Creating UIDs for Older User Objects
Novell Cool Solutions: Feature
By Donald Lohr
Digg This -
Posted: 19 Jul 2006
A Forum reader asked the following question:
"We have a large number of users that were created in NWAdmin (quite a while ago). These users do not have unique IDs. Is there a utility that can scan the tree and create the UIDs for those users?"
And here's the reply from Donald Lohr ...
This can be done several ways - manually with several utilities (some free and others a fee). If you are familiar with LDAP and your environment has ldap installed and configured, you can perform a quick ldapsearch - pipe it to a file and build from there. In the sys:\public\mgmt\ConsoleOne\1.2\bin folder are some LDAP command-line programs (ldapadd.exe, ldapdelete.exe, ldapmodify.exe, ldapmodrdn.exe and ldapsearch.exe) that you can use.
Use the following command string from a Command Prompt in the ..\ConsoleOne\1.2\bin folder:
ldapsearch -LLL -h LDAPserverName -D cn=admin,o=acme -Z -W "(!(uid=*))" cn >makeUID.ldif
Here's the ldapsearch syntax:
- -h = The IP or DNS address of your NetWare server running LDAP configured for eDirectory SNMP.
- -D = The userID doing the LDAP bind. Note the fully distinguished name (cn= and o=) and the use of commas not periods in the userID naming context - this is LDAP speak if you are an LDAP beginner.
- -W = Prompts you for the password.
- -Z = Starts a TLS session so the password is not sent across the wire in cleartext.
The information between the quotes is the item you are searching for - those users that do not have a UID attribute set.
The makeUID.ldif file will look like the example shown below:
Enter LDAP Password: dn: cn=test1,ou=Accounting,o=acme cn: test1 dn: cn=test2,ou=Accounting,o=acme cn: test2 dn: cn=test3,ou=Accounting,o=acme cn: test3
Here are the steps to follow:
1. Remove the "Enter LDAP Password: " portion from line one.
2. Globally replace "cn: " with "uid: " (of course, remove the "").
3. Insert the following two new lines below each dn: line:
changeType: modify add: uidThe makeUID.ldif file should now look like this:
dn: cn=test1,ou=Accounting,o=acme changeType: modify add: uid uid: test1 dn: cn=test2,ou=Accounting,o=acme changeType: modify add: uid uid: test2 dn: cn=test3,ou=Accounting,o=acme changeType: modify add: uid uid: test3
Finally, using the ldapmodify command you can add the uid attribute to those accounts that do not have a uid attribute. You can use the following command string from a Command Prompt in the ..\ConsoleOne\1.2\bin folder:
ldapmodify -h LDAPserverName -D cn=admin,o=acme -Z -W -f makeUID.ldif
If you have a lot of users to modify, the makeUID.ldif file can be modified programatically using any programming language.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com