Add users to groups with ldap
I need to add an existing user to an existing group with my new ldap setup, which is running on a Debian lenny server. Here's what I've got for an ldif file:
and here is my command and output:
robert:~# ldapmodify -x -D cn=admin,dc=newcrossroads,dc=net -W -f /var/tmp/adduser.ldif
Enter LDAP Password:
modifying entry "cn=johnstones,ou=Groups,dc=newcrossroads,dc=net"
ldap_modify: Object class violation (65)
additional info: attribute 'uniqueMember' not allowed
I've also attempted to do the job with ldapscipts with the following results:
robert:~# ldapaddusertogroup jess johnstones
Group johnstones not found (or jess already member of johnstones)
That last in particular confuses me; the group exists and every attempt I've made to add the user has failed. So two questions:
How do I write a proper ldif file to add a user to a group?
How do I view group membership?
Please bear in mind that I really don't know what I'm doing. I got ldap running more through good luck than good practices. Unfortunately the online guides I've found assume that you do know what you're doing, and I've been fighting with this for three days. Can anyone help?
Practical books for the most technical people on the planet. Newly available books include:
- Agile Product Development by Ted Schmidt
- Improve Business Processes with an Enterprise Job Scheduler by Mike Diehl
- Finding Your Way: Mapping Your Network to Improve Manageability by Bill Childers
- DIY Commerce Site by Reven Lerner
Plus many more.
- diff -u: What's New in Kernel Development
- What's New in 3D Printing, Part III: the Software
- Giving Silos Their Due
- Server Hardening
- February 2016 Issue of Linux Journal
- Controversy at the Linux Foundation
- 22 Years of Linux Journal on One DVD - Now Available
- Don't Burn Your Android Yet
- New Products