3.2. Managing Directory Entries Using the Web Console

You can add, edit, rename, and delete LDAP entries using the web console.

3.2.1. Adding an LDAP Entry Using the Web Console

You can use the LDAP Browser in the web console to search for entries in the Directory Server databases.
You can create the following entries using the web console:
  • users
  • groups
  • roles
  • organizational units (OUs)
  • custom entries
For example, you want to create a POSIX user cn=John Smith,ou=people,dc=example,dc=com with a password.

Prerequisites

  • You are logged in to the Directory Server web console.
  • The parent entry exists. For example, ou=people,dc=example,dc=com.

Procedure

  1. In the web console, open the LDAP Browser menu to reveal the list of existing suffixes.
  2. Using the Tree or Table view, expand the parent entry ou=people,dc=example,dc=com under which you want to create a user.
  3. Click the Options menu (⫶) and select New to open the wizard window.
  4. Select the Create a new User option and click Next.
  5. For the user entry, select Posix Account type and click Next.
  6. Optional: Select additional attributes, such as userPassword, and click Next. You can view all selected attributes by expanding the drop-down list near the step name.
  7. Set a value for each attribute:
    1. Click on the pencil button of the attribute and add a value.
      Note that a separate menu opens when you set the userPassword value. The value is filled with asterisks (*) to hide the plain text.
    2. Click on the check button to save changes.
    3. Optional: Set an additional attribute value by clicking the Options menu (⫶)Add Another Value.
    4. After you have set all values, click Next.
  8. Verify that all entry details are correct and click Create User. Directory Server creates the entry with mandatory attributes for a POSIX user and sets the password to it. You can click Back to modify entry settings, or click Cancel to cancel the entry creation.
  9. View the Result for Entry Creation and click Finish.

Verification

  1. Navigate to LDAP BrowserSearch.
  2. Select the database suffix that contains the entry, such as dc=example,cd=com.
  3. Enter your search criteria in the field, such as John, and press Enter.
  4. Find the entry you recently created in the list of entries.

3.2.2. Editing an LDAP Entry Using the Web Console

You can modify a directory entry using the web console. This example modifies a user entry cn=John Smith,ou=people,dc=example,dc=com by:
  • adding telephone numbers 556778987 and 556897445.
  • adding email jsmith@example.com.
  • changing the password.

Prerequisites

You are logged into the Directory Server web console.

Procedure

  1. In the web console, open the LDAP Browser menu to reveal the list of existing suffixes.
  2. Using the Tree or Table view, expand the entry you want to edit, such as cn=John Smith,ou=people,dc=example,dc=com.
  3. Click the Options menu (⫶) and select Edit to open the wizard window.
  4. Optional: In the Select ObjectClasses step, add or delete object classes for the entry. Click Next.
  5. In the Select Attributes step, add telephoneNumber and mail attributes to the entry and click Next. If you do not see an attribute you want to add to the entry it means that you did not add corresponding object class in the previous step.

    Note

    In this step, you can not delete mandatory attributes of the selected object classes.
  6. In the Edit Attribute Values step, set telephoneNumber to 556778987 and 556897445, mail to jsmith@example.com and change userPassword value:
    1. Click on the pencil button of the attribute and add or change a new value.
    2. Click on the check button to save changes.
    3. Optional: Set an additional value to an attribute by clicking the Options menu (⫶)Add Another Value. The telephoneNumber attribute has two values in this example. When you set all values, click Next.
  7. Review your changes and click Next.
  8. To edit the entry, click Modify Entry. You can click Back to modify entry settings, or click Cancel to cancel the entry editing.
  9. View the Result for Entry Modification and click Finish.

Verification

  • Expand the entry details and view the new changes appear among the entry attributes.

3.2.3. Renaming and Relocating an LDAP Entry or Subtree Using the Web Console

You can rename or relocate a directory entry or a subtree using the web console. This example renames and relocates the entry cn=John Smith,ou=people,dc=example,dc=com to cn=Tom Smith,ou=clients,dc=example,dc=com.

Prerequisites

You are logged into the Directory Server web console.

Procedure

  1. In the web console, open the LDAP Browser menu to reveal the list of existing suffixes.
  2. Using the Tree or Table view, expand the entry you want to modify, such as cn=John Smith,ou=people,dc=example,dc=com.
  3. Click the Options menu (⫶) and select Rename to open the wizard window.
  4. In the Select The Naming Attribute And Value step:
    1. Set a new value Tom Smith for the naming attribute cn and click Next.
    2. Optional: Select another naming attribute from the drop-down menu.
    3. Optional: In case you want to delete the old entry and create a new one using the new RDN, check Delete the old RDN.
  5. In Select The Entry Location step, select the parent entry for the new location, and click Next.
  6. Review changes you made to the entry and click Next.
  7. If the entry details are correct, click Change Entry Name. You can click Back to make other changes to the entry or click Cancel to cancel the entry modification.
  8. View Result for Entry Modification and click Finish.

Verification

  • Expand the entry details and review the updated entry.

3.2.4. Deleting an LDAP Entry Using the Web Console

You can delete a directory entry or a subtree using the web console. This example deletes the entry cn=Tom Smith,ou=clients,dc=example,dc=com.

Prerequisites

You are logged into the Directory Server web console.

Procedure

  1. In the web console, open the LDAP Browser menu to reveal the list of existing suffixes.
  2. Using the Tree or Table view, expand the entry you want to delete, such as cn=Tom Smith,ou=clients,dc=example,dc=com.
  3. Click the Options menu (⫶) and select Delete to open the wizard window.
  4. Click Next after you review the data about the entry you want to delete.
  5. In the Deletion step, toggle the switch to the Yes, I’m sure position and click Delete. You can click Cancel to cancel the entry deletion.
  6. View the Result for Entry Deletion and click Finish.

Verification

  1. Navigate to LDAP BrowserSearch.
  2. Select the suffix where the entry previously existed, such as dc=example,cd=com.
  3. Enter your search criteria in the field, such as Tom, and press Enter.
  4. Verify that the deleted entry is no longer present.