|
Lin.DS.Op.SetProperty
|
|
| · | Linux server with OpenLDAP 2.0 or higher, configured to accept SSL connections on port 636.
|
| · | A locally installed SSL certificate.
|
| Name of property to set
|
|
|
| See table 1-6 below for information about some common properties
|
| New value for property
|
|
|
| Use the paragraph character ("§") to delimit multiple values for multi-valued properties
|
|
PropertyName
|
Comment
|
|
objectclass
|
Object class. An object can belong to more than one object class. Use paragraph characters ("§") to delimit multiple classes. The objectclass property can usually not be modified after an object has been created, therefore, be careful to examine exactly which classes your application needs before creating a large number of objects.
|
|
PropertyName
|
Comment
|
|
cn
|
User name (same as uid), must be unique, Lin.DS.Op.SetProperty will stop with an error if not
|
|
gecos
|
Full name
Notice: If you enter national characters (ascii code 128 and higher) in this attribute and get the error message "Invalid Syntax (#0) - gecos: value #0 invalid per syntax.", you probably need to modify the gecos definition in the nis.schema file to something like this: attributetype ( 1.3.6.1.1.1.1.2 NAME 'gecos' DESC 'The GECOS field; the common name' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE ) Remember to restart the LDAP server after modifying the schema. |
|
gidNumber
|
Linux primary group number or name, Lin.DS.Op.SetProperty will stop with an error if a non-existing group is specified
|
|
homeDirectory
|
Linux home directory
|
|
loginShell
|
Linux logon shell
|
|
uid
|
User name (same as cn), must be unique, Lin.DS.Op.SetProperty will stop with an error if not
Warning: do not rename objects by changing uid with Lin.DS.Op.SetProperty, this will make uid out of sync with the dn, instead use Lin.DS.OU.MoveObject |
|
uidNumber
|
Linux user id number, must be unique, Lin.DS.Op.SetProperty will stop with an error if not
Specify "Auto" in value parameter to automatically use next available number higher than 1000 (generated value stored in %LinuxUidNumber% variable) |
|
userPassword
|
Linux password for systems using NSS/PAM LDAP, the SHA hash of the password is stored
|
|
userPasswordHash
|
Linux password hash, use this attribute as destination when moving hashes between systems
Supported hash types: any that destination OS supports |
|
PropertyName
|
Comment
|
|
givenName
|
First name
|
|
homePhone
|
Home Phone
|
|
initials
|
Initials
|
|
mail
|
Mail
|
|
sn
|
Last name
|
|
PropertyName
|
Comment
|
|
acctFlags
|
Account flags, 11-character string surrounded by [ ], U=user account, W=workstation account, D=disabled, X=no password expiration, check Samba documentation for more information
|
|
homeDrive
|
Drive letter to which to map smbHome
|
|
lmPassword
|
Lanman password, for users who logs on from non-NT clients (Windows 95, 98, ME)
Warning! Lanman passwords are weak, do not set lmPassword unless you have a client that requires it |
|
lmPasswordHash
|
Lanman password hash, use this attribute as destination when moving hashes between systems
|
|
ntPassword
|
NT password, for users who logs on from NT clients (NT, 2000, XP, 2003)
|
|
ntPasswordHash
|
NT password hash, use this attribute as destination when moving hashes between systems
|
|
primaryGroupID
|
Relative identifier or name of primary group, Lin.DS.Op.SetProperty will stop with an error if a non-existing group is specified
|
|
profilePath
|
User profile path
|
|
pwdCanChange
|
User can change password, 0 to clear or 2147483647 to set
|
|
pwdMustChange
|
User must change password, 0 to clear or 2147483647 to set
|
|
rid
|
Relative identifier of user, must be unique, Lin.DS.Op.SetProperty will stop with an error if not
Specify "Auto" in value parameter to automatically calculate from (2*uid)+1000 Use BuildRID to calculate yourself |
|
scriptPath
|
Script path, relative to netlogon share
|
|
smbHome
|
Home directory path
|
|
PropertyName
|
Comment
|
|
sambaAcctFlags
|
Account flags, string surrounded by [ ], U=user account, W=workstation account, D=disabled, X=no password expiration, check Samba documentation for more information
|
|
sambaHomeDrive
|
Drive letter to which to map smbHome
|
|
sambaHomePath
|
Home directory path
|
|
sambaLMPassword
|
Lanman password, for users who logs on from non-NT clients (Windows 95, 98, ME)
Warning! Lanman passwords are weak, do not set lmPassword unless you have a client that requires it |
|
sambaLMPasswordHash
|
Lanman password hash, use this attribute as destination when moving hashes between systems
|
|
sambaLogonScript
|
Script path, relative to netlogon share
|
|
sambaNTPassword
|
NT password, for users who logs on from NT clients (NT, 2000, XP, 2003)
|
|
sambaNTPasswordHash
|
NT password hash, use this attribute as destination when moving hashes between systems
|
|
sambaPrimaryGroupSID
|
SID or name of primary group, Lin.DS.Op.SetProperty will stop with an error if a non-existing group is specified
|
|
sambaProfilePath
|
User profile path
|
|
sambaPwdCanChange
|
User can change password, 0 to clear or 2147483647 to set
|
|
sambaPwdMustChange
|
User must change password, 0 to clear or 2147483647 to set
|
|
sambaSID
|
User SID, must be unique, Lin.DS.Op.SetProperty will stop with an error if not
Specify "Auto" in value parameter to automatically build from domain SID and (2*uid)+1000 Use BuildRID to build yourself |
|
PropertyName
|
Comment
|
|
cn
|
Group name, must be unique, Lin.DS.Op.SetProperty will stop with an error if not
|
|
gidNumber
|
Linux group id number, must be unique, Lin.DS.Op.SetProperty will stop with an error if not
Specify "Auto" in value parameter to automatically use next available number higher than 600 |
|
memberUid
|
List of member objects, can be managed with Lin.DS.Group.AddObject and Lin.DS.Group.RemoveObject
|
| · | Various Linux examples
|
| · | Transfer accounts including passwords between Linux, Novell and Windows
|