Chandan Kumar wrote:
Thanks that helped. The main reason for my LDAP deployment is for Centralized Linux User management for all Linux Servers. What would be the simplest way to do basic user/group management such as 1. Adding/Removing users to/from Groups. 2. Creating new groups and adding the users to it. 3. Moving users across the groups.
You might want to consider the FreeIPA project, http://www.freeipa.org. It does exactly this, backed with 389-ds and MIT Kerberos.
rob
From the documentation it appears that the static group is what I should be looking at, not sure though. Basically I already have many users whose accounts need to be migrated to directory server (as of now Manually managed by puppet). I was wondering if I could do that in some ldif commands. I am really poor with ldif statements. I was trying to do it with Managed group but I could not do it. How a ldif command would look like if I want to add a user say testuser, and also add it to 3 different usergroups (testuser (created by Managed Plugin), testsupport, testadmin, testsales). Thanks Chandan On Wednesday, March 20, 2013, Rich Megginson wrote: On 03/20/2013 10:07 AM, Chandan Kumar wrote:Hi Nathan, Thanks. Yes it was a stupid Typo. Is there any way to modify/delete entries created by the Managed Entries plugin? When I try to delete those group entries it denies say "It needs to be Manually Unlinked" not sure how to un-link them. Any idea on that?You have to remove objectclass: mepManagedEntry and mepManagedBy: uid=jsmith,ou=people,dc=example,dc=com from the group entry-- http://about.me/chandank On Tue, Mar 19, 2013 at 10:55 PM, Nathan Kinder <nkinder@xxxxxxxxxx> wrote: On 03/19/2013 02:33 PM, Chandan Kumar wrote:Hello, I am deploying the 389 server (On CentOS 6) to manage the Linux Users/Password. So as part of Linux User management, I was trying to get the Managed Entries work for Posix user creation. I am following the standard Redhat documentation. https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html-single/Deployment_Guide/index.html#managed-entries So I created the templates, exactly the way explained in the doc, but when I create the users it is not creating corresponding Groups. I am using following ldap commands to add entries. I could see the this plugin created in from the console server -> data -> Plugins -> Managed Entries -> <My plugin> User creation statements dn: uid=pappu1,ou=People,dc=ma,dc=net objectclass: person objectclass: inetorgperson objectclass: posixAccount cn: Pappu sn: Papa givenName: pappu1 uid:pappu1 uidNumber:9003 gidNumber:9003 objectclass: mepOriginEntry mepManagedEntry: cn=Pappu Group homeDirectory: /home/pappu1 The plugin dn: cn=Posix User-Group,cn=Managed Entries,cn=plugins,cn=config objectclass: extensibleObject cn: Posix User-Group originScope: ou=people,dc=ma,dc=maYou have a typo in your originScope setting. It should be "ou=people,dc=ma,dc=net". -NGKoriginFilter: objectclass=posixAccount managedBase: ou=groups,dc=ma,dc=net managedTemplate: cn=Posix User-Group Template,ou=Templates,dc=ma,dc=net The template dn: cn=Posix User-Group Template, ou=Templates,dc=ma,dc=net objectclass: mepTemplateEntry cn: Posix User-Group Template mepRDNAttr: cn mepStaticAttr: objectclass: posixGroup mepMappedAttr: cn: $cn Group Entry mepMappedAttr: gidNumber: $gidNumber mepMappedAttr: memberUid: $uid -- http://about.me/chandank -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users-- -- http://about.me/chandank -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
