Novell is now a part of Micro Focus

Creating UIDs for Older User Objects

Novell Cool Solutions: Feature
By Donald Lohr

Digg This - Slashdot This

Posted: 19 Jul 2006


A Forum reader asked the following question:

"We have a large number of users that were created in NWAdmin (quite a while ago). These users do not have unique IDs. Is there a utility that can scan the tree and create the UIDs for those users?"

And here's the reply from Donald Lohr ...


This can be done several ways - manually with several utilities (some free and others a fee). If you are familiar with LDAP and your environment has ldap installed and configured, you can perform a quick ldapsearch - pipe it to a file and build from there. In the sys:\public\mgmt\ConsoleOne\1.2\bin folder are some LDAP command-line programs (ldapadd.exe, ldapdelete.exe, ldapmodify.exe, ldapmodrdn.exe and ldapsearch.exe) that you can use.

Use the following command string from a Command Prompt in the ..\ConsoleOne\1.2\bin folder:

ldapsearch -LLL -h LDAPserverName -D cn=admin,o=acme -Z -W "(!(uid=*))" cn >makeUID.ldif

Here's the ldapsearch syntax:

  • -h = The IP or DNS address of your NetWare server running LDAP configured for eDirectory SNMP.
  • -D = The userID doing the LDAP bind. Note the fully distinguished name (cn= and o=) and the use of commas not periods in the userID naming context - this is LDAP speak if you are an LDAP beginner.
  • -W = Prompts you for the password.
  • -Z = Starts a TLS session so the password is not sent across the wire in cleartext.

The information between the quotes is the item you are searching for - those users that do not have a UID attribute set.

The makeUID.ldif file will look like the example shown below:

Enter LDAP Password: dn: cn=test1,ou=Accounting,o=acme
cn: test1

dn: cn=test2,ou=Accounting,o=acme
cn: test2

dn: cn=test3,ou=Accounting,o=acme
cn: test3

Here are the steps to follow:

1. Remove the "Enter LDAP Password: " portion from line one.

2. Globally replace "cn: " with "uid: " (of course, remove the "").

3. Insert the following two new lines below each dn: line:

changeType: modify
add: uid
The makeUID.ldif file should now look like this:
dn: cn=test1,ou=Accounting,o=acme
changeType: modify
add: uid
uid: test1

dn: cn=test2,ou=Accounting,o=acme
changeType: modify
add: uid
uid: test2

dn: cn=test3,ou=Accounting,o=acme
changeType: modify
add: uid
uid: test3

Finally, using the ldapmodify command you can add the uid attribute to those accounts that do not have a uid attribute. You can use the following command string from a Command Prompt in the ..\ConsoleOne\1.2\bin folder:

ldapmodify -h LDAPserverName -D cn=admin,o=acme -Z -W -f makeUID.ldif

If you have a lot of users to modify, the makeUID.ldif file can be modified programatically using any programming language.

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions.

© Copyright Micro Focus or one of its affiliates