Thanks that helped.
The main reason for my LDAP deployment is for Centralized Linux User
management for all Linux Servers. What would be the simplest way to do
basic user/group management such as
1. Adding/Removing users to/from Groups.
2. Creating new groups and adding the users to it.
3. Moving users across the groups.
.
It does exactly this, backed with 389-ds and MIT Kerberos.
rob
From the documentation it appears that the static group is what I
should be looking at, not sure though.
Basically I already have many users whose accounts need to be migrated
to directory server (as of now Manually managed by puppet). I was
wondering if I could do that in some ldif commands.
I am really poor with ldif statements. I was trying to do it with
Managed group but I could not do it.
How a ldif command would look like if I want to add a user say testuser,
and also add it to 3 different usergroups (testuser (created by Managed
Plugin), testsupport, testadmin, testsales).
Thanks
Chandan
On Wednesday, March 20, 2013, Rich Megginson wrote:
On 03/20/2013 10:07 AM, Chandan Kumar wrote:
> Hi Nathan,
>
> Thanks. Yes it was a stupid Typo. Is there any way to
> modify/delete entries created by the Managed Entries plugin?
>
> When I try to delete those group entries it denies say "It needs
> to be Manually Unlinked" not sure how to un-link them. Any idea on
> that?
You have to remove objectclass: mepManagedEntry and mepManagedBy:
uid=jsmith,ou=people,dc=example,dc=com from the group entry
>
> --
>
http://about.me/chandank
>
>
> On Tue, Mar 19, 2013 at 10:55 PM, Nathan Kinder
> <nkinder(a)redhat.com> wrote:
>
> On 03/19/2013 02:33 PM, Chandan Kumar wrote:
>> Hello,
>>
>> I am deploying the 389 server (On CentOS 6) to manage the
>> Linux Users/Password. So as part of Linux User management, I
>> was trying to get the Managed Entries work for Posix user
>> creation.
>>
>> I am following the standard Redhat documentation.
>>
>>
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9...
>>
>> So I created the templates, exactly the way explained in the
>> doc, but when I create the users it is not creating
>> corresponding Groups.
>>
>> I am using following ldap commands to add entries. I could
>> see the this plugin created in from the console server ->
>> data -> Plugins -> Managed Entries -> <My plugin>
>>
>>
>> User creation statements
>>
>>
>> dn: uid=pappu1,ou=People,dc=ma,dc=net
>> objectclass: person
>> objectclass: inetorgperson
>> objectclass: posixAccount
>> cn: Pappu
>> sn: Papa
>> givenName: pappu1
>> uid:pappu1
>> uidNumber:9003
>> gidNumber:9003
>> objectclass: mepOriginEntry
>> mepManagedEntry: cn=Pappu Group
>> homeDirectory: /home/pappu1
>>
>> The plugin
>>
>> dn: cn=Posix User-Group,cn=Managed Entries,cn=plugins,cn=config
>> objectclass: extensibleObject
>> cn: Posix User-Group
>> originScope: ou=people,dc=ma,dc=ma
> You have a typo in your originScope setting. It should be
> "ou=people,dc=ma,dc=net".
>
> -NGK
>> originFilter: objectclass=posixAccount
>> managedBase: ou=groups,dc=ma,dc=net
>> managedTemplate: cn=Posix User-Group
>> Template,ou=Templates,dc=ma,dc=net
>>
>> The template
>>
>> dn: cn=Posix User-Group Template, ou=Templates,dc=ma,dc=net
>> objectclass: mepTemplateEntry
>> cn: Posix User-Group Template
>> mepRDNAttr: cn
>> mepStaticAttr: objectclass: posixGroup
>> mepMappedAttr: cn: $cn Group Entry
>> mepMappedAttr: gidNumber: $gidNumber
>> mepMappedAttr: memberUid: $uid
>>
>>
>> --
>>
http://about.me/chandank
>>
>>
>> --
>> 389 users mailing list
>> 389-users(a)lists.fedoraproject.org
>>
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
--
http://about.me/chandank
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users