Inetuser utility

The inetuser utility is a very limited LDAP provisioning utility for Messaging Server.

Syntax
inetuser --command-file=file inetuser --help inetuser --version inetuser create &#x5b;switches&#x5d;user inetuser show &#x5b;switches&#x5d;user inetuser checkpw &#x5b;switches&#x5d;user inetuser show-domain &#x5b;switches&#x5d;domain inetuser check-dssetup

Restrictions
This command uses LDAP configuration settings by default. However, commands that update LDAP generally require Directory Manager credentials and it is a best practice to limit the access rights available to the administrative account specified by base.ugldapbinddn and by base.ugldapbindcred. As a result, it&#x27;s typically necessary to specify the  and   switches to specify a Directory Manager account when updating LDAP directly.

Parameters
The,  , and   subcommands take a user identity as a parameter. The user identity is typically the value of the  LDAP attribute (possibly modified by the ldap_uid option) and may include   to refer to an LDAP domain.

The  subcommand takes a domain provisioned in LDAP as a parameter.

No parameters are present when a top-level switch is used or other subcommands are used.

Description
The inetuser utility is a very limited LDAP provisioning utility for Messaging Server that supports LDAP schema 1 and LDAP schema 2. This tool has been present in Messaging Server for some time and is used by the init-config utility to provision an initial administrative user, group, and associated default domain.

The  subcommand is used to create users and domains.

The  subcommand is used to show a user&#x27;s LDAP entry.

The  subcommand is used to check a user&#x27;s LDAP password against the directory. The  utility will return a status of   if the password is correct.

The  subcommand shows a domain&#x27;s LDAP entry.

The  subcommand shows information from the   utility that is present in the LDAP directory.

Examples
The following command creates a user with common name "John Smith" and user identity &#x27;jsmith&#x27;. With this command, the email address defaults to &#x27;jsmith@defaultdomain&#x27; (this assumes the directory manager password is stored in the file pwfile in the current directory): password: The following command creates a new domain with a new administrative user: password:
 * 1) inetuser create -D "cn=Directory Manager" -j pwfile -p "cn=John Smith" jsmith
 * 1) inetuser create -D "cn=Directory Manager" -j pwfile -a all -c newadmin@newdomain.example.com

,
This top-level switch reads and executes inetuser subcommands from the specified file instead of executing one subcommand from the command line.

This top-level switch displays command usage summary.

This top-level switch displays command version information.

,
This create subcommand switch specifies the type of admin user to create. Supported values are  (store administrator) and   (administrative account used by Messaging Server to authenticate). If not specified, the user account will not have administrative privilege.

,
This show subcommand switch specifies a comma-separated list of attributes to show from the user entry, instead of showing all known attributes.

This create subcommand switch will cause the domain to be created when creating a user if it doesn&#x27;t already exist. Note that the tool requires the first user in a domain to be a store administrator so it&#x27;s generally necessary to include the  switch with this one.

,
This subcommand switch specifies the bind DN to use for LDAP server authentication. If not specified, the value of the base.ugldapbinddn option is used instead. The credentials specified by that option typically do not have permission to write to the LDAP directory so this switch is usually necessary with the  subcommand (as is the   switch).

,
This subcommand switch specifies a file containing the bind password to use for LDAP server authentication. If not specified, the value of the base.ugldapbindcred option is used as the bind password instead.

,
This subcommand switch specifies the default domain to use if a domain is not explicitly specified. When this switch is not specified, the value of the base.defaultdomain option is used.

,
This subcommand switch prevents the tool from modifying the LDAP directory. It may be useful to combine this with the  switch.

,
This subcommand switch specifies one or more LDAP server host names to use when connecting to the LDAP server. If not provided, the value of the base.ugldaphost option is used. This may be needed with the  subcommand if that option specifies a slave LDAP server rather than a master LDAP server.

,
This create subcommand switch specifies an LDAP attribute value list of additional known attributes to include when creating a user. The syntax of the list is attr1=value1,attr2=value2. Special characters may be escaped with backslash (\). Alternatively, the value can be base64-encoded by specifying a  symbol before the equals  symbol. The set of known attributes is limited, so if the attribute name is not known by the utility, an error will result.

,
This create subcommand switch specifies a file that will record a copy of the LDIF generated internally by this tool that is used to modify the LDAP directory. Combing this with the  switch is useful to review the changes the tool would make to LDAP. This may also be helpful to customers developing their own provisioning tools.

,
This subcommand switch requests that any diagnostics are appended to the specified file.

,
This subcommand switch specifies the name of the host used to provision store-related attributes such as. If this is not provided, the value of the base.hostname option is used.

Normally the tool will prompt and abort if a mismatch or error is detected. This subcommand switch suppresses that behavior.

,
This create subcommand switch specifies the LDAP DN to use when provisioning a schema 1 organization group in LDAP when creating a domain. This switch is primarily for use by the init-config utility.

,
This create subcommand switch specifies the mail address of the user to include in the postmaster group when creating a domain with a postmaster group. This switch is primarily for use by the init-config utility.

,
This subcommand switch specifies the LDAP server port to use. If not specified, the value of the base.ugldapport option is used.

Normally the tool will prompt and default to overwrite certain critical attributes when performing a create operation and the specified user and/or domain already exists. The subcommand switch prevents the tool from overwriting such attributes.

,
This create subcommand switch specifies a file containing the password to use when creating a user. If this is not provided, the tool will prompt for a password.

,
This subcommand switch suppresses some prompts and diagnostics.

,
This subcommand switch require use of SSL when communicating with the LDAP server.

,
This subcommand switch requests additional diagnostics from the utility. May be used more than once to increase the amount of diagnostic information.

See also:
 * Messaging Server command line utilities