After idsconfig has completed the setup of the directory, you need to run the specified commands on the server before the server setup is complete and the server is ready to serve clients.
Populating the Directory Server Using ldapaddent
Note - Before populating the directory server with data, you must configure the server to store passwords in Unix Crypt format if you are using pam_unix. If you are using pam_ldap, you can store passwords in any format. For more information on setting the password in UNIX crypt format, see the iPlanet Directory Server documents.
Note - ldapaddent(1M)can only run on a client which is already configured for the LDAP naming service.
ldapaddent reads from the standard input (that being an /etc/filename like passwd) and places this data to the container associated with the service. Client configuration determines how the data will be written by default.
The following is an example of populating the server with data using ldapaddent.
Example 15-2 How to populate the iPlanet Directory Server 5.1 with user password data using ldapaddent
Use the ldapaddent command to add /etc/passwd entires to the server.
# ldapaddent -D "cn=directory manager" -f /etc/passwd passwd
See ldapaddent(1M). See Chapter 13, Basic Components and Concepts (Overview) for information regarding LDAP security and write-access to the Directory Server.
Managing Printer Entries
Adding Printers
To add printer entries into the LDAP directory use either the printmgr configuration tool or the lpset -n ldap command-line utility See lpset(1M). Note that the printer objects added to the directory only define the connection parameter, required by print system clients, of printers. Local print server configuration data is still held in files. A typical printer entry would look like the following.
printer-uri=myprinter,ou=printers,dc=mkg,dc=example,dc=com objectclass=top objectclass=printerService objectclass=printerAbstract objectclass=sunPrinter printer-name=myprinter sun-printer-bsdaddr=printsvr.example.com,myprinter,Solaris sun-printer-kvp=description=HP LaserJet (PS) printer-uri=myprinter |
Using lpget
lpget(1M) can be used to list all printer entries known by the LDAP client's LDAP directory. If the LDAP client's LDAP server is a replica server, then printers listed may or may not be the same as that in the master LDAP server depending on the update replication agreement. See lpget(1M) for more information.
For example, to list all printers for a given base DN you would type the following.
# lpget -n ldap list
myprinter: dn=myprinter,ou=printers,dc=mkt,dc=example,dc=com bsdaddr=printsvr.example.com,myprinter,Solaris description=HP LaserJet (PS) |
Populating the Server with Additional Profiles
Use ldapclient with the genprofile option to create an LDIF representation of a configuration profiles, based on the attributes specified. The profile you create can then be loaded into an LDAP server to be used as the client profile, which can be downloaded by the client using ldapclient init.
Refer to ldapclient(1M) for information on using ldapclient genprofile.
The following is an example of how to populate the server with additional profiles using ldapclient.
Example 15-3 How to populate the server with additional profiles
Become superuser,
Use ldapclient with the genprofile command.
# ldapclient genprofile -a profileName=myprofile \
-a defaultSearchBase=dc=west,dc=example,dc=com \
-a "defaultServerList=192.168.0.0 192.168.0.1:386" \
> myprofile.ldif
Upload the new profile to the server.
# ldapadd -h 192.168.0.0 --D "cn=directory manager" --f myprofile.ldif