Before you can create group entries, a number of entries must already exist:
The two domain entries (OSI and DC trees)
The Group organizational unit entry
The subscriber entries (under the People node) that will become the members of the group.
Once you have created those entries, you can start a text file (for example, groups.ldif) and enter the data for the group. A typical data set looks like the following:
dn: cn=isp-gp1,ou=Groups,ou=wcgate1,ou=eng,o=sun,c=US cn: isp-grp1 objectclass: groupOfNames member: cn=Ed Anchor (anchor),ou=People,ou=wcgate1,ou=eng,o=sun,c=US member: cn=April Shower (showers),ou=People,ou=wcgate1,ou=eng,o=sun,c=US member: cn=Chili Jones (relleno),ou=People,ou=wcgate1,ou=eng,o=sun,c=US
Where
Is the distinguished name of the group to be created.
Is the relative distinguished name of the group entry.
The object class groupOfNames distinguishes this type of entry.
Each member attribute takes as its value the distinguished name of an existing subscriber entry.
You can create any number of group entries by adding data to the file. When it is complete, save and close groups.ldif. Obtain root access and add the groups to the directory with the following command, replacing the bind DN and password with your own:
# ldapadd -D "cn=admin,o=sun,c=US" -w password -f groups.ldif