Defining a User with LDIF

Command Description

dn: CN=SEC01,CN=Enterprise Server Users,CN=Micro Focus,CN=Program Data,DC=local

Identifies user SEC01

changetype: delete

Action is set to delete, the current definition for user SEC01 will be deleted

 

You must leave a blank line between actions

dn: CN=SEC01,CN=Enterprise Server Users,CN=Micro Focus,CN=Program Data,DC=local

Identifies user SEC01

changetype: add

Action is set to add

objectClass: microfocus-MFDS-User

Object class, we are defining a User

description: User Description

User description, used for documentation purposes

microfocus-MFDS-UID: no

UID (Unique Identifier). This can be any string; it does not have to be unique. It is not used by Enterprise Server

microfocus-MFDS-CustomText

Optional. Can be any text. Not used by Enterprise Server

microfocus-MFDS-User-AllowLogon: TRUE

TRUE if the user can login to a terminal or ESMAC

microfocus-MFDS-User-CreateToken: self

User can create a passtoken for himself. (Used for single signon, the user can sign into MFDS and credentials will be passed to ESMAC)

microfocus-MFDS-User-DefaultGroup: PAYROLL

Default group. A user has a default group, but can be part of several groups. The default group is used if the user does not specify a group when logging in

microfocus-MFDS-User-LastLoginTime

Optional, usually set by Enterprise Server (if enabled). Date and time of the user's most recent login

microfocus-MFDS-User-LoginAttempts

Optional, usually set by Enterprise Server (if enabled). Number of unsuccessful login attempts since user last logged in

microfocus-MFDS-User-MTO-Priority: 0

User priority for mainframe emulation

microfocus-MFDS-User-MTO-Timeout: 0

User login timeout in minutes, for mainframe emulation. 0 means no timeout. (Inactivity when signed on)

microfocus-MFDS-User-MTO-OperatorClass: 0

Operator Class for mainframe emulation

microfocus-MFDS-User-Pwd: literal:UserPassword

User password, this can be changed by the user using ESMAC or CESN

microfocus-MFDS-User-Pwd-ExpirationDate

Optional. If set, user's password expires on the given date and must be changed

microfocus-MFDS-User-Pwd-History

Optional, usually set by Enterprise Server (if enabled). History of password hashes used to enforce non-reuse of passwords

microfocus-MFDS-User-Pwd-MustChange

TRUE if the user must change his password at next login

microfocus-MFDS-User-UseToken: self

The User can be signed on using a passtoken created for himself (Used for single signon)