Related Tips & Info

Group Fix Tool

jwilleke
0 Likes
over 14 years ago

download url: http://ldapwiki.willeke.com/attach/GroupFixTool/GroupFix.jar



home page url: http://ldapwiki.willeke.com/Wiki.jsp?page=GroupFixTool



NDS Groups have some peculiar items that make adding a user to a group more difficult than it appears.
The Group Fix tool will fix these "peculiar items" on a single or all groups.


The Group Fix Tool performs the following:


  • Reads the Group's "member" attribute values
  • Adds any values from Group's "member" attribute to the "equivalentToMe" value if they are missing.
  • Checks each user entry in the Group's "member" attribute value and adds the group's DN to the "GroupMembership" and "securityEquals" attributes of the user entry.

What the tool does NOT do:


  • Never adds a user entry to a Group's "member" attribute.

  • Never removes any values from entry to a Group's "equivalentToMe" attribute.
  • Never removes any values from entry to a User's "GroupMembership" attribute.
  • Never removes any values from entry to a User's "securityEquals" attribute.



Group Fix Tool Usage



Usage: java GroupFix [ -dvA ] [ -e <keystore> ] [ -h <host> ] [ -p <port> ] [ -Z <encrypted connection> ] 
   -D <the DN of the object used for authentication> [ -w <bind password> ] [ -G <groupDN> ]

    -d    enable API debug output - Default=false
    -e    Path to a Java Keystore.  A valid certificate in the keystore enables
          an encrypted TLS connection.  See also the -Z option. - Default=""
    -h    host name or IP address.  A port can  be specified with the
          host name as hostname:port, i.e. myhost:389.  See also
          the -p option - Default="localhost"
    -p    host IP port number.  See also the -h option - Default=389
    -v    enable verbose output - Default=false
    -Z    sets the type of encrypted connection.  A Keystore must be specified
            with the -e option to enable an encrypted connection.
            SSL   - Establishes an encrypted connection using
                    SSL.  The default port is 636
            TLS   - Establishes an encrypted connection using
                    TLS.  The default port is 389 - Default="TLS"
    -D    cn=admin,ou=administration,dc=willeke,dc=com - Required Argument
    -w    the password for the DN of the object used for authentication - Default=""
    -G    the baseDN where groups are or the FDN of a single group - Default="dc=willeke,dc=com"
    -A    True if we should fix ALL groups or false if to fix a single group - Default=false


So running:

java -jar GroupFix.jar -dvA -h 192.168.1.4 -p 389 -D cn=admin,ou=administration,dc=willeke,dc=com -w secret -G ou=groups,dc=willek,dc=com

Would be (d)ebug output, (v)erbose output (A)ll groups on (h)ost 192.158.1.4 on (p)ort 389 binding as (-D) cn=admin,ou=administration,dc=willeke,dc=com with a password of (-w) secret and fixing all (G)roups that are in the container "ou=groups,dc=willek,dc=com"



Labels:

Collateral
Comment List
Anonymous
Related Discussions
Recommended

Resources

Support
Documentation
Training
Partner Portal
Contact us
Compliance
Help
Company
Privacy Policy
Terms of Use
Accessibility
Anti-Slavery Statement
Support
How To Buy
Careers
Investor Relations
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.