ldapaddent [-cpv] [-a authenticationMethod] [-b baseDN] -D bindDN -w bind_password [-f filename] database
ldapaddent [-cpv] -asasl/GSSAPI [-b baseDN] [-f filename] database
ldapaddent -d [-v] [-a authenticationMethod] [-D bindDN] [-w bind_password] database
ldapaddent creates entries in LDAP containers from their corresponding /etc files. This operation is customized for each of the standard containers that are used in the administration of Solaris systems. The database argument specifies the type of the data being processed. Legal values for this type are one of aliases, auto_*, bootparams, ethers, group, hosts (including both IPv4 and IPv6 addresses), ipnodes (alias for hosts), netgroup, netmasks, networks, passwd, shadow, protocols, publickey, rpc, and services. In addition to the preceding, the database argument can be one of the RBAC-related files (see rbac(5)):
By default, ldapaddent reads from the standard input and adds this data to the LDAP container associated with the database specified on the command line. An input file from which data can be read is specified using the -f option.
The entries will be stored in the directory based on the client's configuration, thus the client must be configured to use LDAP naming services. The location where entries are to be written can be overridden by using the -b option.
If the entry to be added exists in the directory, the command displays an error and exits, unless the -c option is used.
Although, there is a shadow database type, there is no corresponding shadow container. Both the shadow and the passwd data is stored in the people container itself. Similarly, data from networks and netmasks databases are stored in the networks container.
The user_attr and audit_user data is stored by default in the people container. The prof_attr and exec_attr data is stored by default in the SolarisProfAttr container.
You must add entries from the passwd database before you attempt to add entries from the shadow database. The addition of a shadow entry that does not have a corresponding passwd entry will fail.
The passwd database must precede both the user_attr and audit_user databases.
For better performance, the recommended order in which the databases should be loaded is as follows:
Only the first entry of a given type that is encountered will be added to the LDAP server. The ldapaddent command skips any duplicate entries.
The ldapaddent command supports the following options:
-a authenticationMethod
hosts: dns files ipnodes: dns files
See nsswitch.conf(4).
-b baseDN
-c
-D bindDN
-d
-f filename
-p
-w bind_password
When you use -w bind_password to specify the password to be used for authentication, the password is visible to other users of the system by means of the ps command, in script files or in shell history.
-v
The following operands are supported:
database
Example 1 Adding Password Entries to the Directory Server
The following example show how to add password entries to the directory server:
example# ldapaddent -D "cn=directory manager" -w secret \
-f /etc/passwd passwd
Example 2 Adding Group Entries
The following example shows how to add group entries to the directory server using sasl/CRAM-MD5 as the authentication method:
example# ldapaddent -D "cn=directory manager" -w secret \
-a "sasl/CRAM-MD5" -f /etc/group group
Example 3 Adding auto_master Entries
The following example shows how to add auto_master entries to the directory server:
example# dapaddent -D "cn=directory manager" -w secret \
-f /etc/auto_master auto_master
Example 4 Dumping password Entries from the Directory to File
The following examples shows how to dump password entries from the directory to a file foo:
example# ldapaddent -d passwd > foo
The following exit values are returned:
0
>0
/var/ldap/ldap_client_file
/var/ldap/ldap_client_cred
See attributes(5) for descriptions of the following attributes:
| |||||||||
ldap(1), ldaplist(1), ldapmodify(1), ldapmodrdn(1), ldapsearch(1), idsconfig(1M), ldapclient(1M), suninstall(1M), nsswitch.conf(4), attributes(5)