LDIF syntax explanation

From SaruWiki
Revision as of 17:29, 26 September 2008 by Saruman! (talk | contribs) (Page started)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Suppose you use an LDIF file like this:

# Create the user group
dn: cn=networkusers,ou=groups,dc=saruman,dc=biz
objectClass: posixGroup
description: Internal network users
gidNumber: 10001
cn: TestGroup

# Create a new user:
dn: uid=sixpacjo,ou=people,dc=saruman,dc=biz
objectclass: top
objectclass: inetOrgPerson
objectclass: posixAccount
objectclass: shadowAccount
cn: Joe Sixpack
description: Your Average Network User
givenName: Joe
sn: Sixpack
mail: joe.sixpack@saruman.biz
# The Unix login-name for the user:
uid: sixpacjo
# The group and user IDs:
gidNumber: 10001
uidNumber: 10001
# The Unix account data:
homeDirectory: /home/sixpacjo
loginShell: /bin/bash
# The encrypted password for the user:
userPassword: {crypt}$1$qs70ynbk$UBuewN7ZdIvqavIxkxdmX0

What are you then actually doing? Well, you're adding two objects; the different attributes in this LDIF file are explained below.

Group object attributes

The first set of six lines describe an object of class posixGroup. The posixGroup class is part of the NIS schema, and an object of this class is "an abstraction of a group of accounts" (according to the description with the class definition. This means that in our example, the object with distinguished name cn=networkusers,ou=groups,dc=saruman,dc=biz will be a representation of a group as we know it from /etc/group. So how do the six lines create this group?


User object attributes