On Wed, 10 Oct 2007 09:56:58 -0700 Georges Khairallah
<email@hidden> wrote:
> So it's looking like there are some tools to generate this
> information. Now I just have to figure out if I'm able to use these
> tools on a Mac and get their output in my software.
>
> It really does sound like I'm totally hooked on UMRA to do this, but
> this is mostly because I've already established a lot of
> infrastructural stuff with it, and I'd like to keep using it for
> that. The Devel team of the software is even willing to work with me
> to get mac functionality integrated better with it. Now my challenge
> is to try to understand a bit better the inner working of Mac OD in
> order to accomplish this.
>
Ok, I found the script where I do it without dscl for most of the work
(which is a pain to script with expect). I run these from a linux
machine using Net::LDAP to make standard connections. The process is
something like this:
1. Create a uuid using the perl Data::UUID module and put it in as the
apple-generateduid attribute
2. Create an array with the standard attributes needed (sn, givenname,
uidnumber, gidnumber, uid, cn, objectclasses, and mcxflags)
3. Add the new account via an ldapadd call from Net::LDAP
4. Set the password via dscl via a ssh call to the OD server
5. Set the password policy via pwpolicy via a ssh call to the OD server
6. Create the home directory via ssh and expect on the file server
mcxflags is just copied from a good account and treated a blob. The
key is steps 4 and 5 which end up creating several other attributes in
OD.
I run from linux, because I also create accounts in AD, Openldap, and
our email server at the same time.
Hopefully you can do the same sort of thing with the tool that you have.
cheers,
ski
--
"When we try to pick out anything by itself, we find it
connected to the entire universe" John Muir
Chris "Ski" Kacoroski, email@hidden, 206-501-9803
or ski98033 on most IM services and gizmo
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
