User Tools
хранение_учетных_записей_unix_в_ldap
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
хранение_учетных_записей_unix_в_ldap [2021/01/14 11:56] val |
хранение_учетных_записей_unix_в_ldap [2024/02/01 15:32] (current) val [Использование migrationtools] |
||
|---|---|---|---|
| Line 75: | Line 75: | ||
| homeDirectory: /home/user1 | homeDirectory: /home/user1 | ||
| userpassword: * | userpassword: * | ||
| + | #userpassword: password1 | ||
| dn: uid=user2,ou=People,dc=corpX,dc=un | dn: uid=user2,ou=People,dc=corpX,dc=un | ||
| Line 88: | Line 89: | ||
| homedirectory: /home/user2 | homedirectory: /home/user2 | ||
| userpassword: * | userpassword: * | ||
| + | #userpassword: password2 | ||
| dn: cn=group1,ou=Group,dc=corpX,dc=un | dn: cn=group1,ou=Group,dc=corpX,dc=un | ||
| Line 113: | Line 115: | ||
| ==== Модификация информации в ldap каталоге ===== | ==== Модификация информации в ldap каталоге ===== | ||
| - | ==== Пример назначения номеров телефонов и адресов email ==== | + | === Пример изменения пароля === |
| + | <code> | ||
| + | server# cat replacepasswd.ldif | ||
| + | </code><code> | ||
| + | dn: uid=user1,ou=People,dc=corpX,dc=un | ||
| + | changetype: modify | ||
| + | replace: userPassword | ||
| + | userPassword: password1 | ||
| + | |||
| + | dn: uid=user2,ou=People,dc=corpX,dc=un | ||
| + | changetype: modify | ||
| + | replace: userPassword | ||
| + | userPassword: password2 | ||
| + | </code><code> | ||
| + | server# ldapmodify -x -D "cn=admin,dc=corpX,dc=un" -w secret -f replacepasswd.ldif | ||
| + | </code> | ||
| + | |||
| + | === Пример назначения номеров телефонов и адресов email === | ||
| <code> | <code> | ||
| server:~# cat addmailphone.ldif | server:~# cat addmailphone.ldif | ||
| Line 140: | Line 159: | ||
| </code> | </code> | ||
| - | ==== Пример назначения UNIX атрибутов в Microsoft AD ==== | + | === Пример назначения UNIX атрибутов в Microsoft AD === |
| + | |||
| + | !!! Объекты guser1, guser2 и group1 должны быть созданы заранее | ||
| <code> | <code> | ||
| - | client1:~# cat addunixattr.ldif | + | gate:~# cat addunixattr.ldif |
| </code><code> | </code><code> | ||
| + | #==== add and set attr to user1 ==== | ||
| + | |||
| dn: CN=guser1,CN=Users,DC=corpX,DC=un | dn: CN=guser1,CN=Users,DC=corpX,DC=un | ||
| changetype: modify | changetype: modify | ||
| add: gidNumber | add: gidNumber | ||
| gidNumber: 10001 | gidNumber: 10001 | ||
| - | |||
| - | dn: CN=guser2,CN=Users,DC=corpX,DC=un | ||
| - | changetype: modify | ||
| - | add: gidNumber | ||
| - | gidNumber: 10002 | ||
| dn: CN=Ivan I. Ivanov,CN=Users,DC=corpX,DC=un | dn: CN=Ivan I. Ivanov,CN=Users,DC=corpX,DC=un | ||
| Line 174: | Line 192: | ||
| add: loginShell | add: loginShell | ||
| loginShell: /bin/sh | loginShell: /bin/sh | ||
| + | |||
| + | #==== add and set attr to user2 ==== | ||
| + | |||
| + | dn: CN=guser2,CN=Users,DC=corpX,DC=un | ||
| + | changetype: modify | ||
| + | add: gidNumber | ||
| + | gidNumber: 10002 | ||
| dn: CN=Petr P. Petrov,CN=Users,DC=corpX,DC=un | dn: CN=Petr P. Petrov,CN=Users,DC=corpX,DC=un | ||
| Line 194: | Line 219: | ||
| add: loginShell | add: loginShell | ||
| loginShell: /bin/sh | loginShell: /bin/sh | ||
| + | |||
| + | #==== add and set attr to group1 ==== | ||
| dn: CN=group1,CN=Users,DC=corpX,DC=un | dn: CN=group1,CN=Users,DC=corpX,DC=un | ||
| Line 210: | Line 237: | ||
| memberUid: user2 | memberUid: user2 | ||
| </code><code> | </code><code> | ||
| - | client1:~# export LDAPTLS_REQCERT=never | + | gate:~# ldapmodify -x -D "cn=Administrator,cn=Users,dc=corpX,dc=un" -W -H ldap://server -f addunixattr.ldif |
| - | + | ||
| - | client1:~# ldapmodify -x -D "cn=Administrator,cn=Users,dc=corp6,dc=un" -W -H ldaps://server -f addunixattr.ldif | + | |
| </code> | </code> | ||
| Line 222: | Line 247: | ||
| </code><code> | </code><code> | ||
| ... | ... | ||
| - | $DEFAULT_MAIL_DOMAIN = "corp13.un"; | + | $DEFAULT_MAIL_DOMAIN = "corpX.un"; |
| ... | ... | ||
| - | $DEFAULT_BASE = "dc=corp13,dc=un"; | + | $DEFAULT_BASE = "dc=corpX,dc=un"; |
| ... | ... | ||
| $EXTENDED_SCHEMA = 1; | $EXTENDED_SCHEMA = 1; | ||
| ... | ... | ||
| - | $IGNORE_UID_BELOW = 1000; | + | $IGNORE_UID_BELOW = 1001; |
| - | $IGNORE_GID_BELOW = 1000; | + | $IGNORE_GID_BELOW = 1001; |
| ... | ... | ||
| $IGNORE_UID_ABOVE = 65500; | $IGNORE_UID_ABOVE = 65500; | ||
хранение_учетных_записей_unix_в_ldap.1610614612.txt.gz · Last modified: 2021/01/14 11:56 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
