Saša-Stjepan Bakša wrote: > On 19 September 2016 at 14:01, Shawn McKinney <smckinney@symas.com> wrote: >>> On Sep 18, 2016, at 2:25 PM, John Lewis <oflameo2@gmail.com> wrote: >>> >>> Right now I am trying to weigh my options for maintaining my POSIX >>> accounts on an OpenLDAP tree. >>> >>> I learned today that ldap templates in ldapscripts really don't work, so >>> if I want to go on using ldapscripts, I would have to run ldapmodify >>> after every account is created to get the gecos configured properly and >>> have a kerberos principal configured. >> >> You could use an IdM product [..] > > For long time I am using IMO it would be better to just refer to the FAQ index entry: http://www.openldap.org/faq/data/cache/271.html And add/update missing entries/information therein. To the original poster: While I'm the author of one such tool (and therefore personally biased towards that) I'd recommend to use your favourite scripting language with a decent LDAP module to write your own custom tool. With such a solution you have full control and you can easily make use of any existing data in your organization without having to setup a big infrastructure. Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature