OpenLDAP - Add group

by
Jeremy Canfield |
Updated: March 11 2020
| OpenLDAP articles
Before adding a group to OpenLDAP, ensure the Group OU has been added.
Create a new group.
~]# addgroup admins
Add one or more users to the new group.
~]# usermod -aG admins JohnDoe
Redirect the newly add group to a new file.
~]# cat /etc/group | grep admins > /tmp/group
File /tmp/group should have the following.
admins:x:1003:JohnDoe
Migrate the contents of the /etc/group file into the group.ldif file.
~]# /usr/share/migrationtools/migrate_group.pl /tmp/group /etc/openldap/slapd.d/group.ldif
The LDIF file should now contain details for the group and group members.
~]# /etc/openldap/slapd.d/group.ldif
dn: cn=admins,ou=Group,dc=example,dc=com
objectClass: PosixGroup
objectClass: top
cn: admins
userPassword: {crypt}x
gidNumber: 1003
memberUid: JohnDoe
Import the group into LDAP database.
~]# ldapadd -x -W -D "cn=Manager,dc=example,dc=com" -f /etc/openldap/slapd.d/group.ldif
Enter LDAP password: ******
adding new entry "cn=admins,ou=Group,dc=example,dc=com"
The ldapsearch command can be used to ensure the admins group was added to LDAP database.
Did you find this article helpful?
If so, consider buying me a coffee over at