22.4.7 Adding a Group to LDAP

If you configure users in user private groups (UPGs), define that group along with the user. See Section 22.4.8, “Adding a User to LDAP”.

To add a group to LDAP:

  1. Create an LDIF file that defines the group, for example employees-group.ldif:

    # Group employees
dn: cn=employees,ou=Groups,dc=mydom,dc=com
cn: employees
gidNumber: 626
objectClass: top
objectclass: posixGroup

  2. If you have configured LDAP authentication, use the following command to add the group to LDAP:

    # ldapadd -cxWD "cn=admin,dc=mydom,dc=com" -f employees-group.ldif
Enter LDAP Password: admin_password
adding new entry "cn=employees,ou=Groups,dc=mydom,dc=com"

    If you have configured Kerberos authentication, use kinit to obtain a ticket granting ticket (TGT) for the admin principal, and use this form of the ldapadd command:

    # ldapadd -f employees-group.ldif

  3. Verify that you can locate the group in LDAP:

    # ldapsearch -LLL -x -b "dc=mydom,dc=com" gidNumber=626
dn: cn=employees,ou=Groups,dc=mydom,dc=com
cn: employees
gidNumber: 626
objectClass: top
objectClass: posixGroup

For more information, see the ldapadd(1) and ldapsearch(1) manual pages.

Copyright © 2013, 2019, Oracle and/or its affiliates. All rights reserved. Legal Notices