Add users to groups with ldap
I need to add an existing user to an existing group with my new ldap setup, which is running on a Debian lenny server. Here's what I've got for an ldif file:
and here is my command and output:
robert:~# ldapmodify -x -D cn=admin,dc=newcrossroads,dc=net -W -f /var/tmp/adduser.ldif
Enter LDAP Password:
modifying entry "cn=johnstones,ou=Groups,dc=newcrossroads,dc=net"
ldap_modify: Object class violation (65)
additional info: attribute 'uniqueMember' not allowed
I've also attempted to do the job with ldapscipts with the following results:
robert:~# ldapaddusertogroup jess johnstones
Group johnstones not found (or jess already member of johnstones)
That last in particular confuses me; the group exists and every attempt I've made to add the user has failed. So two questions:
How do I write a proper ldif file to add a user to a group?
How do I view group membership?
Please bear in mind that I really don't know what I'm doing. I got ldap running more through good luck than good practices. Unfortunately the online guides I've found assume that you do know what you're doing, and I've been fighting with this for three days. Can anyone help?
Free DevOps eBooks, Videos, and more!
Regardless of where you are in your DevOps process, Linux Journal can help!
We offer here the DEFINITIVE DevOps for Dummies, a mobile Application Development Primer, and advice & help from the expert sources like:
- Linux Journal
- Be a Mechanic...with Android and Linux!
- New Products
- Users, Permissions and Multitenant Sites
- Flexible Access Control with Squid Proxy
- Security in Three Ds: Detect, Decide and Deny
- High-Availability Storage with HA-LVM
- Tighten Up SSH
- DevOps: Everything You Need to Know
- Solving ODEs on Linux
- Non-Linux FOSS: MenuMeters