Using LDIF to Add Unix Users

Posted: 29 Jul 2003


I need to configure eDirectory for authenticating Linux clients. I've tried to extend the schema as described in the document, "Authenticating Users to UNIX Systems with Novell eDirectory and LDAP" but I have run into a problem. When I try to change the UNIX Profile of a group with ConsoleOne I receive a 603 error.


This may not directly solve your problem but you *can* use an LDIF file to add UNIX user information to eDirectory:

dn: cn=,ou=,o=
changetype: add
objectClass: top
objectClass: ndsLoginProperties
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
loginShell: /bin/bash
ACL: 2#subtree##[All Attributes Rights]
ACL: 6#entry##loginScript
ACL: 6#entry##printJobConfiguration

This will create the user without any problems.

Also you need to extend the schema with rfc2707-usergroup (/usr/lib/nds-schema). And if you use RedHat you'll need to use auth-config to setup LDAP authentication.

