–S specifies the naming service repository to use. The choices are files to store account information locally or ldap to have the information managed by LDAP.
–q specifies the hostname or netgroup to use for the attributes maintained in the user_attr LDAP container. This option applies only to existing accounts that are maintained by the LDAP name service.
–R specifies the URI to connect to a remote RAD server.
All the following sample commands open the useradm interactive window.
$ useradm add -S files jdoe
$ useradm modify -S ldap jsmith
Modifying user jack's account information in LDAP so that the attributes are applicable only when the user is using the system with the host name system1.
$ usermod modify -S ldap -q system1 jack
Likewise, the following commands connect to a remote server and run useradm interactively. Ensure that the rad:remote SMF service is enabled.
Starting the useradm application locally while specifying a remote RAD server.
$ useradm modify -S ldap -R ssh://login-name@server email@example.com
Starting the useradm application directly on the remote server.
$ ssh joe@server -t useradm modify jane
Using two systems to manage user accounts remotely.
$ ssh -t jane@server1 useradm modify -R rads://jean@server2?auth=pam mary
In this example, the application is started on one server to modify a user on another server. The user account to log in to the server specified with –R option – jean in this example – is used to manage mary's account settings. Ensure that jean is assigned either the User Security rights profile or has the solaris.auth.delegate authorization on server2.