在安裝完openldap之后,默認ldap中是沒有數據的,需要管理員進行添加,當然添加的方法也不止一種,這里先介紹第一種方法:從本地系統添加用戶到ldap中。
1
2
3
4
5
6
7
8
9
10
11
12
|
[root@ldapsrv01 ~]
# ldapsearch -x -b "dc=contoso,dc=com"
# extended LDIF
#
# LDAPv3
# base <dc=contoso,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 32 No such object
# numResponses: 1
|
這是安裝完openldap之后對ldap進行的數據查詢的結果。
步驟一:安裝migrationtools軟件包
從本地系統添加用戶到ldap的方法,其實就是先添加用戶到本地操作系統中,然后通過pl腳本將這些用戶轉換為ldap能夠識別的ldif文件格式,最后通過ldapadd命令導入到ldap中,從而完成ldap數據的導入,要使用pl腳本將本地用戶信息轉換為ldif文件格式,首先需要安裝一個軟件,名字為migrationtools。
1
2
|
yum
install
migrationtools -y
# 直接yum安裝即可
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
[root@ldapsrv01 ~]
# rpm -ql migrationtools
/usr/share/doc/migrationtools-47
/usr/share/doc/migrationtools-47/README
/usr/share/doc/migrationtools-47/migration-tools
.txt
/usr/share/migrationtools
/usr/share/migrationtools/migrate_aliases
.pl
/usr/share/migrationtools/migrate_all_netinfo_offline
.sh
/usr/share/migrationtools/migrate_all_netinfo_online
.sh
/usr/share/migrationtools/migrate_all_nis_offline
.sh
/usr/share/migrationtools/migrate_all_nis_online
.sh
/usr/share/migrationtools/migrate_all_nisplus_offline
.sh
/usr/share/migrationtools/migrate_all_nisplus_online
.sh
/usr/share/migrationtools/migrate_all_offline
.sh
/usr/share/migrationtools/migrate_all_online
.sh
/usr/share/migrationtools/migrate_automount
.pl
/usr/share/migrationtools/migrate_base
.pl
/usr/share/migrationtools/migrate_common
.ph
/usr/share/migrationtools/migrate_fstab
.pl
/usr/share/migrationtools/migrate_group
.pl
/usr/share/migrationtools/migrate_hosts
.pl
/usr/share/migrationtools/migrate_netgroup
.pl
/usr/share/migrationtools/migrate_netgroup_byhost
.pl
/usr/share/migrationtools/migrate_netgroup_byuser
.pl
/usr/share/migrationtools/migrate_networks
.pl
/usr/share/migrationtools/migrate_passwd
.pl
/usr/share/migrationtools/migrate_profile
.pl
/usr/share/migrationtools/migrate_protocols
.pl
/usr/share/migrationtools/migrate_rpc
.pl
/usr/share/migrationtools/migrate_services
.pl
/usr/share/migrationtools/migrate_slapd_conf
.pl
|
使用rpm -ql命令可以看到,該軟件安裝后在/usr/share/migrationtools/目錄下生成了很多腳本文件,有shell也有perl,而我們就是使用其中的perl腳本完成ldap文件的生成。
步驟二:修改migrationtools配置文件
1
2
3
4
5
6
|
cp
/usr/share/migrationtools/migrate_common
.ph
/usr/share/migrationtools/migrate_common
.ph.bak
#備份一下腳本
sed
-i
's/padl.com/contoso.com/g'
/usr/share/migrationtools/migrate_common
.ph
#修改默認的域名padl.com為我的域名,這里為contoso.com,所以只把padl替換為contoso
sed
-i
's/dc=padl,dc=com/dc=contoso,dc=com/g'
/usr/share/migrationtools/migrate_common
.ph
#還是域名信息的修改
|
修改之后,要確保下面兩條的值為服務器真實的域名,如下:
1
2
|
$DEFAULT_MAIL_DOMAIN =
"contoso.com"
;
$DEFAULT_BASE =
"dc=contoso,dc=com"
;
|
步驟三:生成base.ldif文件並導入到ldap中
然后首先生成base.ldif文件
1
|
/usr/share/migrationtools/migrate_base
.pl > base.ldif
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
[root@ldapsrv01 ~]
# cat base.ldif
dn:
dc
=contoso,
dc
=com
dc
: contoso
objectClass:
top
objectClass: domain
dn: ou=Hosts,
dc
=contoso,
dc
=com
ou: Hosts
objectClass:
top
objectClass: organizationalUnit
dn: ou=Rpc,
dc
=contoso,
dc
=com
ou: Rpc
objectClass:
top
objectClass: organizationalUnit
dn: ou=Services,
dc
=contoso,
dc
=com
ou: Services
objectClass:
top
objectClass: organizationalUnit
dn: nisMapName=netgroup.byuser,
dc
=contoso,
dc
=com
nismapname: netgroup.byuser
objectClass:
top
objectClass: nisMap
dn: ou=Mounts,
dc
=contoso,
dc
=com
ou: Mounts
objectClass:
top
objectClass: organizationalUnit
dn: ou=Networks,
dc
=contoso,
dc
=com
ou: Networks
objectClass:
top
objectClass: organizationalUnit
dn: ou=People,
dc
=contoso,
dc
=com
ou: People
objectClass:
top
objectClass: organizationalUnit
dn: ou=Group,
dc
=contoso,
dc
=com
ou: Group
objectClass:
top
objectClass: organizationalUnit
dn: ou=Netgroup,
dc
=contoso,
dc
=com
ou: Netgroup
objectClass:
top
objectClass: organizationalUnit
dn: ou=Protocols,
dc
=contoso,
dc
=com
ou: Protocols
objectClass:
top
objectClass: organizationalUnit
dn: ou=Aliases,
dc
=contoso,
dc
=com
ou: Aliases
objectClass:
top
objectClass: organizationalUnit
dn: nisMapName=netgroup.byhost,
dc
=contoso,
dc
=com
nismapname: netgroup.byhost
objectClass:
top
objectClass: nisMap
|
但是這其中有很多信息都不是我所需要的,所以可以刪除不需要的信息,修改完成之后,如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
[root@ldapsrv01 ~]
# cat base.ldif
dn:
dc
=contoso,
dc
=com
dc
: contoso
objectClass:
top
objectClass: domain
dn: ou=People,
dc
=contoso,
dc
=com
ou: People
objectClass:
top
objectClass: organizationalUnit
dn: ou=Group,
dc
=contoso,
dc
=com
ou: Group
objectClass:
top
objectClass: organizationalUnit
dn: cn=tech,ou=group,
dc
=contoso,
dc
=com
objectClass: posixGroup
description: Technology
gidNumber: 10001
cn: tech
|
現在,把修改好的base.ldif導入到ldap中,通過使用ldapadd命令來完成。
1
2
3
4
5
6
|
[root@ldapsrv01 ~]
# ldapadd -x -D "cn=admin,dc=contoso,dc=com" -W -f base.ldif
Enter LDAP Password:
adding new entry
"dc=contoso,dc=com"
adding new entry
"ou=People,dc=contoso,dc=com"
adding new entry
"ou=Group,dc=contoso,dc=com"
adding new entry
"cn=tech,ou=group,dc=contoso,dc=com"
|
導入完成之后,我再進行一次簡單查詢:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
[root@ldapsrv01 ~]
# ldapsearch -x -b "dc=contoso,dc=com"
# extended LDIF
#
# LDAPv3
# base <dc=contoso,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# contoso.com
dn:
dc
=contoso,
dc
=com
dc
: contoso
objectClass:
top
objectClass: domain
# People, contoso.com
dn: ou=People,
dc
=contoso,
dc
=com
ou: People
objectClass:
top
objectClass: organizationalUnit
# Group, contoso.com
dn: ou=Group,
dc
=contoso,
dc
=com
ou: Group
objectClass:
top
objectClass: organizationalUnit
# tech, Group, contoso.com
dn: cn=tech,ou=Group,
dc
=contoso,
dc
=com
objectClass: posixGroup
description: Technology
gidNumber: 10001
cn: tech
# search result
search: 2
result: 0 Success
# numResponses: 5
# numEntries: 4
|
可以看到,ldap中已經存在之前導入的ou和group了,下面准備用戶和組的信息的導入。
步驟四:添加本地系統用戶
這里我使用一個腳本(這個腳本不是我寫的,而且批量生成用戶也算是個簡單的腳本吧,怪不得RHCE考這個,原來這里能用到啊。)來批量生成幾個用戶,然后將這些生成的用戶導入到ldap中。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
[root@ldapsrv01 ~]
# cat addusers.sh
#!/bin/bash
# Add system user
for
ldap
in
{1..5};
do
if
id
user${ldap} &>
/dev/null
;
then
echo
"System account already exists"
else
adduser user${ldap} -u $((10000 + $ldap))
echo
user${ldap} |
passwd
--stdin user${ldap} &>
/dev/null
echo
"user${ldap} system add finish"
fi
done
[root@ldapsrv01 ~]
# ./addusers.sh
user1 system add finish
user2 system add finish
user3 system add finish
user4 system add finish
user5 system add finish
[root@ldapsrv01 ~]
# id user1
uid=10001(user1) gid=10001(user1)
groups
=10001(user1)
[root@ldapsrv01 ~]
# id user2
uid=10002(user2) gid=10002(user2)
groups
=10002(user2)
[root@ldapsrv01 ~]
# id user3
uid=10003(user3) gid=10003(user3)
groups
=10003(user3)
[root@ldapsrv01 ~]
# id user4
uid=10004(user4) gid=10004(user4)
groups
=10004(user4)
[root@ldapsrv01 ~]
# id user5
uid=10005(user5) gid=10005(user5)
groups
=10005(user5)
|
步驟五:生成people.ldif和group.ldif文件
1
2
3
4
5
6
7
|
[root@ldapsrv01 ~]
# tail -5 /etc/passwd
user1:x:10001:10001::
/home/user1
:
/bin/bash
user2:x:10002:10002::
/home/user2
:
/bin/bash
user3:x:10003:10003::
/home/user3
:
/bin/bash
user4:x:10004:10004::
/home/user4
:
/bin/bash
user5:x:10005:10005::
/home/user5
:
/bin/bash
[root@ldapsrv01 ~]
# tail -5 /etc/passwd > testuser
|
將這5個用戶保存到testuser中,稍后會對這5個本地賬戶生成ladp用戶文件。
1
2
3
4
5
6
7
|
[root@ldapsrv01 ~]
# tail -5 /etc/group
user1:x:10001:
user2:x:10002:
user3:x:10003:
user4:x:10004:
user5:x:10005:
[root@ldapsrv01 ~]
# tail -5 /etc/group > testgroup
|
將這5個組保存到testgroup中,同樣稍后會用到。
1
2
3
4
|
/usr/share/migrationtools/migrate_passwd
.pl testuser people.ldif
#根據testuser生成ldap用戶數據文件people.ldif
/usr/share/migrationtools/migrate_group
.pl testgroup group.ldif
#根據testgroup生成ldap組的數據文件group.ldif
|
注意,這兩條命令的執行一定要在testuser/testgroup目錄下,否則要加上全路徑,不然找不到文件。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
|
[root@ldapsrv01 ~]
# cat people.ldif
dn: uid=user1,ou=People,
dc
=contoso,
dc
=com
uid: user1
cn: user1
objectClass: account
objectClass: posixAccount
objectClass:
top
objectClass: shadowAccount
userPassword: {crypt}$6$Zs9mXyPO$QdqHS8nA
/vyjUdnSWLIpM4QiaPtsca1WllXu0dWQOgTza2Qr4TcC3sHbAbJsWI0KannwnM
.zFFroqxzglFfJT0
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:
/bin/bash
uidNumber: 10001
gidNumber: 10001
homeDirectory:
/home/user1
dn: uid=user2,ou=People,
dc
=contoso,
dc
=com
uid: user2
cn: user2
objectClass: account
objectClass: posixAccount
objectClass:
top
objectClass: shadowAccount
userPassword: {crypt}$6$0dHBettP$u4vVTWuVkRN8NGIecG5O7VSnFDCtcQF
/623lLY4Ih6RXORfFcRxh9fFdvssYeg6QAw1KY4LKtk
.zwzdVXH2rh1
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:
/bin/bash
uidNumber: 10002
gidNumber: 10002
homeDirectory:
/home/user2
dn: uid=user3,ou=People,
dc
=contoso,
dc
=com
uid: user3
cn: user3
objectClass: account
objectClass: posixAccount
objectClass:
top
objectClass: shadowAccount
userPassword: {crypt}$6$CXSotuEN$QSo5gJFlsJ6uZhqaK8qDto.5u2WXwvWSV1JqVP9WMOUVhxZXY8I.XMEUojwGGwpSYY1OtY2Sl
/J7dzSk1ey6F/
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:
/bin/bash
uidNumber: 10003
gidNumber: 10003
homeDirectory:
/home/user3
dn: uid=user4,ou=People,
dc
=contoso,
dc
=com
uid: user4
cn: user4
objectClass: account
objectClass: posixAccount
objectClass:
top
objectClass: shadowAccount
userPassword: {crypt}$6$ycSPE1gY$ofWgCYtRk9s5LnLKnR4FR5ld10wI6riT2u0jA8wytMm07am1NZreNdhEAJb8.erz4HasyhlsGqecBNdfx5x6S0
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:
/bin/bash
uidNumber: 10004
gidNumber: 10004
homeDirectory:
/home/user4
dn: uid=user5,ou=People,
dc
=contoso,
dc
=com
uid: user5
cn: user5
objectClass: account
objectClass: posixAccount
objectClass:
top
objectClass: shadowAccount
userPassword: {crypt}$6$xVZ5hNeH$GzlC19E6Tiq
/4Y3HmtCwRjjKVzvcI2IA
.z.QPqhwHU.mSV1UT7uZiaVG8HelvbgZJsn3Z1te75C
/DNZ
.C0Ov50
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:
/bin/bash
uidNumber: 10005
gidNumber: 10005
homeDirectory:
/home/user5
|
這是生成的people.ldif文件,里面是用戶的信息,包括密碼等信息,如果某些字段不需要,也可以刪除。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
[root@ldapsrv01 ~]
# cat group.ldif
dn: cn=user1,ou=Group,
dc
=contoso,
dc
=com
objectClass: posixGroup
objectClass:
top
cn: user1
userPassword: {crypt}x
gidNumber: 10001
dn: cn=user2,ou=Group,
dc
=contoso,
dc
=com
objectClass: posixGroup
objectClass:
top
cn: user2
userPassword: {crypt}x
gidNumber: 10002
dn: cn=user3,ou=Group,
dc
=contoso,
dc
=com
objectClass: posixGroup
objectClass:
top
cn: user3
userPassword: {crypt}x
gidNumber: 10003
dn: cn=user4,ou=Group,
dc
=contoso,
dc
=com
objectClass: posixGroup
objectClass:
top
cn: user4
userPassword: {crypt}x
gidNumber: 10004
dn: cn=user5,ou=Group,
dc
=contoso,
dc
=com
objectClass: posixGroup
objectClass:
top
cn: user5
userPassword: {crypt}x
gidNumber: 10005
|
這是生成的group.ldif文件,里面是用戶組的信息,這里的gidNumber就是在本地操作系統中的gid。
因為我之前已經添加了一個tech的用戶組,它的gidNumber是10001,會跟即將導入的user1組的gidNumber沖突,所以我先刪除tech用戶組。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
[root@ldapsrv01 ~]
# ldapdelete -x -D "cn=admin,dc=contoso,dc=com" -W "cn=tech,ou=Group,dc=contoso,dc=com"
Enter LDAP Password:
[root@ldapsrv01 ~]
# ldapsearch -x -b "dc=contoso,dc=com"
# extended LDIF
#
# LDAPv3
# base <dc=contoso,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# contoso.com
dn:
dc
=contoso,
dc
=com
dc
: contoso
objectClass:
top
objectClass: domain
# People, contoso.com
dn: ou=People,
dc
=contoso,
dc
=com
ou: People
objectClass:
top
objectClass: organizationalUnit
# Group, contoso.com
dn: ou=Group,
dc
=contoso,
dc
=com
ou: Group
objectClass:
top
objectClass: organizationalUnit
# search result
search: 2
result: 0 Success
# numResponses: 4
# numEntries: 3
|
已經沒有tech用戶組了,可以開始導入用戶和用戶組了。
步驟六:導入ldif文件到ldap中
1
2
3
4
5
6
7
|
[root@ldapsrv01 ~]
# ldapadd -x -D "cn=admin,dc=contoso,dc=com" -W -f people.ldif
Enter LDAP Password:
adding new entry
"uid=user1,ou=People,dc=contoso,dc=com"
adding new entry
"uid=user2,ou=People,dc=contoso,dc=com"
adding new entry
"uid=user3,ou=People,dc=contoso,dc=com"
adding new entry
"uid=user4,ou=People,dc=contoso,dc=com"
adding new entry
"uid=user5,ou=People,dc=contoso,dc=com"
|
導入people.ldif文件,操作成功。
1
2
3
4
5
6
7
|
[root@ldapsrv01 ~]
# ldapadd -x -D "cn=admin,dc=contoso,dc=com" -W -f group.ldif
Enter LDAP Password:
adding new entry
"cn=user1,ou=Group,dc=contoso,dc=com"
adding new entry
"cn=user2,ou=Group,dc=contoso,dc=com"
adding new entry
"cn=user3,ou=Group,dc=contoso,dc=com"
adding new entry
"cn=user4,ou=Group,dc=contoso,dc=com"
adding new entry
"cn=user5,ou=Group,dc=contoso,dc=com"
|
導入group.ldif文件,操作成功。
步驟七:搜索ldap用戶和組,驗證操作是否成功
再對ldap進行一次用戶檢索:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
[root@ldapsrv01 ~]
# ldapsearch -LLL -x -D "cn=admin,dc=contoso,dc=com" -W -b "dc=contoso,dc=com" '(uid=*)'
Enter LDAP Password:
dn: uid=user1,ou=People,
dc
=contoso,
dc
=com
uid: user1
cn: user1
objectClass: account
objectClass: posixAccount
objectClass:
top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQ2JFpzOW1YeVBPJFFkcUhTOG5BL3Z5alVkblNXTElwTTRRaWFQdHN
jYTFXbGxYdTBkV1FPZ1R6YTJRcjRUY0Mzc0hiQWJKc1dJMEthbm53bk0uekZGcm9xeHpnbEZmSlQw
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:
/bin/bash
uidNumber: 10001
gidNumber: 10001
homeDirectory:
/home/user1
dn: uid=user2,ou=People,
dc
=contoso,
dc
=com
uid: user2
cn: user2
objectClass: account
objectClass: posixAccount
objectClass:
top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQ2JDBkSEJldHRQJHU0dlZUV3VWa1JOOE5HSWVjRzVPN1ZTbkZEQ3R
jUUYvNjIzbExZNEloNlJYT1JmRmNSeGg5ZkZkdnNzWWVnNlFBdzFLWTRMS3RrLnp3emRWWEgycmgx
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:
/bin/bash
uidNumber: 10002
gidNumber: 10002
homeDirectory:
/home/user2
dn: uid=user3,ou=People,
dc
=contoso,
dc
=com
uid: user3
cn: user3
objectClass: account
objectClass: posixAccount
objectClass:
top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQ2JENYU290dUVOJFFTbzVnSkZsc0o2dVpocWFLOHFEdG8uNXUyV1h
3dldTVjFKcVZQOVdNT1VWaHhaWFk4SS5YTUVVb2p3R0d3cFNZWTFPdFkyU2wvSjdkelNrMWV5NkYv
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:
/bin/bash
uidNumber: 10003
gidNumber: 10003
homeDirectory:
/home/user3
dn: uid=user4,ou=People,
dc
=contoso,
dc
=com
uid: user4
cn: user4
objectClass: account
objectClass: posixAccount
objectClass:
top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQ2JHljU1BFMWdZJG9mV2dDWXRSazlzNUxuTEtuUjRGUjVsZDEwd0k
2cmlUMnUwakE4d3l0TW0wN2FtMU5acmVOZGhFQUpiOC5lcno0SGFzeWhsc0dxZWNCTmRmeDV4NlMw
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:
/bin/bash
uidNumber: 10004
gidNumber: 10004
homeDirectory:
/home/user4
dn: uid=user5,ou=People,
dc
=contoso,
dc
=com
uid: user5
cn: user5
objectClass: account
objectClass: posixAccount
objectClass:
top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQ2JHhWWjVoTmVIJEd6bEMxOUU2VGlxLzRZM0htdEN3UmpqS1Z6dmN
JMklBLnouUVBxaHdIVS5tU1YxVVQ3dVppYVZHOEhlbHZiZ1pKc24zWjF0ZTc1Qy9ETlouQzBPdjUw
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:
/bin/bash
uidNumber: 10005
gidNumber: 10005
homeDirectory:
/home/user5
|
對用戶組進行數據檢索:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
[root@ldapsrv01 ~]
# ldapsearch -LLL -x -D "cn=admin,dc=contoso,dc=com" -W -b "dc=contoso,dc=com" '(objectClass=posixGroup)'
Enter LDAP Password:
dn: cn=user1,ou=Group,
dc
=contoso,
dc
=com
objectClass: posixGroup
objectClass:
top
cn: user1
userPassword:: e2NyeXB0fXg=
gidNumber: 10001
dn: cn=user2,ou=Group,
dc
=contoso,
dc
=com
objectClass: posixGroup
objectClass:
top
cn: user2
userPassword:: e2NyeXB0fXg=
gidNumber: 10002
dn: cn=user3,ou=Group,
dc
=contoso,
dc
=com
objectClass: posixGroup
objectClass:
top
cn: user3
userPassword:: e2NyeXB0fXg=
gidNumber: 10003
dn: cn=user4,ou=Group,
dc
=contoso,
dc
=com
objectClass: posixGroup
objectClass:
top
cn: user4
userPassword:: e2NyeXB0fXg=
gidNumber: 10004
dn: cn=user5,ou=Group,
dc
=contoso,
dc
=com
objectClass: posixGroup
objectClass:
top
cn: user5
userPassword:: e2NyeXB0fXg=
gidNumber: 10005
|
已經將在本地使用shell腳本批量創建的5個用戶(user1--user5)以及對應的5個用戶組(user1--user5)都導入到ldap中,從本地系統添加用戶到ldap中的操作完成。