NFS/LDAP Administration: PVSWiki

NFS/LDAP Administration

LDAP User Administration

You must be kinited as user principal in tech group or as principal ldapadmin to make changes to kerberos or ldap.

Creating Users

/usr/local/sbin/ldapadduser <username> <groupname | gid> [uid]

kerberos principal is added automatically (user name as password), set in /usr/local/etc/ldapscripts/ldapscripts.conf:
PASSWORDGEN="kadmin.local -q 'addprinc +needchange -pw %u %u'

Adding/Removing Groups

/usr/local/sbin/ldapaddusertogroup <username | uid | dn> <groupname | gid>

/usr/local/sbin/ldapdeleteuserfromgroup <username | dn> <groupname | gid>

Removing Users

/usr/local/sbin/ldapdeleteuser <username | uid>

PAM UID cutoff is 10000, all ldap ids for users and groups should be > 10000

CategoryITMisc

PVSWiki : AdminNFS

NFS/LDAP Administration

LDAP User Administration