Modify user in OpenLDAP

Home > Search
  by

Let's take an example where you have a user named John Doe in LDAP, and you want to change John's GID (group ID). Create a file named user_modify.ldif. Technically, you can name the file anything you like.

~]# touch /etc/openldap/slapd.d/user_modify.ldif

 

Add the following to the user_modify.ldif file. In this example, John Doe's new GID will be 1002.

dn: uid=JohnDoe,ou=People,dc=example,dc=com
changetype: modify
replace: gidNumber
gidNumber: 1002

 

Use the ldapmodify command to update John Doe's GID to 1002.

~]# ldapadd -x -W -D "cn=Manager,dc=example,dc=com" -f /etc/openldap/slapd.d/user_modify.ldif
Enter LDAP password: ******
modifying entry "cn=JohnDoe,ou=People,dc=example,dc=com"

 

The ldapsearch command can be used to ensure that John Doe's GID is now 1002.

~]# ldapsearch -x -b dc=example,dc=com
dn: uid=JohnDoe,ou=People,dc=example,dc=com
uid: JohnDoe
cn: JohnDoe
sn: JohnDoe
mail: JohnDoe@example.com
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword: {crypx}asldfjalkfjaslkfavkjalkalkvjalkvjalfjadofiasoifjelemlaemlakemla
shadowLastChange: 17483
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 1001
gidNumber: 1002
homeDirectory: /home/JohnDoe
gecos: JohnDoe

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter in the box below so that we can be sure you are a human.




Comments