adtool(1)
Active Directory administration tool
SYNOPSIS
adtool
[-h]
[-v]
[-H uri]
[-D binddn]
[-w bindpasswd]
[-b searchbase]
operation
[arguments...]
DESCRIPTION
adtool
is a unix command line utility for Active Directory administration. Features include user and group creation, deletion, modification, password setting and directory query and search capabilities.
OPTIONS
- -h
-
Output usage information.
- -v
-
Output version information.
- -H uri
-
The uri of the Active Directory server to connect to, eg. ldap://ad1.example.com.
- -D binddn
-
The distinguished name of the user to bind to the server as, eg. cn=admin,ou=usrs,dc=example,dc=com.
- -w password
-
The password to authenticate with.
- -b searchbase
-
The distinguished name of the base for any operations that involve searching the directory, eg. ou=users,dc=example,dc=com.
OPERATIONS
- usercreate <username> <container>
-
create a new user
- userdelete <username>
-
delete a user
- userlock <username>
-
disable a user account
- userunlock <username>
-
enable a user account
- setpass <user> [password]
-
set user's password. The password can be entered either as an argument or interactively, in which case it is not echoed back to the screen.
- usermove <user> <new container>
-
move user to another container
- userrename <old username> <new username>
-
rename user
- computercreate <name> <container>
-
create a new computer account
- groupcreate <group name> <container>
-
create a new group
- groupdelete <group name>
-
delete a group
- groupadduser <group> <user>
-
add a user to a group
- groupremoveuser <group> <user>
-
remove a user from a group
- groupsubtreeremove <container> <user>
-
remove a user from all groups below a given ou
- oucreate <organizational unit name> <container>
-
create a new organizational unit
- oudelete <organizational unit name>
-
delete an organizational unit
- attributeget <object> <attribute>
-
display attribute values
- attributeadd <object> <attribute> <value>
-
add an attribute
- attributeaddbinary <object> <attribute> <filename>
-
add an attribute from a file
- attributereplace <object> <attribute> <value>
-
replace an attribute
- attributedelete <object> <attribute> [value]
-
delete an attribute or attribute instance
- search <attribute> <value>
-
simple ldap search
CONFIGURATION
The command line options can instead be specified in a configuration file. An example is installed to (install prefix)/etc/adtool.cfg.dist. Rename this to adtool.cfg and edit as appropriate.
- uri
-
server to connect to
- binddn
-
distinguished name of the user to bind to the server as.
- bindpw
-
password to bind to the server with.
- searchbase
-
base for search operations.
