Menu
I have an LDAP server to which I do not have full privileges and an ubuntu system with LDAP authentication to which I am root. Is it possible to add an LDAP user to a local group? (I don't know if I phrase this correctly but all I want is to have a user in LDAP in a group without editing the actual database)
378
LDAP is the Lightweight Directory Access Protocol. It's a hierarchical organization of Users, Groups, and Organisational Units - which are containers for users and groups. Every object has it's own unique path to it's place in the directory - called a Distinguished Name, or DN.
First the baseDN (-b) should be the top of your hierarchy: dc=openldap . This will return the group entries. If you are only interested in the name, add dn at the end of the query. If you search under ou=groups, with a subtree scope, for all entries, the ou=groups entry will be returned.
LDAP passwords are normally stored in the userPassword attribute. RFC4519 specifies that passwords are not stored in encrypted (or hashed) form. This allows a wide range of password-based authentication mechanisms, such as DIGEST-MD5 to be used. This is also the most interoperable storage scheme.
Based on your answer it seems like what you needed was:
$ addgroup <group_name> (to make the group)
$ adduser -g <groupname> <username> (to add the user to the group)
128
OK silly me, just edited /etc/groups and worked
45
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
