Provided by: lcmaps-plugins-basic-ldap_1.6.1-3_i386 bug

NAME

       lcmaps_ldap_enf.mod  -  LCMAPS  plugin  to  update  ldap  according  to
       credentials

SYNOPSIS

       lcmaps_ldap_enf.mod -maxuid maxuid -maxpgid  maxpgid  -maxsgid  maxsgid
       -hostname    hostname   -port   port   [-require_all_groups   {yes|no}]
       -dn_manager  DN  -ldap_pw  filename  -sb_groups   searchbase   -sb_user
       searchbase -timeout seconds

DESCRIPTION

       Ldap  enforcement  plugin will alter the user and group settings in the
       ldap database, using the user  and  groups  settings  provided  by  the
       credential  acquisition  plugins.  Note that LDAP has to be used as the
       source of account information for PAM or NSS and has  to  be  RFC  2307
       compliant.

OPTIONS

       -maxuid maxuid
              Maximum  number  of  uids to be used. Strongly advised is to set
              this to 1.

       -maxpgid maxpgid
              Maximum number of primary gids to be used.

       -maxsgid maxsgid
              Maximum number of (secondary) gids to  be  used  (not  including
              primary group). Advised is to set this to 1.

       -hostname hostname
              The   hostname  on  which  the  LDAP  server  is  running,  e.g.
              asen.nikhef.nl

       -port port
              The port number to which to connect, e.g. 389

       -require_all_groups {yes|no}
              Specify if all groups set by the PluginManager  shall  be  used.
              Default is 'yes'.

       -dn_manager DN
              DN of the LDAP manager, e.g. "cn=Manager,dc=root"

       -ldap_pw filename
              Path  to  the  file containing the password of the LDAP manager.
              Note: the mode of the file containing the password must be read-
              only for root (400), otherwise the plugin will not run.

       -sb_groups searchbase
              Search  base  for  the (secondary) groups, e.g. "ou=LocalGroups,
              dc=example, dc=com"

       -sb_user searchbase
              Search base  for  the  user,  e.g.  "ou=LocalUsers,  dc=example,
              dc=com"

       -timeout timeout value
              timeout (in seconds) that will be applied to the ldap binding

RETURN VALUE

       LCMAPS_MOD_SUCCESS
              Success.

       LCMAPS_MOD_FAIL
              Failure.

BUGS

       Please  report  any  errors to the Nikhef Grid Middleware Security Team
       <grid-mw-security-support@nikhef.nl>.

SEE ALSO

       lcmaps.db(5), lcmaps(3), ldap(3).

AUTHORS

       LCMAPS and the LCMAPS plug-ins were  written  by  the  Grid  Middleware
       Security Team <grid-mw-security@nikhef.nl>.

                                March 22, 2011          LCMAPS_LDAP_ENF.MOD(8)