【LDAP】Openldap導入數據


原創作品,允許轉載,轉載時請務必以超鏈接形式標明文章  原始出處 、作者信息和本聲明。否則將追究法律責任。 http://jerry12356.blog.51cto.com/4308715/1851186

在安裝完openldap之后,默認ldap中是沒有數據的,需要管理員進行添加,當然添加的方法也不止一種,這里先介紹第一種方法:從本地系統添加用戶到ldap中。

1
2
3
4
5
6
7
8
9
10
11
12
[root@ldapsrv01 ~] # ldapsearch -x -b "dc=contoso,dc=com"
# extended LDIF
#
# LDAPv3
# base <dc=contoso,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 32 No such object
# numResponses: 1

這是安裝完openldap之后對ldap進行的數據查詢的結果。

步驟一:安裝migrationtools軟件包

從本地系統添加用戶到ldap的方法,其實就是先添加用戶到本地操作系統中,然后通過pl腳本將這些用戶轉換為ldap能夠識別的ldif文件格式,最后通過ldapadd命令導入到ldap中,從而完成ldap數據的導入,要使用pl腳本將本地用戶信息轉換為ldif文件格式,首先需要安裝一個軟件,名字為migrationtools。

1
2
yum  install  migrationtools -y
# 直接yum安裝即可
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
[root@ldapsrv01 ~] # rpm -ql migrationtools
/usr/share/doc/migrationtools-47
/usr/share/doc/migrationtools-47/README
/usr/share/doc/migrationtools-47/migration-tools .txt
/usr/share/migrationtools
/usr/share/migrationtools/migrate_aliases .pl
/usr/share/migrationtools/migrate_all_netinfo_offline .sh
/usr/share/migrationtools/migrate_all_netinfo_online .sh
/usr/share/migrationtools/migrate_all_nis_offline .sh
/usr/share/migrationtools/migrate_all_nis_online .sh
/usr/share/migrationtools/migrate_all_nisplus_offline .sh
/usr/share/migrationtools/migrate_all_nisplus_online .sh
/usr/share/migrationtools/migrate_all_offline .sh
/usr/share/migrationtools/migrate_all_online .sh
/usr/share/migrationtools/migrate_automount .pl
/usr/share/migrationtools/migrate_base .pl
/usr/share/migrationtools/migrate_common .ph
/usr/share/migrationtools/migrate_fstab .pl
/usr/share/migrationtools/migrate_group .pl
/usr/share/migrationtools/migrate_hosts .pl
/usr/share/migrationtools/migrate_netgroup .pl
/usr/share/migrationtools/migrate_netgroup_byhost .pl
/usr/share/migrationtools/migrate_netgroup_byuser .pl
/usr/share/migrationtools/migrate_networks .pl
/usr/share/migrationtools/migrate_passwd .pl
/usr/share/migrationtools/migrate_profile .pl
/usr/share/migrationtools/migrate_protocols .pl
/usr/share/migrationtools/migrate_rpc .pl
/usr/share/migrationtools/migrate_services .pl
/usr/share/migrationtools/migrate_slapd_conf .pl

 

使用rpm -ql命令可以看到,該軟件安裝后在/usr/share/migrationtools/目錄下生成了很多腳本文件,有shell也有perl,而我們就是使用其中的perl腳本完成ldap文件的生成。

步驟二:修改migrationtools配置文件

1
2
3
4
5
6
cp  /usr/share/migrationtools/migrate_common .ph  /usr/share/migrationtools/migrate_common .ph.bak
#備份一下腳本
sed  -i  's/padl.com/contoso.com/g'  /usr/share/migrationtools/migrate_common .ph
#修改默認的域名padl.com為我的域名,這里為contoso.com,所以只把padl替換為contoso
sed  -i  's/dc=padl,dc=com/dc=contoso,dc=com/g'  /usr/share/migrationtools/migrate_common .ph
#還是域名信息的修改

修改之后,要確保下面兩條的值為服務器真實的域名,如下:

1
2
$DEFAULT_MAIL_DOMAIN =  "contoso.com" ;
$DEFAULT_BASE =  "dc=contoso,dc=com" ;

步驟三:生成base.ldif文件並導入到ldap中

然后首先生成base.ldif文件

1
/usr/share/migrationtools/migrate_base .pl > base.ldif
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
[root@ldapsrv01 ~] # cat base.ldif
dn:  dc =contoso, dc =com
dc : contoso
objectClass:  top
objectClass: domain
dn: ou=Hosts, dc =contoso, dc =com
ou: Hosts
objectClass:  top
objectClass: organizationalUnit
dn: ou=Rpc, dc =contoso, dc =com
ou: Rpc
objectClass:  top
objectClass: organizationalUnit
dn: ou=Services, dc =contoso, dc =com
ou: Services
objectClass:  top
objectClass: organizationalUnit
dn: nisMapName=netgroup.byuser, dc =contoso, dc =com
nismapname: netgroup.byuser
objectClass:  top
objectClass: nisMap
dn: ou=Mounts, dc =contoso, dc =com
ou: Mounts
objectClass:  top
objectClass: organizationalUnit
dn: ou=Networks, dc =contoso, dc =com
ou: Networks
objectClass:  top
objectClass: organizationalUnit
dn: ou=People, dc =contoso, dc =com
ou: People
objectClass:  top
objectClass: organizationalUnit
dn: ou=Group, dc =contoso, dc =com
ou: Group
objectClass:  top
objectClass: organizationalUnit
dn: ou=Netgroup, dc =contoso, dc =com
ou: Netgroup
objectClass:  top
objectClass: organizationalUnit
dn: ou=Protocols, dc =contoso, dc =com
ou: Protocols
objectClass:  top
objectClass: organizationalUnit
dn: ou=Aliases, dc =contoso, dc =com
ou: Aliases
objectClass:  top
objectClass: organizationalUnit
dn: nisMapName=netgroup.byhost, dc =contoso, dc =com
nismapname: netgroup.byhost
objectClass:  top
objectClass: nisMap

但是這其中有很多信息都不是我所需要的,所以可以刪除不需要的信息,修改完成之后,如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
[root@ldapsrv01 ~] # cat base.ldif
dn:  dc =contoso, dc =com
dc : contoso
objectClass:  top
objectClass: domain
dn: ou=People, dc =contoso, dc =com
ou: People
objectClass:  top
objectClass: organizationalUnit
dn: ou=Group, dc =contoso, dc =com
ou: Group
objectClass:  top
objectClass: organizationalUnit
dn: cn=tech,ou=group, dc =contoso, dc =com
objectClass: posixGroup
description: Technology
gidNumber: 10001
cn: tech

現在,把修改好的base.ldif導入到ldap中,通過使用ldapadd命令來完成。

1
2
3
4
5
6
[root@ldapsrv01 ~] # ldapadd -x -D "cn=admin,dc=contoso,dc=com" -W -f base.ldif 
Enter LDAP Password: 
adding new entry  "dc=contoso,dc=com"
adding new entry  "ou=People,dc=contoso,dc=com"
adding new entry  "ou=Group,dc=contoso,dc=com"
adding new entry  "cn=tech,ou=group,dc=contoso,dc=com"

導入完成之后,我再進行一次簡單查詢:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
[root@ldapsrv01 ~] # ldapsearch -x -b "dc=contoso,dc=com"
# extended LDIF
#
# LDAPv3
# base <dc=contoso,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# contoso.com
dn:  dc =contoso, dc =com
dc : contoso
objectClass:  top
objectClass: domain
# People, contoso.com
dn: ou=People, dc =contoso, dc =com
ou: People
objectClass:  top
objectClass: organizationalUnit
# Group, contoso.com
dn: ou=Group, dc =contoso, dc =com
ou: Group
objectClass:  top
objectClass: organizationalUnit
# tech, Group, contoso.com
dn: cn=tech,ou=Group, dc =contoso, dc =com
objectClass: posixGroup
description: Technology
gidNumber: 10001
cn: tech
# search result
search: 2
result: 0 Success
# numResponses: 5
# numEntries: 4

可以看到,ldap中已經存在之前導入的ou和group了,下面准備用戶和組的信息的導入。

步驟四:添加本地系統用戶

這里我使用一個腳本(這個腳本不是我寫的,而且批量生成用戶也算是個簡單的腳本吧,怪不得RHCE考這個,原來這里能用到啊。)來批量生成幾個用戶,然后將這些生成的用戶導入到ldap中。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
[root@ldapsrv01 ~] # cat addusers.sh 
#!/bin/bash  
# Add system user  
for  ldap  in  {1..5}; do  
     if  id  user${ldap} &>  /dev/null ; then  
         echo  "System account already exists"  
     else  
         adduser user${ldap} -u $((10000 + $ldap))  
         echo  user${ldap} |  passwd  --stdin user${ldap} &>  /dev/null  
         echo  "user${ldap} system add finish"  
     fi  
done  
[root@ldapsrv01 ~] # ./addusers.sh 
user1 system add finish
user2 system add finish
user3 system add finish
user4 system add finish
user5 system add finish
[root@ldapsrv01 ~] # id user1
uid=10001(user1) gid=10001(user1)  groups =10001(user1)
[root@ldapsrv01 ~] # id user2
uid=10002(user2) gid=10002(user2)  groups =10002(user2)
[root@ldapsrv01 ~] # id user3
uid=10003(user3) gid=10003(user3)  groups =10003(user3)
[root@ldapsrv01 ~] # id user4
uid=10004(user4) gid=10004(user4)  groups =10004(user4)
[root@ldapsrv01 ~] # id user5
uid=10005(user5) gid=10005(user5)  groups =10005(user5)

步驟五:生成people.ldif和group.ldif文件

1
2
3
4
5
6
7
[root@ldapsrv01 ~] # tail -5 /etc/passwd
user1:x:10001:10001:: /home/user1 : /bin/bash
user2:x:10002:10002:: /home/user2 : /bin/bash
user3:x:10003:10003:: /home/user3 : /bin/bash
user4:x:10004:10004:: /home/user4 : /bin/bash
user5:x:10005:10005:: /home/user5 : /bin/bash
[root@ldapsrv01 ~] # tail -5 /etc/passwd > testuser

將這5個用戶保存到testuser中,稍后會對這5個本地賬戶生成ladp用戶文件。

1
2
3
4
5
6
7
[root@ldapsrv01 ~] # tail -5 /etc/group
user1:x:10001:
user2:x:10002:
user3:x:10003:
user4:x:10004:
user5:x:10005:
[root@ldapsrv01 ~] # tail -5 /etc/group > testgroup

將這5個組保存到testgroup中,同樣稍后會用到。

1
2
3
4
/usr/share/migrationtools/migrate_passwd .pl testuser people.ldif
#根據testuser生成ldap用戶數據文件people.ldif
/usr/share/migrationtools/migrate_group .pl testgroup group.ldif
#根據testgroup生成ldap組的數據文件group.ldif

注意,這兩條命令的執行一定要在testuser/testgroup目錄下,否則要加上全路徑,不然找不到文件。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
[root@ldapsrv01 ~] # cat people.ldif 
dn: uid=user1,ou=People, dc =contoso, dc =com
uid: user1
cn: user1
objectClass: account
objectClass: posixAccount
objectClass:  top
objectClass: shadowAccount
userPassword: {crypt}$6$Zs9mXyPO$QdqHS8nA /vyjUdnSWLIpM4QiaPtsca1WllXu0dWQOgTza2Qr4TcC3sHbAbJsWI0KannwnM .zFFroqxzglFfJT0
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:  /bin/bash
uidNumber: 10001
gidNumber: 10001
homeDirectory:  /home/user1
dn: uid=user2,ou=People, dc =contoso, dc =com
uid: user2
cn: user2
objectClass: account
objectClass: posixAccount
objectClass:  top
objectClass: shadowAccount
userPassword: {crypt}$6$0dHBettP$u4vVTWuVkRN8NGIecG5O7VSnFDCtcQF /623lLY4Ih6RXORfFcRxh9fFdvssYeg6QAw1KY4LKtk .zwzdVXH2rh1
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:  /bin/bash
uidNumber: 10002
gidNumber: 10002
homeDirectory:  /home/user2
dn: uid=user3,ou=People, dc =contoso, dc =com
uid: user3
cn: user3
objectClass: account
objectClass: posixAccount
objectClass:  top
objectClass: shadowAccount
userPassword: {crypt}$6$CXSotuEN$QSo5gJFlsJ6uZhqaK8qDto.5u2WXwvWSV1JqVP9WMOUVhxZXY8I.XMEUojwGGwpSYY1OtY2Sl /J7dzSk1ey6F/
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:  /bin/bash
uidNumber: 10003
gidNumber: 10003
homeDirectory:  /home/user3
dn: uid=user4,ou=People, dc =contoso, dc =com
uid: user4
cn: user4
objectClass: account
objectClass: posixAccount
objectClass:  top
objectClass: shadowAccount
userPassword: {crypt}$6$ycSPE1gY$ofWgCYtRk9s5LnLKnR4FR5ld10wI6riT2u0jA8wytMm07am1NZreNdhEAJb8.erz4HasyhlsGqecBNdfx5x6S0
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:  /bin/bash
uidNumber: 10004
gidNumber: 10004
homeDirectory:  /home/user4
dn: uid=user5,ou=People, dc =contoso, dc =com
uid: user5
cn: user5
objectClass: account
objectClass: posixAccount
objectClass:  top
objectClass: shadowAccount
userPassword: {crypt}$6$xVZ5hNeH$GzlC19E6Tiq /4Y3HmtCwRjjKVzvcI2IA .z.QPqhwHU.mSV1UT7uZiaVG8HelvbgZJsn3Z1te75C /DNZ .C0Ov50
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:  /bin/bash
uidNumber: 10005
gidNumber: 10005
homeDirectory:  /home/user5

這是生成的people.ldif文件,里面是用戶的信息,包括密碼等信息,如果某些字段不需要,也可以刪除。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
[root@ldapsrv01 ~] # cat group.ldif 
dn: cn=user1,ou=Group, dc =contoso, dc =com
objectClass: posixGroup
objectClass:  top
cn: user1
userPassword: {crypt}x
gidNumber: 10001
dn: cn=user2,ou=Group, dc =contoso, dc =com
objectClass: posixGroup
objectClass:  top
cn: user2
userPassword: {crypt}x
gidNumber: 10002
dn: cn=user3,ou=Group, dc =contoso, dc =com
objectClass: posixGroup
objectClass:  top
cn: user3
userPassword: {crypt}x
gidNumber: 10003
dn: cn=user4,ou=Group, dc =contoso, dc =com
objectClass: posixGroup
objectClass:  top
cn: user4
userPassword: {crypt}x
gidNumber: 10004
dn: cn=user5,ou=Group, dc =contoso, dc =com
objectClass: posixGroup
objectClass:  top
cn: user5
userPassword: {crypt}x
gidNumber: 10005

這是生成的group.ldif文件,里面是用戶組的信息,這里的gidNumber就是在本地操作系統中的gid。

因為我之前已經添加了一個tech的用戶組,它的gidNumber是10001,會跟即將導入的user1組的gidNumber沖突,所以我先刪除tech用戶組。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
[root@ldapsrv01 ~] # ldapdelete -x -D "cn=admin,dc=contoso,dc=com" -W "cn=tech,ou=Group,dc=contoso,dc=com"
Enter LDAP Password: 
[root@ldapsrv01 ~] # ldapsearch -x -b "dc=contoso,dc=com"
# extended LDIF
#
# LDAPv3
# base <dc=contoso,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# contoso.com
dn:  dc =contoso, dc =com
dc : contoso
objectClass:  top
objectClass: domain
# People, contoso.com
dn: ou=People, dc =contoso, dc =com
ou: People
objectClass:  top
objectClass: organizationalUnit
# Group, contoso.com
dn: ou=Group, dc =contoso, dc =com
ou: Group
objectClass:  top
objectClass: organizationalUnit
# search result
search: 2
result: 0 Success
# numResponses: 4
# numEntries: 3

已經沒有tech用戶組了,可以開始導入用戶和用戶組了。

步驟六:導入ldif文件到ldap中

1
2
3
4
5
6
7
[root@ldapsrv01 ~] # ldapadd -x -D "cn=admin,dc=contoso,dc=com" -W -f people.ldif 
Enter LDAP Password: 
adding new entry  "uid=user1,ou=People,dc=contoso,dc=com"
adding new entry  "uid=user2,ou=People,dc=contoso,dc=com"
adding new entry  "uid=user3,ou=People,dc=contoso,dc=com"
adding new entry  "uid=user4,ou=People,dc=contoso,dc=com"
adding new entry  "uid=user5,ou=People,dc=contoso,dc=com"

導入people.ldif文件,操作成功。

1
2
3
4
5
6
7
[root@ldapsrv01 ~] # ldapadd -x -D "cn=admin,dc=contoso,dc=com" -W -f group.ldif 
Enter LDAP Password: 
adding new entry  "cn=user1,ou=Group,dc=contoso,dc=com"
adding new entry  "cn=user2,ou=Group,dc=contoso,dc=com"
adding new entry  "cn=user3,ou=Group,dc=contoso,dc=com"
adding new entry  "cn=user4,ou=Group,dc=contoso,dc=com"
adding new entry  "cn=user5,ou=Group,dc=contoso,dc=com"

導入group.ldif文件,操作成功。

步驟七:搜索ldap用戶和組,驗證操作是否成功

再對ldap進行一次用戶檢索:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
[root@ldapsrv01 ~] # ldapsearch -LLL -x -D "cn=admin,dc=contoso,dc=com" -W -b "dc=contoso,dc=com" '(uid=*)'
Enter LDAP Password: 
dn: uid=user1,ou=People, dc =contoso, dc =com
uid: user1
cn: user1
objectClass: account
objectClass: posixAccount
objectClass:  top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQ2JFpzOW1YeVBPJFFkcUhTOG5BL3Z5alVkblNXTElwTTRRaWFQdHN
  jYTFXbGxYdTBkV1FPZ1R6YTJRcjRUY0Mzc0hiQWJKc1dJMEthbm53bk0uekZGcm9xeHpnbEZmSlQw
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:  /bin/bash
uidNumber: 10001
gidNumber: 10001
homeDirectory:  /home/user1
dn: uid=user2,ou=People, dc =contoso, dc =com
uid: user2
cn: user2
objectClass: account
objectClass: posixAccount
objectClass:  top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQ2JDBkSEJldHRQJHU0dlZUV3VWa1JOOE5HSWVjRzVPN1ZTbkZEQ3R
  jUUYvNjIzbExZNEloNlJYT1JmRmNSeGg5ZkZkdnNzWWVnNlFBdzFLWTRMS3RrLnp3emRWWEgycmgx
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:  /bin/bash
uidNumber: 10002
gidNumber: 10002
homeDirectory:  /home/user2
dn: uid=user3,ou=People, dc =contoso, dc =com
uid: user3
cn: user3
objectClass: account
objectClass: posixAccount
objectClass:  top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQ2JENYU290dUVOJFFTbzVnSkZsc0o2dVpocWFLOHFEdG8uNXUyV1h
  3dldTVjFKcVZQOVdNT1VWaHhaWFk4SS5YTUVVb2p3R0d3cFNZWTFPdFkyU2wvSjdkelNrMWV5NkYv
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:  /bin/bash
uidNumber: 10003
gidNumber: 10003
homeDirectory:  /home/user3
dn: uid=user4,ou=People, dc =contoso, dc =com
uid: user4
cn: user4
objectClass: account
objectClass: posixAccount
objectClass:  top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQ2JHljU1BFMWdZJG9mV2dDWXRSazlzNUxuTEtuUjRGUjVsZDEwd0k
  2cmlUMnUwakE4d3l0TW0wN2FtMU5acmVOZGhFQUpiOC5lcno0SGFzeWhsc0dxZWNCTmRmeDV4NlMw
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:  /bin/bash
uidNumber: 10004
gidNumber: 10004
homeDirectory:  /home/user4
dn: uid=user5,ou=People, dc =contoso, dc =com
uid: user5
cn: user5
objectClass: account
objectClass: posixAccount
objectClass:  top
objectClass: shadowAccount
userPassword:: e2NyeXB0fSQ2JHhWWjVoTmVIJEd6bEMxOUU2VGlxLzRZM0htdEN3UmpqS1Z6dmN
  JMklBLnouUVBxaHdIVS5tU1YxVVQ3dVppYVZHOEhlbHZiZ1pKc24zWjF0ZTc1Qy9ETlouQzBPdjUw
shadowLastChange: 17053
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell:  /bin/bash
uidNumber: 10005
gidNumber: 10005
homeDirectory:  /home/user5

對用戶組進行數據檢索:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
[root@ldapsrv01 ~] # ldapsearch -LLL -x -D "cn=admin,dc=contoso,dc=com" -W -b "dc=contoso,dc=com" '(objectClass=posixGroup)'
Enter LDAP Password: 
dn: cn=user1,ou=Group, dc =contoso, dc =com
objectClass: posixGroup
objectClass:  top
cn: user1
userPassword:: e2NyeXB0fXg=
gidNumber: 10001
dn: cn=user2,ou=Group, dc =contoso, dc =com
objectClass: posixGroup
objectClass:  top
cn: user2
userPassword:: e2NyeXB0fXg=
gidNumber: 10002
dn: cn=user3,ou=Group, dc =contoso, dc =com
objectClass: posixGroup
objectClass:  top
cn: user3
userPassword:: e2NyeXB0fXg=
gidNumber: 10003
dn: cn=user4,ou=Group, dc =contoso, dc =com
objectClass: posixGroup
objectClass:  top
cn: user4
userPassword:: e2NyeXB0fXg=
gidNumber: 10004
dn: cn=user5,ou=Group, dc =contoso, dc =com
objectClass: posixGroup
objectClass:  top
cn: user5
userPassword:: e2NyeXB0fXg=
gidNumber: 10005

已經將在本地使用shell腳本批量創建的5個用戶(user1--user5)以及對應的5個用戶組(user1--user5)都導入到ldap中,從本地系統添加用戶到ldap中的操作完成。


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM