Create another LDIF file ou.ldif to define organizational units:
# vi ou.ldif dn: ou=people,dc=example,dc=com objectClass: organizationalUnit ou: people dn: ou=groups,dc=example,dc=com objectClass: organizationalUnit ou: groups
Apply the organizational units configuration:
# ldapadd -x -D "cn=admin,dc=example,dc=com" -W -f ou.ldif
To verify new OUs added to the LDAP directory, you can use a similar ldapsearch command:
# ldapsearch -x -LLL -b dc=example,dc=com "(ou=*)" dn
Create an LDIF file new_group.ldif to create a new group. Add the following content to create a new group:
# vi new_group.ldif dn: cn=developers,ou=groups,dc=example,dc=com objectClass: top objectClass: posixGroup cn: developers gidNumber: 1001
Apply the changes:
# ldapadd -x -D cn=admin,dc=example,dc=com -W -f new_group.ldif
Verify the changes:
# ldapsearch -x -LLL -b dc=example,dc=com "(cn=developers)"
Create an LDIF file new_user.ldif to create a new user. Add the following content to create a new user:
# vi w_user.ldif dn: uid=jdoe,ou=people,dc=example,dc=com objectClass: inetOrgPerson objectClass: posixAccount objectClass: top cn: John Doe sn: Doe uidNumber: 1001 gidNumber: 1001 homeDirectory: /home/jdoe loginShell: /usr/bin/bash mail: jdoe@example.com userPassword: {SSHA}YourHashedPasswordHere
Apply the changes:
# ldapadd -x -D cn=admin,dc=example,dc=com -W -f new_user.ldif
Verify the changes:
# ldapsearch -x -LLL -b dc=example,dc=com "(uid=jdoe)"
Create an LDIF file modify_group.ldif to modify a group. Add the modifications, for example, adding a member:
# vi modify_group.ldif dn: cn=developers,ou=groups,dc=example,dc=com changetype: modify add: memberUid memberUid: jdoe
Apply the changes:
# ldapmodify -x -D cn=admin,dc=example,dc=com -W -f modify_group.ldif
Verify the changes:
# ldapsearch -x -LLL -b dc=example,dc=com "(cn=developers)"
Create an LDIF file modify_user.ldif to modify a user. Add the modifications, for example, changing the user's shell:
# modify_user.ldif dn: uid=jdoe,ou=people,dc=example,dc=com changetype: modify replace: loginShell loginShell: /usr/bin/bash
Apply the changes:
# ldapmodify -x -D cn=admin,dc=example,dc=com -W -f modify_user.ldif
Verify the changes:
# ldapsearch -x -LLL -b dc=example,dc=com "(uid=jdoe)"
Create an LDIF file delete_group.ldif to delete a group. Add the following content:
# vi delete_group.ldif dn: cn=developers,ou=groups,dc=example,dc=com changetype: delete
Apply the changes:
# ldapdelete -x -D cn=admin,dc=example,dc=com -W cn=developers,ou=groups,dc=example,dc=com
Verify the changes:
# ldapsearch -x -LLL -b dc=example,dc=com "(cn=developers)"
You should not get any response for this as the group will be deleted.
Create an LDIF file delete_user.ldif to delete a user. Add the following content:
# vi delete_user.ldif dn: uid=jdoe,ou=people,dc=example,dc=com changetype: delete
Apply the changes:
# ldapdelete -x -D cn=admin,dc=example,dc=com -W uid=jdoe,ou=people,dc=example,dc=com
Verify the changes:
# ldapsearch -x -LLL -b dc=example,dc=com "(uid=jdoe)"
You should see empty response.