University of Illinois/NCSA Open Source

download url:
home page url:

These scripts were written for an eDirectory implementation, and some features will only be useful on that platform.

The “home directory” feature will only be useful on Novell/eDirectory. Otherwise this script should be useful on any LDAP platform. We use it principally in conjunction with data moves from server to server, and so the home directory functionality is important. It also provides a simple and easy to use means of manipulating LDAP directories without the complexities of more powerful and sophisticated tools.
To use it a csv file containing two columns, one the cn attribute and the other A N other LDAP attribute is placed on the web server, and the application matches unique CNs and modifies the other attribute with the provided value. Duplicated CNs are skipped.

This script will probably only be useful on Novell/eDirectory as written, but could be modified for other platforms. Its designed to help with large organisation changes. A csv file contains a list of groups and usernames against each group. On running it the groups are created unless they already exist, and users are made members of the groups. Both the groupMembership and securityEquals attributes are populated for each user, and the member and equivalentToMe attributes are populated for each group. The script handles all the four attributes that must be changed to make eDirectory group membershp fully functional.

This script is very similar to dsgrpcrt above, but its intended
to work with MS AD groups and memberships, and will probably only be of
use with AD. The sAMAccountName attribute (pre Windows 2000 name) is
used to match objects, and the CN of the object can be set separately
from the source text file. In accordance with AD practice the group
membership is set only on the group object using the member attribute.

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.

Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment.  It just worked for at least one person, and perhaps it will be useful for you too.  Be sure to test in a non-production environment.

Leave a Reply

No Comments
By: jimc
Feb 26, 2010
10:00 am
Active Directory Authentication Automation Cloud Computing Cloud Security Configuration Customizing Data Breach DirXML Drivers End User Management Identity Manager Importing-Exporting / ICE/ LDIF Intelligent Workload Management IT Security Knowledge Depot LDAP Monitoring Open Enterprise Server Passwords Reporting Secure Access Supported Troubleshooting Workflow