• View
• Edit
• History
• Print

Adding To A Groupon Ares

When creating a new LDAP user on ares, it is common practice to put them in the rastro group, with the GID of 260. Some user accounts need to be members of other groups as well, so that they can access the TPAC shares for example.

There are three other groups that allow access to the TPAC shares:

• ravlbi, which has access to /imports/tpac/vlbi
• rapulsar, which has access to /imports/tpac/pulsar
• rainter, which has access to /imports/tpac/interferometer

The LDIF files that describe the current state of these groups can be found in the /root directory of ares, and are called add_ldap_group_ravlbi, add_ldap_group_rapulsar, add_ldap_rainter.

For example, the rapulsar group looks like:

dn: cn=rapulsar,dc=astro,dc=utas.edu.au
objectClass: top
objectClass: posixGroup
cn: rapulsar
gidNumber: 776
description: TPAC Pulsar group
memberUid: ahotan
memberUid: jpalfrey
memberUid: bdrake
memberUid: jlovell

To add a user to this group, edit this file, and add a new memberUid, which should be the username of the account that you want to add. Please only add users in this way, so that the files in the /root directory represent the current state of the groups.

To enact the changes, give the command:

Note: the single quotes below get munted if you copy paste!
ldapmodify -x -v -D 'cn=mgr,dc=astro,dc=utas.edu.au' -W < add_ldap_rapulsar.ldif

The password that it asks for is the same as the ares root password.

Check that the command worked after you give it by giving the Linux command groups username, where username is the user that you just added to the group. You should see that they are now a member of the group.