< Previous | Contents | Next >
1.3. Modifying/Populating your Database
Let's introduce some content to our database. We will add the following:
• a node called People (to store users)
• a node called Groups (to store groups)
• a group called miners
• a user called john
Create the following LDIF file and call it add_content.ldif:
dn: ou=People,dc=example,dc=com objectClass: organizationalUnit ou: People
dn: ou=Groups,dc=example,dc=com objectClass: organizationalUnit ou: Groups
dn: cn=miners,ou=Groups,dc=example,dc=com objectClass: posixGroup
cn: miners gidNumber: 5000
dn: uid=john,ou=People,dc=example,dc=com objectClass: inetOrgPerson
objectClass: posixAccount objectClass: shadowAccount uid: john
sn: Doe givenName: John cn: John Doe
displayName: John Doe uidNumber: 10000
gidNumber: 5000 userPassword: johnldap gecos: John Doe loginShell: /bin/bash homeDirectory: /home/john
It's important that uid and gid values in your directory do not collide with local values. Use high number ranges, such as starting at 5000. By setting the uid and gid values in ldap high, you also allow for easier control of what can be done with a local user vs a ldap one. More on that later.
Add the content:
ldapadd -x -D cn=admin,dc=example,dc=com -W -f add_content.ldif
Enter LDAP Password: ********
adding new entry "ou=People,dc=example,dc=com"
adding new entry "ou=Groups,dc=example,dc=com"
adding new entry "cn=miners,ou=Groups,dc=example,dc=com"
adding new entry "uid=john,ou=People,dc=example,dc=com"
We can check that the information has been correctly added with the ldapsearch utility:
ldapsearch -x -LLL -b dc=example,dc=com 'uid=john' cn gidNumber
dn: uid=john,ou=People,dc=example,dc=com cn: John Doe
gidNumber: 5000
Explanation of switches:
• -x: "simple" binding; will not use the default SASL method
• -LLL: disable printing extraneous information
• uid=john: a "filter" to find the john user
• cn gidNumber: requests certain attributes to be displayed (the default is to show all attributes)