Valid on UNIX
The ldap2seos utility extracts users from an LDAP database located at the server host and adds them to the CA ControlMinder database.
Important! CA ControlMinder lets you use LDAP users directly without importing them if the LDAP user store is used by the operating system, that is, it is an enterprise user store. Consider using this functionality of CA ControlMinder instead of the ldap2seos utility.
The ldap2seos utility extracts information from an LDAP server about the defined users. The extracted information is automatically used to execute selang commands to add the users to the database. The generated commands are also printed to the standard output and saved automatically to the file named /tmp/ldap2seos.tcl.log.
This utility requires access to a TCL shell environment. The ldap2seos script assumes that the TCL shell path is /usr/local/bin/tclsh. If the TCL shell is placed elsewhere, change the first line in the script.
For the utility to work correctly, CA ControlMinder must be running. The utility updates the database, so it must be run by a user with the ADMIN privilege. This user must also be authorized in the LDAP database settings to make the search query.
This script has the following format:
ldap2seos [options]
Specifies the LDAP field name containing the user ID for CA ControlMinder.
If the UNIX user ID is in the LDAP userid field, this option is unnecessary.
If the UNIX user ID is assigned to an LDAP field other than the userid field, specify the LDAP field as account‑field and the LDAP userid field is ignored.
Note: If the script cannot find the userid, users are not uploaded to the CA ControlMinder database.
Specifies the base entry, in the LDAP database, from which the users are taken. The entry must be valid inside the LDAP database. If the base entry is omitted, LDAP uses the default base entry to provide the users.
Specifies an entry name to be used with the ‑w switch to authenticate to LDAP as another user; mostly needed to log into LDAP as admin user.
Specifies a file to which data retrieved from the LDAP server may be temporarily stored.
Displays help for this utility. The screen contains a listing and explanation of ldap2seos usage and options.
Specifies the name of the host where the LDAP database is located. The default is the local host.
Specifies the directory containing the line command utilities that are assumed to be in the bin subdirectory. The default is /usr/local/ldap.
Specifies the port LDAP uses for connections. The default is port 389.
Identical to ‑h, displays help. The screen contains a listing and explanation of ldap2seos usage and options.
Specifies the user password. To be used with the ‑d option where authentication is required to access the LDAP database.
Example: Extract User Information
The following command extracts information about users from the LDAP database at host myhost.mysite.com and tries to add them to the CA ControlMinder database.
ldap2seos ‑h myhost.mysite.com
Copyright © 2013 CA Technologies.
All rights reserved.
|
|