ldapaddent - create LDAP  entries  from  corresponding  /etc


     ldapaddent [-cpv] [-a authenticationMethod] [-b  baseDN]  -D
     bindDN -w bind_password [-f filename] database

     ldapaddent -d [-v] [-a authenticationMethod] [-b baseDN] [-D
     bindDN] [-w bind_password] database


     ldapaddent creates entries in  LDAP  containers  from  their
     corresponding  /etc  files. This operation is customized for
     each of  the  standard  containers  that  are  used  in  the
     administration  of   Solaris  systems. The database argument
     specifies the type of the data being processed. Legal values
     for  this  type are one of aliases, auto_*, bootparams, eth-
     ers,  group, hosts  (including  IPv6  addresses),  netgroup,
     netmasks,   networks,  passwd, shadow, protocols, publickey,
     rpc, and services.

     By default, ldapaddent reads from  the  standard  input  and
     adds   this  data  to the LDAP container associated with the
     database specified on the command line. An input  file  from
     which data can be read is specified using the -f option.

     The entries will be stored in the  directory  based  on  the
     client's  configuration,  thus the client must be configured
     to use LDAP naming services.  The location where entries are
     to be written can be overridden by using the -b option.

     If the entry to be added exists in the directory,  the  com-
     mand  displays   an error and exits, unless the -c option is

     Although, there is  a  shadow  database   type,   there   is
     no  corresponding  shadow container. Both the shadow and the
     passwd  data is stored in the people container itself. Simi-
     larly,  data from networks and netmasks databases are stored
     in the networks container.

     You must add entries from the  passwd  database  before  you
     attempt  to  add entries from the shadow database. The addi-
     tion of a shadow entry that does not  have  a  corresponding
     passwd entry will fail.

     For better performance, the recommended order in  which  the
     databases should be loaded is as follows:

        o  passwd database followed by shadow database

        o  networks database followed by netmasks database

        o  bootparams database followed by ethers database

     Only the first entry of a given  type  that  is  encountered
     will  be  added  to  the LDAP server. The ldapaddent command
     skips any duplicate entries.


     The ldapaddent command supports the following options:

     -a authenticationMethod
           Specify authentication  method.  The default value  is
           what  has  been  configured  in the profile.  The sup-
           ported authentication methods are:

              o  simple

              o  sasl/CRAM-MD5

              o  sasl/DIGEST-MD5

              o  tls:simple

              o  tls:sasl/CRAM-MD5

              o  tls:sasl/DIGEST-MD5
           Selecting simple causes passwords to be sent over  the
           network   in   clear   text.    Its  use  is  strongly
           discouraged.  Additionally, if the client  is  config-
           ured with a profile which uses no authentication, that
           is, either the credentialLevel  attribute  is  set  to
           anonymous  or authenticationMethod is set to none, the
           user must use this option to provide an authentication

     -b baseDN
           Create entries in the baseDN directory.  baseDN is not
           relative  to  the  client's  default  search base, but
           rather. it is the actual location  where  the  entries
           will  be created. If this parameter  is not specified,
           the first search descriptor defined for the service or
           the default container will be used.

     -c    Continue adding entries to the directory even after an
           error.  Entries  will  not  be  added if the directory
           server is not responding or if there is an authentica-
           tion problem.

     -D bindDN
           Create an entry which  has  write  permission  to  the
           baseDN.  When  used  with  -d  option, this entry only
           needs read permission.

     -d    Dump the LDAP container to the standard output in  the
           appropriate format for the given database.

     -f filename
           Indicates input file to read in an /etc/ file format.

     -p    Process  the  password  field  when  loading  password
           information  from  a  file.  By  default, the password
           field is ignored because it is usually not  valid,  as
           the actual password appears in a shadow file.

     -w bind_password
           Password to be used for authenticating the bindDN.  If
           this parameter is missing, the command will prompt for
           a password.  NULL passwords are not supported in LDAP.

           When you use -w bind_password to specify the  password
           to be used for authentication, the password is visible
           to other users of the system by means of the  ps  com-
           mand, in script files or in shell history.

     -v    Verbose.


     The following operands are supported:

           The name of the database or  service  name.  Supported
           values          are: aliases, auto_*, bootparams, eth-
           ers,  group, hosts (including  IPv6  addresses),  net-
           group, netmasks,  networks, passwd, shadow, protocols,
           publickey, rpc, and services.


     Example 1: Adding Password Entries to the  Directory Server

     The following example show how to add  password  entries  to
     the directory server:

     example# ldapaddent -D "cn=directory manager" -w secret \
           -f /etc/passwd passwd

     Example 2: Adding Group Entries

     The following example shows how to add group entries to  the
     directory  server  using sasl/CRAM-MD5 as the authentication

     example# ldapaddent -D "cn=directory manager" -w secret \
          -a "sasl/CRAM-MD5" -f /etc/group group

     Example 3: Adding auto_master Entries

     The following example shows how to add  auto_master  entries
     to the directory server:

     example# dapaddent -D "cn=directory manager" -w secret \
          -f /etc/auto_master auto_master

     Example 4: Dumping password Entries from  the  Directory  to

     The following examples shows how to  dump  password  entries
     from the directory to a file foo:

     example# ldapaddent -d passwd > foo


     The following exit values are returned:

     0     Successful completion.

     >0    An error occurred.



           Files containing the LDAP configuration of the client.
           These  files  are  not  to be modified manually. Their
           content is not guaranteed to be human  readable.   Use
           ldapclient(1M) to update these files.


     See attributes(5) for descriptions of the  following  attri-

    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    | Availability                | SUNWnisu                    |
    | Interface Stability         | Evolving                    |


     ldap(1), ldaplist(1),  ldapmodify(1),  ldapmodrdn(1),  ldap-
     search(1),  idsconfig(1M),  ldapclient(1M),  suninstall(1M),

Man(1) output converted with man2html