than the port used as part of a  StartTLS
     sequence. For example:


       -h foo:1000 -a tls:simple





     The preceding refers to a raw TLS  open  on  host  foo  port
     1000,  not  an  open, StartTLS sequence on an unsecured port
     1000. If port 1000 is unsecured the connection will  not  be
     made.




















SunOS 5.11           Last change: 1 Jul 2010                    8



Contact us      |      About us      |      Term of use      |       Copyright © 2000-2019 MyWebUniversity.com ™