FreeKB - OpenLDAP Add group
OpenLDAP - Add group

Before adding a group to OpenLDAP, ensure the Group OU has been added.


Create a new group.

~]# addgroup admins


Add one or more users to the new group.

~]# usermod -aG admins JohnDoe


Redirect the newly add group to a new file.

~]# cat /etc/group | grep admins > /tmp/group


File /tmp/group should have the following.



Migrate the contents of the /etc/group file into the group.ldif file.

~]# /usr/share/migrationtools/ /tmp/group /etc/openldap/slapd.d/group.ldif


The LDIF file should now contain details for the group and group members.

~]# /etc/openldap/slapd.d/group.ldif
dn: cn=admins,ou=Group,dc=example,dc=com
objectClass: PosixGroup
objectClass: top
cn: admins
userPassword: {crypt}x
gidNumber: 1003
memberUid: JohnDoe


Import the group into LDAP database.

~]# ldapadd -x -W -D "cn=Manager,dc=example,dc=com" -f /etc/openldap/slapd.d/group.ldif
Enter LDAP password: ******
adding new entry "cn=admins,ou=Group,dc=example,dc=com"


The ldapsearch command can be used to ensure the admins group was added to LDAP database.

Add a Comment

We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.

Please enter a4db0 in the box below so that we can be sure you are a human.


Web design by yours truely - me, myself, and I   |   |