My question now is, how do I add new users to the DS...
To add data to your directory, including users, you can use whatever
LDAP modification tool you like. The most basic option is the
ldapmodify command, but depending on how often you add or update users,
you will probably get tired of manually typing LDIF input for
ldapmodify. You could also use the Fedora console, write your own
scripts, or look into other LDAP admin programs (there are several).
...with the necessary shadowAccount attributes? How do I generate the crypted userPassword, shadowLastChange, etc. values?
Using your favorite LDAP admin program :), you can assign whatever
initial values you want for the shadow attributes.
If pam/nss_ldap is so configured on your Linux clients, the passwd
command will update the shadow attributes when passwords are changed.
Solaris 8 LDAP clients ignore shadow attributes, so you might not want
to rely on LDAP-based shadow if you have Solaris 8 in your environment.
Fedora DS can hash passwords several ways, including crypt. You can
choose the default password hash in the Fedora console. The directory
server will hash userPassword attributes with whatever hash you select.
Note that changes to the default password hash are only effective for
subsequent userPassword updates. In other words, changing the hash does
not cause a re-hash of every userPassword attribute in the directory.
-- George
Oscar A. Valdez wrote:
I've followed the instructions in Gerald Carter's "LDAP System
Administration", specifically those in Chapter 6: Replacing NIS.
I've used PADL's scripts to migrate the info
from /etc/passwd, /etc/shadow, and /etc/group into the DS server. My
question now is, how do I add new users to the DS, with the necessary
shadowAccount attributes? How do I generate the crypted userPassword,
shadowLastChange, etc. values?
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
