The idsldap user and group

During installation of a server, the idsldap user and group are created if they do not already exist.

Note:

On AIX®, Linux, and Solaris systems, operating system utility installation creates the idsldap user if it does not already exist. However, if the /home/idsldap directory (on Linux and AIX systems) or /export/home/idsldap directory (on Solaris systems) already exists, it might not be possible to create the idsldap user. Therefore, if the idsldap user does not exist, be sure that this directory is also not present.

During InstallShield GUI installation, if this directory is detected on Linux, AIX, or Solaris system, but the idsldap user ID is not present on the system, the Server and Proxy Server are not listed as features that you can install.

If your environment requires that you have more control over this user and group, you can create them before you install. Requirements are:

The idsldap user must be a member of the idsldap group.

The root user must be a member of the idsldap group.

The idsldap user must have a home directory.

The default shell for the idsldap user must be the Korn shell.

The idsldap user can have a password, but is not required to.

The idsldap user can be the owner of the director server instance.

You can use the Instance Administration Tool to create users and groups as you are creating a directory server instance, or you can use the following commands to create the idsldap user and group and set them up correctly:

On AIX systems:

Use the following commands.

To create the idsldap group:

mkgroup idsldap

To create user ID idsldap, which is a member of group idsldap, and set the korn shell as the default shell:

mkuser pgrp=idsldap home=/home/idsldap shell=/bin/ksh idsldap

To set the password for user idsldap:

passwd idsldap

To modify the root user ID so that root is a member of the group idsldap:

/usr/bin/chgrpmem -m + root idsldap

On Linux systems:

Use the following commands.

To create the idsldap group:

groupadd idsldap

To create user ID idsldap, which is a member of group idsldap, and set the korn shell as the default shell:

useradd -g idsldap -d /home/idsldap -m -s /bin/ksh idsldap

To set the password for user idsldap:

passwd idsldap

To modify the root user ID so that root is a member of the group idsldap:

usermod -G idsldap,rootgroups root

where rootgroups can be obtained by using the command: groups root

On Solaris systems:

Use the following commands.

To create the idsldap group:

groupadd idsldap

To create user ID idsldap, which is a member of group idsldap, and set the korn shell as the default shell:

useradd -g idsldap -d /export/home/idsldap -m -s /bin/ksh idsldap

To set the password for user idsldap:

passwd idsldap

To modify the root user ID so that root is a member of the group idsldap, use an appropriate tool.

Be sure that all these requirements are met before you install. The proxy server does not install correctly if the idsldap user exists but does not meet the requirements.

Note: