Hi the theme of this script is , i need to modify uid , password, loginshell
example
ldapsearch -xZZ -D "cn=Directory Manager" -w 'testtest' -b "dc=fosiul,dc=lan" "(cn=Fosiul Alam)" loginshell uid userPassword # extended LDIF # # LDAPv3 # base <dc=fosiul,dc=lan> with scope subtree # filter: (cn=Fosiul Alam) # requesting: loginshell uid userPassword #
# falam, users, UK, fosiul.lan dn: uid=falam,ou=users,l=UK,dc=fosiul,dc=lan loginshell: /bin/bash uid: falam userPassword:: e1NTSEF9MkpYSGI2bSs3OFk5SlcySG1kOVcxdjFVUFVHMVA3eXI0dFQvZ2c9PQ= =
# search result search: 3 result: 0 Success
So i need to modify it with loginshell: /bin/nologin uid: delete_falam userPassword:: asfasfasfasfasfasfasfdPQ=
my first question is : what would be the ldif file format for these changes ??
Thanks for your help .
I should look similat to this:
dn: uid=jsmith,ou=users,l=uk,dc=fosiul,dc=lan changetype: modrdn newrrdn: uid=new_uid_value deleteoldrdn: 1 - changetype: modify replace: loginshell loginshell: /bin/nologin - modify: userPassword userPassword: asfasfasfasfasfasfasfdPQ=
If you see "::" in userPassword this means that hash/password is ecrypted in base64 before listing in ldif. This rule apply for other attributes aswell. Usually it's used when attribute have some non-ascii chars. Usually you don't need to worry about it because most apps can handle this.
I wrote it by hand soo there may be some errors. The "-" signs are important, They mean that operation on this entry are not finished and they provide something like transactions in databases - I noticed this myself. All operations on entry must be correct or none will be applied.
Greg.
send from htc desire z 14-08-2012 13:40, "Fosiul Alam" fosiul@gmail.com napisał(a):
Hi the theme of this script is , i need to modify uid , password, loginshell
example
ldapsearch -xZZ -D "cn=Directory Manager" -w 'testtest' -b "dc=fosiul,dc=lan" "(cn=Fosiul Alam)" loginshell uid userPassword # extended LDIF # # LDAPv3 # base <dc=fosiul,dc=lan> with scope subtree # filter: (cn=Fosiul Alam) # requesting: loginshell uid userPassword #
# falam, users, UK, fosiul.lan dn: uid=falam,ou=users,l=UK,dc=fosiul,dc=lan loginshell: /bin/bash uid: falam userPassword:: e1NTSEF9MkpYSGI2bSs3OFk5SlcySG1kOVcxdjFVUFVHMVA3eXI0dFQvZ2c9PQ= =
# search result search: 3 result: 0 Success
So i need to modify it with loginshell: /bin/nologin uid: delete_falam userPassword:: asfasfasfasfasfasfasfdPQ=
my first question is : what would be the ldif file format for these changes ??
Thanks for your help .
389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
On 08/14/2012 06:36 AM, Grzegorz Dwornicki wrote:
I should look similat to this:
dn: uid=jsmith,ou=users,l=uk,dc=fosiul,dc=lan changetype: modrdn newrrdn: uid=new_uid_value deleteoldrdn: 1
changetype: modify replace: loginshell loginshell: /bin/nologin
modify: userPassword userPassword: asfasfasfasfasfasfasfdPQ=
note - there should be no blank lines above - it appears as though the first "-" is preceded by a blank line - there should be no blank lines
Also - userPassword should be in clear text - do not send pre-hashed passwords to the directory server.
For more information about ldif - man ldif
If you see "::" in userPassword this means that hash/password is ecrypted in base64 before listing in ldif. This rule apply for other attributes aswell. Usually it's used when attribute have some non-ascii chars. Usually you don't need to worry about it because most apps can handle this.
I wrote it by hand soo there may be some errors. The "-" signs are important, They mean that operation on this entry are not finished and they provide something like transactions in databases - I noticed this myself. All operations on entry must be correct or none will be applied.
Greg.
send from htc desire z
14-08-2012 13:40, "Fosiul Alam" <fosiul@gmail.com mailto:fosiul@gmail.com> napisał(a):
Hi the theme of this script is , i need to modify uid , password, loginshell example ldapsearch -xZZ -D "cn=Directory Manager" -w 'testtest' -b "dc=fosiul,dc=lan" "(cn=Fosiul Alam)" loginshell uid userPassword # extended LDIF # # LDAPv3 # base <dc=fosiul,dc=lan> with scope subtree # filter: (cn=Fosiul Alam) # requesting: loginshell uid userPassword # # falam, users, UK, fosiul.lan dn: uid=falam,ou=users,l=UK,dc=fosiul,dc=lan loginshell: /bin/bash uid: falam userPassword:: e1NTSEF9MkpYSGI2bSs3OFk5SlcySG1kOVcxdjFVUFVHMVA3eXI0dFQvZ2c9PQ= = # search result search: 3 result: 0 Success So i need to modify it with loginshell: /bin/nologin uid: delete_falam userPassword:: asfasfasfasfasfasfasfdPQ= my first question is : what would be the ldif file format for these changes ?? Thanks for your help . -- 389 users mailing list 389-users@lists.fedoraproject.org <mailto:389-users@lists.fedoraproject.org> https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
Hi thanks for great help
Everything works from script point of view
Just a quick question
How will i just get All uidNumber (userid) ??
which commands will show me all uidNumber ??
thanks
On Tue, Aug 14, 2012 at 2:18 PM, Rich Megginson rmeggins@redhat.com wrote:
On 08/14/2012 06:36 AM, Grzegorz Dwornicki wrote:
I should look similat to this:
dn: uid=jsmith,ou=users,l=uk,dc=fosiul,dc=lan changetype: modrdn newrrdn: uid=new_uid_value deleteoldrdn: 1
changetype: modify replace: loginshell loginshell: /bin/nologin
modify: userPassword userPassword: asfasfasfasfasfasfasfdPQ=
note - there should be no blank lines above - it appears as though the first "-" is preceded by a blank line - there should be no blank lines
Also - userPassword should be in clear text - do not send pre-hashed passwords to the directory server.
For more information about ldif - man ldif
If you see "::" in userPassword this means that hash/password is ecrypted in base64 before listing in ldif. This rule apply for other attributes aswell. Usually it's used when attribute have some non-ascii chars. Usually you don't need to worry about it because most apps can handle this.
I wrote it by hand soo there may be some errors. The "-" signs are important, They mean that operation on this entry are not finished and they provide something like transactions in databases - I noticed this myself. All operations on entry must be correct or none will be applied.
Greg.
send from htc desire z
14-08-2012 13:40, "Fosiul Alam" fosiul@gmail.com napisał(a):
Hi the theme of this script is , i need to modify uid , password, loginshell
example
ldapsearch -xZZ -D "cn=Directory Manager" -w 'testtest' -b "dc=fosiul,dc=lan" "(cn=Fosiul Alam)" loginshell uid userPassword # extended LDIF # # LDAPv3 # base <dc=fosiul,dc=lan> with scope subtree # filter: (cn=Fosiul Alam) # requesting: loginshell uid userPassword #
# falam, users, UK, fosiul.lan dn: uid=falam,ou=users,l=UK,dc=fosiul,dc=lan loginshell: /bin/bash uid: falam userPassword:: e1NTSEF9MkpYSGI2bSs3OFk5SlcySG1kOVcxdjFVUFVHMVA3eXI0dFQvZ2c9PQ= =
# search result search: 3 result: 0 Success
So i need to modify it with loginshell: /bin/nologin uid: delete_falam userPassword:: asfasfasfasfasfasfasfdPQ=
my first question is : what would be the ldif file format for these changes ??
Thanks for your help .
389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
ldapsearch -xZZ -D "cn=Directory Manager" -w 'testtest' -b "dc=fosiul,dc=lan" "(cn=Fosiul Alam)" uidNumber
The last field in the above example is for the attributes you want returned in your search. Just like the example below where you are searching for uid, password and login shell, you simply change the attributes you wish retrieve. ====================== Regards,
Matthew Schmitt mschmitt@sugarsync.com
On 8/14/12 7:11 AM, "Fosiul Alam" fosiul@gmail.com wrote:
Hi thanks for great help
Everything works from script point of view
Just a quick question
How will i just get All uidNumber (userid) ??
which commands will show me all uidNumber ??
thanks
On Tue, Aug 14, 2012 at 2:18 PM, Rich Megginson rmeggins@redhat.com wrote:
On 08/14/2012 06:36 AM, Grzegorz Dwornicki wrote:
I should look similat to this:
dn: uid=jsmith,ou=users,l=uk,dc=fosiul,dc=lan changetype: modrdn newrrdn: uid=new_uid_value deleteoldrdn: 1
changetype: modify replace: loginshell loginshell: /bin/nologin
modify: userPassword userPassword: asfasfasfasfasfasfasfdPQ=
note - there should be no blank lines above - it appears as though the first "-" is preceded by a blank line - there should be no blank lines
Also - userPassword should be in clear text - do not send pre-hashed passwords to the directory server.
For more information about ldif - man ldif
If you see "::" in userPassword this means that hash/password is ecrypted in base64 before listing in ldif. This rule apply for other attributes aswell. Usually it's used when attribute have some non-ascii chars. Usually you don't need to worry about it because most apps can handle this.
I wrote it by hand soo there may be some errors. The "-" signs are important, They mean that operation on this entry are not finished and they provide something like transactions in databases - I noticed this myself. All operations on entry must be correct or none will be applied.
Greg.
send from htc desire z
14-08-2012 13:40, "Fosiul Alam" fosiul@gmail.com napisał(a):
Hi the theme of this script is , i need to modify uid , password, loginshell
example
ldapsearch -xZZ -D "cn=Directory Manager" -w 'testtest' -b "dc=fosiul,dc=lan" "(cn=Fosiul Alam)" loginshell uid userPassword # extended LDIF # # LDAPv3 # base <dc=fosiul,dc=lan> with scope subtree # filter: (cn=Fosiul Alam) # requesting: loginshell uid userPassword #
# falam, users, UK, fosiul.lan dn: uid=falam,ou=users,l=UK,dc=fosiul,dc=lan loginshell: /bin/bash uid: falam userPassword:: e1NTSEF9MkpYSGI2bSs3OFk5SlcySG1kOVcxdjFVUFVHMVA3eXI0dFQvZ2c9PQ= =
# search result search: 3 result: 0 Success
So i need to modify it with loginshell: /bin/nologin uid: delete_falam userPassword:: asfasfasfasfasfasfasfdPQ=
my first question is : what would be the ldif file format for these changes ??
Thanks for your help .
389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
-- Regards Fosiul Alam 07877100621 http://www.fosiul.co.uk -- 389 users mailing list 389-users@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/389-users
389-users@lists.fedoraproject.org