[ Bottom of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]

Commands Reference, Volume 5

sectoldif Command

Purpose

Prints users and groups defined locally to stdout in ldif format.

Syntax

sectoldif -d baseDN [ -S schematype ] [ -u username ]

Description

The sectoldif command reads users and groups defined locally, and prints the result to stdout in ldif format. If redirected to a file, the result can be added to a LDAP server with the ldapadd command or the db2ldif command.

The -S option specifies the schema type used for the ldif output. The sectoldif command accepts three schema types:

The sectoldif command is called by the mksecldap command to migrate users and groups during LDAP server setup. One needs to be extra cautious to migrate additional users and groups from other systems to the LDAP server using the sectoldif output. The ldapadd and db2ldif commands check only for entry name (user name or group name) but not for the numeric id when adding entries, migrating users and groups from multiple systems using sectoldif output may result in sharing of a numeric id by multiple accounts, which is a security violation.

Flags

-d baseDN Specifies the base DN under which to place the user and group data.
-S schematype Specifies the LDAP schema used to represent user/group entries in the LDAP server. Valid values are AIX, RFC2307, and RFC2307AIX. Default is AIX.
-u username Specifies to print a specific user.

Examples

  1. To print all users and groups defined locally, enter the following:
    sectoldif -d cn=aixsecdb,cn=aixdata -S rfc2307aix

    This prints all users and groups defined locally to stdout in ldif format. User entries and group entries are represented using the rfc2307aix schema type. The base DN is set to cn=aixsecdb, cn=aixdata.

  2. To print only locally defined user foo, enter the following:
    sectoldif -d cn=aixsecdb,cn=aixdata -u foo 

    This prints locally defined user foo to stdout in ldif format. Without the -S option, the default AIX schema type is used to represent foo's ldif output.

Files

Mode File
r /etc/passwd
r /etc/group
r /etc/security/passwd
r /etc/security/limits
r /etc/security/user
r /etc/security/environ
r /etc/security/user.roles
r /etc/security/lastlog
r /etc/security/smitacl.user
r /etc/security/mac_user
r /etc/security/group
r /etc/security/smitacl.group
r /etc/security/login.cfg

Related Information

The mksecldap and nistoldif commands.

[ Top of Page | Previous Page | Next Page | Contents | Index | Library Home | Legal | Search ]