Sun Java logo     Previous      Contents      Index      Next     

Sun logo
Sun Java System Directory Editor 1 2004Q4 SP1 Installation and Configuration Guide 

Chapter 4
Creating and Editing Objects

You can use the Create tab to create new users, groups, organizational units, domains, or localities. This chapter explains how to create each object, and the information is organized as follows:


Creating Objects

This section explains how to access the Create page and create objects using Directory Editor. The information is organized as follows:

Accessing the Create Page

You can access the Create Page using one of the following methods:

Each method opens the Create page shown in Figure 4-1.

Figure 4-1  Create Page

Select the new object type and specify the parent entry.

Creating Users

Use the following steps to create a new user:

  1. Select the Create tab.
  2. On the Create page (Figure 4-1), enable the User radio button.
  3. Indicate where to add the new user by typing the parent’s context information into the Parent Entry text field (or click Browse to locate the information).
    For example, to create the new user under People, you might enter:
  4. ou=People,dc=example,dc=com

  5. When you are done, click Continue (or press Enter/Return on your keyboard).

  6. Note

    Clicking the Cancel button clears the Parent Entry text box.


    A new Create page displays and defaults to the Quick Create tab (Figure 4-2).

    Figure 4-2  Quick Create Tab
    Use the Quick Create page to specify required attributes.

    • The Quick Create tab contains all of the required attributes you must provide to create the object. For example, to create an User object, you must enter a user name, first name, last name, and at least one common name for that user.
    • The other tabs on this page enable you to specify additional, but optional, information about the new user.
  7. You can proceed in one of two ways:
  8. When you are finished with the Create page (being sure to provide all required information), click Save to add the new user to the directory.

Completing the Common Attributes Tab

To provide general information about the new user, use the following steps:

  1. Select the Common Attributes tab and complete one or more of the following text boxes:

  2. Note

    • The program will automatically insert the user name, first name, last name, and common names if you entered them on the Quick Create tab ((more...) ).
    • Use the Add and Rem buttons located to the right of some attributes on this page to enter multiple values for those attributes or to remove values. For example, you might want to enter multiple telephone numbers (work, mobile, and home).

    • User Name: Enter the user name (uid).
    • First Name (required): Enter the user’s first name.
    • Last Name (required): Enter the user’s last name.
    • Common Name: Enter at least one common name if it is different from the user’s first name.
    • For example, Kimberly Jones may prefer being called “Kim Jones.”

    • Password: Type a password for the new user.
    • Confirm Password: Re-type the password to confirm it.
    • Email: Enter the user’s email address.
    • Telephone Number: Enter the user’s telephone number.
    • Mobile Phone: Enter one or more mobile telephone numbers.
    • Pager: Enter one or more pager numbers.
    • Facsimile Telephone Number: Enter one or more fax numbers.
    • Department #: Enter the user’s department number.
    • Employee #: Enter the user’s employee number.
    • Employee Type: Enter information about the user’s employment status (such as salaried, contract, part-time, and so forth).
    • For example, if you are creating a new user named Mike Miller, your page might look something like the one in the following figure.

      Figure 4-3  Mike Miller’s Common Attributes
      Example Common Attributes page

  3. When you are finished with this tab, you can
    • Select another tab to provide additional information.
    • Click Save to save the new information to the directory.
    • Click Cancel to clear the Common Attributes text boxes.

Completing the Group Membership Tab

To assign a new user to specific groups, use the following steps:

  1. Select the Group Membership tab.
  2. Use the Groups selection tool as follows:

  3. Tip

    Press the Shift key on your keyboard, and then click on group names to select multiple names in either list.


    • To add to one or more groups to the In Use list, select the group names in the Available list and click the button.
    • To move all available groups to the In Use list, click the button.
    • To move all groups in the In Use list back to the Available list, click the button.
    • To move one or more groups back to the Available list, select the group names in the In Use list and click the button.
    • For example, to assign Mike Miller to the Directory Administrators group and the QA Managers group, select those two groups from the Available list and add them to the In Use List, as shown in the following figure:

      Figure 4-4  Example Group Membership Tab
      Use the Group Membership tab to assign users to a group.

  4. When you are finished with this tab, you can
    • Select another tab to provide additional information.
    • Click Save to save the new information to the directory.
    • Click Cancel to clear your changes and return to the initial Create page.

Completing the Location Info Tab

To specify the new user’s physical location in the company, use the following steps:

  1. Select the Location Info tab.
  2. Type the following information in the text boxes provided:
    • Postal Address: Enter the user’s mailing address.
    • Mail stop: Enter the user’s company mail stop.
    • Postal Code: Enter the user’s mailing address postal code (zip code).
    • For example, you might enter the following information for Mike Miller:

      Figure 4-5  Example Location Information
      Example Location Information

  3. When you are finished with this tab, you can
    • Select another tab to provide additional information.
    • Click Save to save the new information to the directory.
    • Click Cancel to clear the text boxes.

Completing the Misc Attributes Tab

To provide additional information about the new user, use the following steps:

  1. Select the Misc Attributes tab.
  2. Type the following information in the text boxes provided:
    • Photo URL: Enter a URL location where the user’s photograph can be viewed.
    • Home Phone: Enter one or more home telephone numbers.
    • Home Address: Enter the user’s home address.
    • Auto License: Enter the user’s automobile license number.
    • For example, you might enter the following information for Mike Miller:

      Figure 4-6  Example Misc Attributes Tab
      Use the Misc Attributes page to specify some miscellaneous attributes for a new user.


      Note

      If the new user has multiple home phones or cars, click the Add button to create new, blank text boxes so you can enter the additional numbers. Repeat as many times as necessary.

      If you add new fields, Rem buttons will also display next to each field (as shown in the following figure). Click the Rem button to remove extra fields.

      Use the Add and Rem buttons to add and remove certain fields on the Misc Attributes tab.


  3. When you are finished with this tab, you can
    • Select another tab to provide additional information.
    • Click Save to save the new information to the directory.
    • Click Cancel to clear the text boxes.

Completing the Extensions Tab

Use the Extensions tab to specify additional attributes to be made available for the new user.


Note

The inetOrgPerson, organizationalPerson, person, and top extensions are in use by default.


To specify extensions, use the following steps:

  1. Select the Extensions tab.
  2. Use the Extensions selection tool as follows:

  3. Tip

    Press the Shift key on your keyboard, and then click on group names to select multiple names in either list.


    • To add to one or more extensions to the In Use list, select the extension name(s) in the Available list and click the button.
    • To move all available extensions to the In Use list, click the button.
    • To move all extensions in the In Use list back to the Available list, click the button.
    • To move one or more extensions back to the Available list, select the extension name(s) in the In Use list and click the button.
    • For example, you might want to select Mail User:

      Figure 4-7  Example Extensions Tab
      Use the Extensions selection tool to provide additional information about a new user.


      Note

      When you add Mail User, NT User, and/or UNIX User extensions to the In Use List, Directory Editor adds tabs to the Create page so you can provide additional information related to those extensions. See the following sections for instructions:


  4. When you are finished with this tab, you can
    • Select another tab to provide additional information.
    • Click Save to save the new information to the directory.
    • Click Cancel to clear the text boxes.

Completing the Mail User Tab

Use the Mail User tab to provide detailed information about the new user’s Mail account, as follows:


Note

  • The program will automatically insert cn, mail, uid, and userPassword values based on the information you entered on the Quick Create tab (page 4-35), and on the Common Attributes tab (page 4-36).
  • For detailed information about specifying the attributes on this page, consult the Sun Java™ System Directory Server 5 2004Q2 Administration Reference.

  1. Select the Mail User tab.
  2. Enter the following user information:
  3. Table 4-1  Mail User Attributes  

    Attribute Name

    Description

    cn

    User’s common name

    mail

    User’s primary email address

    mailAlternateAddress

    Alternate email addresses

    mailHost

    Fully qualified DNS hostname of the user’s email host

    mailRoutingAddress

    Forwarding email address for the user

    mailAccessDomain

    One or more domains, server names, or IP address the user can use to log on via POP or IMAP

    mailAutoReplyMode

    Auto-reply mode (For example, vacation)

    mailAutoReplyText

    An automatic email reply message

    mailDeliveryOption

    How the user’s email should be delivered

    mailForwardingAddress

    Forwarding email address

    mailMessageStore

    Absolute path to the email host directory that contains the message store where the user's mailbox resides

    mailProgramDeliveryInfo

    One or more commands to specify programmed mail delivery for the user

    mailQuota

    Value to indicate the maximum disk space (in bytes) available to the user’s mailbox

    multiLineDescription

    Description of the user

    uid

    User’s user ID

    userPassword

    Temporary email password

    userPassword Confirmation

    Confirm password.


    Note

    To add multiple email addresses, click the Add button located next to the mail text field. To remove an email address, click the Rem button.


    For example, you might enter the following information for Mike Miller:

    Figure 4-8  Example Mail User Tab
    Use the Mail User page to provide information about a new mail user’s account.


    Note

    • If the new user has multiple email addresses, click the Add button to create new blank fields so you can enter the additional addresses. Repeat as many times as necessary.
    • When you add new fields, Rem buttons are also displayed next to each field. Click the Rem button to remove extra fields.

  4. When you are finished with this tab, you can
    • Select another tab to provide additional information.
    • Click Save to save the new user information to the directory.
    • Click Cancel to clear the text boxes.
Completing the Default NT User Tab

Use the Default NT User tab to define entries for the new user that describe the user’s Windows NT account.

To specify these entries, use the following steps:

  1. Select the Default NT User tab.
  2. Enter the following user information:

  3. Note

    • NT User Id is the only required attribute on this tab.
    • For detailed information about specifying the attributes on this page, consult the Sun Java™ System Directory Server 5 2004Q2 Administration Reference.

    Table 4-2  NT User Attributes  

    Attribute Name

    Description

    NT User ID

    User’s NT domain name

    Comment

    Description about user’s NT account

    User Workstation List

    NT workstations user can log into within your NT domain

    Home Drive

    Drive letter assigned to user’s home directory

    Home Directory

    User’s NT home directory

    Server

    Server to which user's NT logon requests are sent

    User Profile Path

    Path to user’s Windows NT profile

    Logon Script

    Path to user's NT login script

    For example, you might enter the following information for Mike Miller:

    Figure 4-9  Example NT User Tab
    Use the Default NT User Form to provide information about a user’s NT account.

  4. When you are finished with this tab, you can
    • Select another tab to provide additional information.
    • Click Save to save the new user information to the directory.
    • Click Cancel to clear the text boxes.
Completing the UNIX User Tab

Use the UNIX User tab to provide detailed information about the new user’s UNIX account, as follows:


Note

  • The program automatically inserts values you entered on the Quick Create tab (page 4-35) and the temporary user password you entered on the Common Attributes tab (page 4-36).
  • For detailed information about specifying the attributes on this page, consult the Sun Java™ System Directory Server 5 2004Q2 Administration Reference.

Table 4-3  Unix User Attributes

Attribute Name

Description

cn

User’s common name

uid

User’s user ID

uidNumber

Value that uniquely identifies the user in your
administrative domain

gidNumber

Value that uniquely identifies the user’s group in your administrative domain

homeDirectory

Absolute path to user’s home directory

userPassword

Temporary password for new user

userPassword Confirmation

Confirm password

loginShell

Path to user’s login shell

gecos

GECOS field (or common name)

description

Information about user, such as work assignment

For example, you might enter the following information for Mike Miller:

Figure 4-10  Example UNIX User Tab

Use the Unix User Form to provide information about a user’s Unix account.

Creating Groups

Use the following steps to create a new group object in the directory:

  1. From the Create tab, enable the Group radio button.
  2. Indicate where to add the new group by typing the parent’s context information into the Parent Entry text field as shown in Figure 4-11 (or click Browse to locate the information).
  3. For example, you might enter:

    ou=Groups,dc=example,dc=com

    Figure 4-11  Create Page
    Select the New Object Type and specify the Parent Entry.

  4. When you are finished, click Continue.

  5. Note

    The Cancel button clears the Organization text box.


    The Quick Create page is displayed (see Figure 4-12).

    Figure 4-12  Quick Create Tab
    Use the Quick Create page to specify a name for a new Static Group.


    Note

    • By default, you will be creating a static group object (an object with the groupOfNames or groupOfUniqueNames object class). However, you can also create dynamic group objects (a group that determines membership at any given moment using a set of LDAP search filters). For instructions, see Completing the Dynamic Group Tab.
    • The Quick Create tab contains all of the attributes you must provide to create the selected object type. For example, to create a Group, you must enter a Static Group name.
    • The other tabs on this page enable you to specify additional, but optional, information about the object.

  6. You can proceed in one of two ways:
    • Type a name in the Name text box provided on the Quick Create tab to create the new group, and then click Save.
    • Now, if you click the Groups node on the Browse page, the new group name is displayed in the tree.

    • After providing the required information, select one or more of the other tabs on the Create page to provide additional information about the new group.
    • The following sections provide instructions for completing each tab on the
      Create page:

  7. When you are finished entering the new information on the Create page (being sure to provide all required information), click Save to add the new group to the directory.

Completing the Static Group Tab

A static group is a mail group defined statically by enumerating each group member.

You can use the Static Group tab to perform the following tasks:

Adding Members to the Group

To perform any of these tasks, use the following steps:

  1. Select the Static Group tab.
  2. Figure 4-13  Static Group Tab
    Use the Static Group page to specify the name of a new group, and to add, remove, and show members in the group.

  3. If you specified a group name on the Quick Create tab, Directory Editor automatically completes the Name text box.
  4. If you have not yet provided a name (or want to change the current name) enter a name in the text box.

  5. Click the Add Members button and a Search page is displayed.
  6. Figure 4-14  Search For Members to Add to the Group Search Page
    Use this Search page to configure Basic, Advanced, or Filtered searches and to search the directory.

  7. You can use the Basic Search, Advanced Search, or Filtered Search tabs to search the directory for members to add to this new group.

  8. Note

    Detailed instructions for using these tabs are provided in Chapter 6, "Searching Directories."


    To illustrate the procedure using the Basic Search tab, use one of the following methods:

    • To search for a particular member: Type the member’s name into the Enter the name of a User, Group, or Organizational Unit text box, use the Search Type menu to select the object type, and then click Search.
    • For example, enter Jones in the text box and select User (or All). Directory Editor will return all members named Jones.

    • To search for all the members: Leave the text box blank, use the Search Type menu to select the object type, and then click Search.
    • For example, if you do not know the name of the member to search for, leave the text box empty and select User (or All). Directory Editor will return all User members.

  9. When the Results table displays, enable the checkbox(es) next to the member(s) you want added to the new group.
  10. Click the Add Selected To Group button.
  11. Directory Editor will add the selected member(s) to the new group and return you to the Static Group tab.


    Note

    The Number of Members value will not change to reflect the number of members added to the group until you click Save to save your changes.


  12. You can proceed in several ways:
    • If you are finished adding members to the group (and you have no other tasks to perform on this page), click Save to save your changes.

    • Note

      Directory Editor does not save the new members to the directory until you click the Save button on the Static Group page.


      Directory Editor returns you to the Browse page so you can verify that the new group was added with the specified members.

    • Click Add Members to continue adding members to the new group.
    • Click Remove Members and continue to Removing Members from the Group to remove members from the group.
    • Click Show Members and continue to Showing Members in the Group to view the existing members of the group.
    • Click the Import/Export tab and continue to Completing the Import/Export Tab to import or export members to your group.
    • Click the Dynamic Group tab and continue to Completing the Dynamic Group Tab to create extensions for your group.
Removing Members from the Group

To remove members from a Group:

  1. Select the Static Group tab.
  2. Click the Remove Members button.
  3. When the Results table displays, enable the checkbox(es) to indicate which member(s) you want to remove from the group’s membership list, and then click the Remove Selected From Group button.
  4. Figure 4-15  Removing A Member from the Group
    Use this Search page to locate members you want to remove from a group.

    Directory Editor removes the selected member(s) from the group and returns you to the Static Group tab. Note that the Number of Members value has been updated to reflect the number of members currently in the group.


    Note

    • Directory Editor does not actually remove the members from the directory until you click the Save button on the Static Group page.
    • When you use the Remove Members feature to remove members in a group, it is possible to retrieve results for entries that do not really exist in the directory. This situation occurs if the member or uniqueMember attribute of groupOfNames or groupOfUniqueNames contains values that are not valid DNs.
    • A checkbox is displayed for invalid DNs. In addition, to denote a row with an invalid DN, Directory Editor displays the member name in red with an error icon.

  5. You can proceed in several ways:
    • If you are finished removing members (and you have no other tasks to perform on this page), click Save to save your changes. Directory Editor returns you to the Browse page so you can verify your changes.
    • Click Add Members and return to Adding Members to the Group to add members to the group.
    • Click Show Members and continue to Showing Members in the Group to view the existing members of the group.
    • Click the Import/Export tab and continue to Completing the Import/Export Tab to import or export members to your group.
    • Click the Dynamic Group tab and continue to Completing the Dynamic Group Tab to create extensions for your group.
Showing Members in the Group

After creating and saving a new group, you can use the Show Members button to search for members within that group.

To view a list of current group members, use the following steps:

  1. Click the Show Members button.
  2. The Search For Members in Group page displays with the group members listed in a Results table located at the bottom of the page.

  3. When you are finished, click OK to return to the Static Group page.

  4. Note

    When you use the Show Members feature to search for group membership, it is possible to retrieve results for entries that do not really exist in the directory. This situation occurs if the member or uniqueMember attribute of groupOfNames or groupOfUniqueNames contains values that are not valid DNs.

    To denote a row with an invalid DN, Directory Editor displays the member name in red with an error icon.


Completing the Import/Export Tab

When you are creating a new group, Directory Editor allows you to import group members using the Import/Export tab on the Group page.

Figure 4-16  Importing Members

Use the Import page to import members to a new group.

When you import group members, Directory Editor expects a newline-delimited text file with a member DN on each line. (Directory Editor ignores empty lines and lines starting with the pound sign (#).)

To import members from a file:

  1. Type the file name into the text box provided or click Browse to open a File Upload dialog box so you can locate and select the file name.
  2. Enable on of the following checkboxes:
    • To import members (even if they are not found in the Directory Server), enable the Import members not found in directory? check box.
    • To replace existing group members with members in the file (instead of adding members in the file to the existing group members), enable the Replace existing members? check box. This feature is available for both group creates and edits. Directory Editor does not save import changes to the directory until you save the group.
  3. When you are ready, click Import Members to import the file.
  4. Click Save to save the new group members to your directory.

Completing the Dynamic Group Tab

You can use the Dynamic Group Tab to perform the following tasks:

Dynamic groups are often used to control access to applications and other data in the directory.

A dynamic group uses a set of LDAP search filters to determine membership in the group at any given moment. A dynamic group object consists of the groupOfURLs object class, a name (cn), and a multi-valued attribute (memberURL) containing all of the LDAP URLs that specify the search criteria.

These LDAP URLs contain information about which directory server to search, the scope of the search, the base context of the search, which attributes to return for the search, and the search filter.

For example, you might specify a dynamic group called Contractors, where the membership is determined by the employeeType equaling Contractors. For this example, the LDAP URL might be:

ldap://example.sun.com:389/ou=People,dc=com??sub?(employeeType=Contractors)

Instructions for adding, editing, and removing filters are provided in the following sections:

When you are finished with the Dynamic tab, you can

Specifying a Dynamic Group Name

To create a dynamic group, select the Dynamic Group tab and enter a name for the new group in the Name text box.

Adding Filters

To add a filter for the dynamic group,

  1. Select the Dynamic Group tab.
  2. Click Add Filter and use the Advanced Search or Filtered Search tabs to configure a search filter.

  3. Note

    Detailed instructions for using the Advanced Search and Filtered Search tabs are provided in Chapter 6, "Searching Directories."


    For example, to add a filter for the Contractors group, you might specify the following parameters on the Advanced Search tab:

    • Select Type: User
    • Base Context: ou=People,dc=example,dc=com
    • Search Conditions:
      • Attribute: employeeType
      • Condition: contains
      • Value: contractor
  4. When you are finished specifying the filter criteria, you can click the Test button to verify that your filter works as planned.
  5. The results of your filter will display in a Results table. For example:

    Figure 4-18  Example Results Table
    Using the Test button to test a search filter.

  6. If the test is satisfactory, click Save.
Editing Filters

To edit a filter, use the following steps:

  1. On the Dynamic Group Form, enable the checkbox next to the filter you want to edit.
  2. Click the Edit Selected button to edit the group filter.
  3. When the Edit page is displayed, change the search parameters as necessary.
  4. You can click Test to verify that your filter works as planned.
  5. If you are satisfied with your changes, click Save to save the filter.
Removing Filters

To remove a filter, use the following steps:

  1. On the Dynamic Group Form, enable the checkbox next to the filter(s) you want to remove.
  2. Click the Remove Selected button to remove the filter.
  3. Click Save.
  4. Directory Editor will remove the filter and save the change to the directory.

Creating Organizational Units

Use the following steps to create a new organization:

  1. From the Create tab, enable the Organizational Unit radio button.
  2. Indicate where to add the new organization until by typing the parent’s context information into the Parent Entry text field (or click Browse to locate the information). For example, you might enter:
  3. ou=Groups,dc=example,dc=com

  4. When you are finished, click Continue.

  5. Note

    The Cancel button clears the Organization text box.


    The Quick Create page is displayed (see Figure 4-19).

    Figure 4-19  Quick Create Tab
    Using the Quick Create page to specify a new organizational unit.

  6. You can proceed in one of two ways:
    • The Organization Name is the only required attribute for this object type.
      Type a name in the text box provided, and then click Save.
    • Directory Editor saves the new organizational unit and the Browse page is displayed. The new name will be displayed in the tree.

    • After providing the required information, you can select one or more of the other tabs to provide additional information about the new object.
    • The following sections provide instructions for completing each tab on the Create page:

  7. When you are finished entering the new information on the Create page (being sure to provide all required information), click Save to add the new organizational unit to the directory.

Completing the Common Attributes Page

Use the Common Attributes page (Figure 4-20) to provide the following information about the new organizational unit:

Completing the Locality Page

Use the Locality page (Figure 4-21) to provide the following information about the new organizational unit:

Completing the Other Page

Use the Other Page to provide miscellaneous information about the new organizational unit, as follows:

Creating Domains

Use the following steps to create a new domain in the directory:

  1. From the Create tab, enable the Domain radio button.
  2. Indicate where to add the new domain by typing the parent’s context information into the Parent Entry text field (or click Browse to locate the information). For example, you might enter:
  3. dc=example,dc=com

  4. When you are finished, click Continue (or press your Enter/Return key).

  5. Note

    The Cancel button clears the Organization text box.


    The Quick Create page is displayed. (see Figure 4-22).

    Figure 4-22  Quick Create Page
    Using the Quick Create page to specify a new domain name.

  6. You can proceed in one of two ways:
    • The Domain Name is the only required attribute for this object type.
      Type a name in the text box provided (for example testDC), and then click Save.
    • Directory Editor saves the new domain name to the directory and the Browse page is displayed.

    • After providing the required information, you can select one or more of the other tabs to provide additional information about the new domain.
    • The following sections provide instructions for completing each tab on the
      Create page:

  7. When you are finished entering the new information on the Create page (being sure to provide all required information), click Save to add the new domain to the directory.

Completing the Common Attributes Page

Use the Common Attributes page to provide the following information about your domain:

Completing the Locality Page

Use the Locality page to provide the following information about the new organizational unit:

Completing the Other Page

Use the Other Page (Figure 4-23) to provide miscellaneous information about the new domain.

Figure 4-23  Other Page

Use the Other Create page to provide additional information about the new domain.

Complete this page as follows:

Creating Localities

Use the following steps to create a new locality:

  1. From the Create tab, enable the Locality radio button.
  2. Indicate where to add the new locality by typing the parent’s context information into the Parent Entry text field (or click Browse to locate the information). For example, you might enter:
  3. dc=example,dc=com

  4. When you are finished, click Continue (or press your Enter/Return key).

  5. Note

    The Cancel button clears the Organization text box.


    The Quick Create page is displayed (see Figure 4-24).

    Figure 4-24  Quick Create Tab
    Using the Quick Create page to specify a new locality.

  6. You can proceed in one of two ways:
    • The Locality Name is the only required attribute for this object type.
      Type a name in the text box provided, and then click Save.
    • Directory Editor saves the new locality name and the Browse page is displayed. The new Locality name will be displayed in the tree.

    • After providing the required locality name, select the Common Attributes tab to specify additional information about the locality. (Go to Step 1.)
  7. Select the Common Attributes tab.
  8. Type the following information in the text boxes provided:
    • Locality Name (required): Enter a name for the new locality.

    • Note

      Directory Editor automatically completes this field if you provided a Locality Name on the Quick Create tab.


    • Street Address: Enter the street and city address for this locality.
    • State/Province: Enter the state or province for this locality.
    • Description: Enter a description of the locality.
    • Search Guide: Enter suggested search criteria if you are using the entry as the base object in the directory tree for a search operation.
    • See Also: Enter another Directory Server entry that may contain information related to this entry.
    • For example, you might enter the following information for a North American sales office:

      Figure 4-25  Locality Common Attributes Page
      Specifying Common Attributes for a new locality.

  9. When you are finished with this tab, you can
    • Click Save to save the new information to the directory and return to the initial Create page.
    • Click Cancel to clear the text boxes and return to the initial Create page.


Editing Objects


Note

  • Most of the procedures for editing an object’s attributes are the same as those you used to create the object. Review the instructions provided in Creating Objects if necessary.
  • If you are editing an object with attributes that are not in the schema for the object's object classes, Directory Editor will display those attributes on the Other tab.

    To move these attributes to a different tab, you must edit the form for that object class.

  • After a user logs in, Directory Editor will not allow them to delete, disable, or rename the object (dn) they used to login.
    If they try to change the object an error message will result.

This section explains how to access the Edit pages and provides instructions for enabling/disabling, renaming, and deleting objects using Directory Editor. The information is organized as follows:

Accessing an Edit Page

You can access the Edit pages, using one of the following methods:

Importing and Exporting Group Members

When you edit a group, Directory Editor allows you to import and export group members using the Import/Export tab on the Group form.

Figure 4-30  Import/Export Tab

Use the Import/Export page to export your current configuration  to a file or to import a configuration from a file.

Exporting Group Members

When you export group members, you download all of the member DNs to a newline-delimited text file.

To export group members:

  1. Select the Import/Export tab and then click the Download Members button.
  2. When the Opening <group_name>.txt dialog box is displayed, (Figure 4-31), enable one of the radio buttons to indicate how your browser should handle the file.
  3. Figure 4-31  Specifying How Your Browser Should Open the File
    Use this dialog box to indicate how your browser should handle the export file.

    • Open it with the default application (for example, txtfile)
    • Open it with (You must enter an application name in the text field provided.)
    • Save it to disk (You must specify a file name and specify a folder in which to save the file.)
  4. After making your selection, click OK to close the dialog box.
  5. Click Save to save the exported group file to your directory.

You should now be able to open the .txt file in any standard text editor (such as Microsoft Notepad). At this point, you can edit the file, and then import it using the instructions provided in the next section, or store the file for backup purposes.

Importing Group Members

When you import group members, Directory Editor expects a newline-delimited text file with a member DN on each line. (Directory Editor ignores empty lines and lines starting with the pound sign (#).)

To import members from a file:

  1. Type the file name into the text box provided or click Browse to open a File Upload dialog box so you can locate and select the file name.
  2. Enable on of the following checkboxes:
    • To import members (even if they are not found in the Directory Server), enable the Import members not found in directory? check box.
    • To replace existing group members with members in the file (instead of adding members in the file to the existing group members), enable the Replace existing members? check box. This feature is available for both group creates and edits. Directory Editor does not save import changes to the directory until you save the group.
  3. When you are ready, click Import Members to import the file.
  4. Click Save to save the new group members to your directory.

Enabling or Disabling Objects

You use the Enable and Disable buttons to activate or inactivate a user account for the Sun Directory Server. Once inactivated, a user cannot bind to the directory and the authentication operation will fail.


Note

When you create an object, it is enabled in the directory by default. However, if you disabled the object at some point, you may need to re-enable it again.


To enable or disable an object in the directory, use the following steps:

  1. Open the Enable page or the Disable page using one of the following methods:
    • Select the Browse tab, enable a checkbox to the left of the node in the Browse tree, and then click the Enable or Disable button.
    • Figure 4-32  Enable the Checkbox in the Browse Tree
      Enable the checkbox to select the object you want to enable or disable.

    • Select the Search tab and search for the object to edit. When the Results table is displayed, enable the checkbox to the left of the object name, and then click the Enable or Disable button.
    • Figure 4-33  Click the Object Name in the Results Table
      Enable the checkbox to select the object you want to  enable or disable.

      The Enable or Disable page is displayed as shown in the following figure:

      Figure 4-34  Example Enable/Disable Pages
      Example Enable and Disable pages

  2. You are prompted to confirm the action.
    • Click Enable or Disable (whichever is appropriate) to continue.
    • Click Cancel to return to the Search page without making any changes to the object.

Renaming Objects

To rename an object, use the following steps:

  1. Open the Rename page using one of the following methods:
    • Select the Browse tab, enable a checkbox to the left of the object in the Browse tree, and then click the Rename button.
    • Figure 4-35  Enable the Checkbox in the Browse Tree
      Enable the checkbox to select the object you want to  rename.

    • Select the Search tab, search for the object to edit, enable the checkbox to the left of the object name in the Results table, and then click the Rename button.
    • Figure 4-36  Enable the Object in the Results Table
      Enable the checkbox to select the object you want to  rename.

      The Rename page is displayed as shown in the following figure:

      Figure 4-37  Rename Page
      Use the Rename page to specify a new name for the selected object.

  2. Enter a new DN name in the text box provided.
  3. Click the Rename button.
  4. Figure 4-38  Example Rename Page
    Example Rename page

  5. If the object has children, Directory Editor provides a checkbox and asks if you want to rename the children. Enable this checkbox to rename the children.

Directory Editor renames the object (and children) and returns you to the Browse page so you can verify the change.

Deleting Objects

If you want to delete an object you have created, use the following procedure:

  1. Select the Browse tab.
  2. Enable the checkboxes located to the left of the object(s) you want to delete.
  3. The Enable, Disable, and Delete buttons located above the Browse tree will become active.

    Figure 4-39  Deleting Objects
    Enable the checkbox to select the object you want to delete, and then click the Delete button.

  4. Click the Delete button.
  5. The Delete page is displayed. You are asked to confirm whether to delete the selected object(s) and the children of the selected object.

  6. When you are ready, click the Delete button to delete the selected object(s).
  7. Directory Editor immediately removes the object (and children if specified) and then returns you to the Browse page.



Previous      Contents      Index      Next     


Part No: 819-1701.   Copyright 2004 Sun Microsystems, Inc. All rights reserved.