creating/modifying Open Directory email users from Terminal

[nbirnbaum]

Hey folks,

Running Panther server. I’d like to create, edit, and delete Open Directory users from the Terminal, especially creating and modifying email settings. (This is so I can have non-root users manage email accounts without risking rm -rf /) Looks like the dscl command is the way to modify Directory Services from the Terminal. To modify the local domain, type

sudo dscl .

at the command prompt. To modify the Open Directory and Netinfo domains, type

sudo dscl localhost

at the prompt. You’ll then enter interactive mode, where you can use the commands in the dscl man page. Start off with ls to see what’s there.

Problem: I’m unable to create or modify the localhost LDAP/Netinfo domain. Whenever I try, I get the error:

attribute status: eDSPermissionError

even when I authenticate as root.

Further: I want to modify the MailAttribute attribute (aka “apple-user-mailattribute), which itself consists of numerous keys in XML format. How can I create or modify this attribute, i.e. what is the format of the dscl command to do so, given it’s such a huge attribute?

Thanks!
Noam

[Author]

Posts