Chapter 8 Managing User and Group Accounts 117
After a nested group is established, it can be unnested by using the dseditgroup tool
with the -d option, which deletes the group record but leaves the group intact.
To unnest a group:
$ dseditgroup -o edit [-d
childgroup
] [-t
group
] [-u
username
] [-P
password
]
[-n /LDAPv3/
ipaddress
]
parentgroup
Editing Group Records
To add, remove, or edit group records in the local directory service, use dsEditGroup.
To display group information:
$ dseditgroup
officegroup
To delete a group:
$ dseditgroup -o delete -p -n /LDAPv3/
ipaddress
-u
diradmin groupname
Replace ipaddress with the IP address of the DNS name of the LDAPv3 server, diradmin
with the name of the directory administrator, and groupname with the name of the
group you want to delete.
The -p option prompts you for your diradmin password, which is more secure than
putting the password in the command you are sending.
For more information, see the dseditgroup man page.
Creating a Group Folder
A group folder facilitates the sharing of files between members of a group. After you
set up a group folder in Workgroup Manager, use the CreateGroupFolder tool to
create the group folder. You should create group folders on the server that hosts these
folders.
To create a group folder:
$ sudo /usr/bin/CreateGroupFolder
For more information, see the CreateGroupFolder man page.
Parameter Description
childgroup The name of the child group you are adding to the parent group
group The type of account you are changing (in this case, group)
username The short name of a user with LDAP directory service access
password The user password
ipaddress The IP address of your directory server
parentgroup The name of the parent group that the child group is being added to
Comments to this Manuals