OpenLDAP - Modify user in OpenLDAP
by
Jeremy Canfield |
Updated: October 02 2023
| OpenLDAP articles
Let's take an example where you have a user named John Doe in LDAP, and you want to change John's GID (group ID). Create a file named user_modify.ldif. Technically, you can name the file anything you like.
~]# touch /etc/openldap/slapd.d/user_modify.ldif
Add the following to the user_modify.ldif file. In this example, John Doe's new GID will be 1002.
dn: uid=JohnDoe,ou=People,dc=example,dc=com
changetype: modify
replace: gidNumber
gidNumber: 1002
Use the ldapmodify command to update John Doe's GID to 1002.
~]# ldapadd -x -W -D "cn=Manager,dc=example,dc=com" -f /etc/openldap/slapd.d/user_modify.ldif
Enter LDAP password: ******
modifying entry "cn=JohnDoe,ou=People,dc=example,dc=com"
The ldapsearch command can be used to ensure that John Doe's GID is now 1002.
~]# ldapsearch -x -b dc=example,dc=com
dn: uid=JohnDoe,ou=People,dc=example,dc=com
uid: JohnDoe
cn: JohnDoe
sn: JohnDoe
mail: JohnDoe@example.com
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword: {crypx}asldfjalkfjaslkfavkjalkalkvjalkvjalfjadofiasoifjelemlaemlakemla
shadowLastChange: 17483
shadowMin: 0
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 1001
gidNumber: 1002
homeDirectory: /home/JohnDoe
gecos: JohnDoe
Did you find this article helpful?
If so, consider buying me a coffee over at