This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
хранение_учетных_записей_unix_в_ldap [2021/01/14 15:37] val [Пример назначения UNIX атрибутов в Microsoft AD] |
хранение_учетных_записей_unix_в_ldap [2022/10/03 07:30] val |
||
---|---|---|---|
Line 75: | Line 75: | ||
homeDirectory: /home/user1 | homeDirectory: /home/user1 | ||
userpassword: * | userpassword: * | ||
+ | #userpassword: password1 | ||
dn: uid=user2,ou=People,dc=corpX,dc=un | dn: uid=user2,ou=People,dc=corpX,dc=un | ||
Line 88: | Line 89: | ||
homedirectory: /home/user2 | homedirectory: /home/user2 | ||
userpassword: * | userpassword: * | ||
+ | #userpassword: password2 | ||
dn: cn=group1,ou=Group,dc=corpX,dc=un | dn: cn=group1,ou=Group,dc=corpX,dc=un | ||
Line 113: | Line 115: | ||
==== Модификация информации в ldap каталоге ===== | ==== Модификация информации в ldap каталоге ===== | ||
- | ==== Пример назначения номеров телефонов и адресов email ==== | + | === Пример изменения пароля === |
+ | <code> | ||
+ | server# cat replacepasswd.ldif | ||
+ | </code><code> | ||
+ | dn: uid=user1,ou=People,dc=corpX,dc=un | ||
+ | changetype: modify | ||
+ | replace: userPassword | ||
+ | userPassword: password1 | ||
+ | |||
+ | dn: uid=user2,ou=People,dc=corpX,dc=un | ||
+ | changetype: modify | ||
+ | replace: userPassword | ||
+ | userPassword: password2 | ||
+ | </code><code> | ||
+ | server# ldapmodify -x -D "cn=admin,dc=corpX,dc=un" -w secret -f replacepasswd.ldif | ||
+ | </code> | ||
+ | |||
+ | === Пример назначения номеров телефонов и адресов email === | ||
<code> | <code> | ||
server:~# cat addmailphone.ldif | server:~# cat addmailphone.ldif | ||
Line 140: | Line 159: | ||
</code> | </code> | ||
- | ==== Пример назначения UNIX атрибутов в Microsoft AD ==== | + | === Пример назначения UNIX атрибутов в Microsoft AD === |
!!! Объекты guser1, guser2 и group1 должны быть созданы заранее | !!! Объекты guser1, guser2 и group1 должны быть созданы заранее | ||
<code> | <code> | ||
- | client1:~# cat addunixattr.ldif | + | gate:~# cat addunixattr.ldif |
</code><code> | </code><code> | ||
#==== add and set attr to user1 ==== | #==== add and set attr to user1 ==== | ||
Line 200: | Line 219: | ||
add: loginShell | add: loginShell | ||
loginShell: /bin/sh | loginShell: /bin/sh | ||
+ | |||
+ | #==== add and set attr to group1 ==== | ||
dn: CN=group1,CN=Users,DC=corpX,DC=un | dn: CN=group1,CN=Users,DC=corpX,DC=un | ||
Line 210: | Line 231: | ||
add: memberUid | add: memberUid | ||
memberUid: user1 | memberUid: user1 | ||
- | |||
- | #==== add and set attr to group1 ==== | ||
dn: CN=group1,CN=Users,DC=corpX,DC=un | dn: CN=group1,CN=Users,DC=corpX,DC=un | ||
Line 218: | Line 237: | ||
memberUid: user2 | memberUid: user2 | ||
</code><code> | </code><code> | ||
- | client1:~# export LDAPTLS_REQCERT=never | + | gate:~# ldapmodify -x -D "cn=Administrator,cn=Users,dc=corpX,dc=un" -W -H ldap://server -f addunixattr.ldif |
- | + | ||
- | client1:~# ldapmodify -x -D "cn=Administrator,cn=Users,dc=corpX,dc=un" -W -H ldaps://server -f addunixattr.ldif | + | |
</code> | </code> | ||
Line 230: | Line 247: | ||
</code><code> | </code><code> | ||
... | ... | ||
- | $DEFAULT_MAIL_DOMAIN = "corp13.un"; | + | $DEFAULT_MAIL_DOMAIN = "corpX.un"; |
... | ... | ||
- | $DEFAULT_BASE = "dc=corp13,dc=un"; | + | $DEFAULT_BASE = "dc=corpX,dc=un"; |
... | ... | ||
$EXTENDED_SCHEMA = 1; | $EXTENDED_SCHEMA = 1; |