LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 06-23-2010, 08:20 AM   #1
antoniemail
LQ Newbie
 
Registered: Jun 2010
Posts: 8

Rep: Reputation: 0
Add existing unix user to existing LDAP


Hello,

I have an existing unix user that some how didnt make it into the copy over to our LDAP server. How do I add an existing unix user to an existing LDAP directory?

Will ldapadd work? I was under the impression ldapadd required an ldif file to work properly.

Any help would be appreciated. I am new to ldap. Thanks.
 
Old 06-23-2010, 08:33 AM   #2
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371
Hi,

ldapadd can use an ldif file, but it does not have to (omit the -f <file part). If you do this (omit) stdin is used.

Have a look here:

Ldapadd or Ldapmodify without ldif file
ldapadd(1) - Linux man page

Hope this helps.
 
Old 06-23-2010, 09:29 AM   #3
antoniemail
LQ Newbie
 
Registered: Jun 2010
Posts: 8

Original Poster
Rep: Reputation: 0
Thanks for the help.

I took a look and I ended up using the ldif file anyways.. but I put this in the file to add the user

dn: cn=Joe Demaio,dc=sono-tek,dc=com
objectClass: person
objectClass: inetorgperson
cn: Joe Demaio
cn: Joe
sn: Demaio
uid: jdemaio

and then ran this command:
ldapadd -x -D "cn=Manager,dc=sono-tek,dc=com" -W -f joe_demaio.ldif

And it added it with no errors, but the new entry isnt showing up in webmin when I browse the ldap users and groups or when I browse the ldap child objects...

Any help would be appreciated. Thanks again.
 
Old 06-23-2010, 11:49 AM   #4
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371
Hi,

Assuming openldap:

I doubt if the ldapadd command worked, you did not specify a host (and/or a port).

ldapadd -x -D "cn=Manager,dc=sono-tek,dc=com" -h localhost -p 1389 -W -f joe_demaio.ldif

If ldap is not running on the host and/or port shown change these to the appropriate settings.

You do not show the ldapsearch command you used. The following should work (syntax is correct, have a look at -h and -p):

ldapsearch -LL -x -W -D "cn=Manager,dc=sono-tek,dc=com" -h localhost -p 1389 -b "dc=sono-tek,dc=com" -s sub "cn=Joe Demaio"

I just noticed that cn is present twice in your example. Is that correct?

Hope this helps.
 
Old 06-23-2010, 12:17 PM   #5
antoniemail
LQ Newbie
 
Registered: Jun 2010
Posts: 8

Original Poster
Rep: Reputation: 0
Thanks for the help.. I removed the second cn.. that was a mistake, thanks for pointing it out. It looks like it added it


ldapsearch -LL -x -W -D "cn=Manager,dc=sono-tek,dc=com" -h localhost -p 389 -b "dc=sono-tek,dc=com" -s sub "cn=Joe Demaio"
Enter LDAP Password:
version: 1

dn: cn=Joe Demaio,dc=sono-tek,dc=com
objectClass: person
objectClass: inetOrgPerson
cn: Joe Demaio
sn: Demaio
uid: jdemaio

but the user cannot authenticate when binding using his username and password, am I missing something else to allow that?

Thanks for the help it is really appreciated.
 
Old 06-23-2010, 12:40 PM   #6
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371
Hi,

Without knowing how all is set up, that's a bit hard to answer. For instance: How and were are the other user variables stored (home directory, password, uid, primary group,... ,...).

Maybe the question should be: Why wasn't that user added the way it should be. If that is clear you might be able to fill in the rest (or delete the manually added user data and try adding him the way it is supposed to.

Not much to go on, but I hope it helps.
 
Old 06-23-2010, 12:48 PM   #7
antoniemail
LQ Newbie
 
Registered: Jun 2010
Posts: 8

Original Poster
Rep: Reputation: 0
I got it to work.
here is the ldif file now

dn: uid=jdemaio,ou=People,dc=sono-tek,dc=com
uid: jdemaio
cn: Joe Demaio
givenName: Joe
sn: Demaio
mail: jdemaio@sono-tek.com
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword: {crypt}
shadowLastChange: 14194
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 570
gidNumber: 109
homeDirectory:
gecos: Joe Demaio

And I used the ldapadd command you helped me with earlier and now it all works.

Thank you for your help!
 
Old 06-23-2010, 12:54 PM   #8
druuna
LQ Veteran
 
Registered: Sep 2003
Posts: 10,532
Blog Entries: 7

Rep: Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371Reputation: 2371
Nice to see you got it fixed

BTW: Your homedir entry is empty.

Last edited by druuna; 06-23-2010 at 12:55 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
add an existing user to an existing group? tramni1980 Slackware 5 05-08-2008 07:28 PM
how to add existing files to existing imported kdevelop project?? santana Programming 1 05-22-2007 09:53 AM
How to add new domain to an existing qmail-ldap server Niceman2005 Linux - Software 1 06-07-2006 08:30 PM
how to add an existing user to a new group? xpucto Linux - Newbie 8 04-19-2006 08:31 AM
add root user to the existing group ashley75 Linux - General 4 09-25-2003 09:40 PM


All times are GMT -5. The time now is 05:35 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration