Creating an LDAP user

When using the IBM® Tivoli® directory, you must define an LDAP user before you can store user-level information in LDAP. You can create an LDAP user by creating an LDIF file to contain all attributes for the user object, then run the LDIF import utility to import the object into the LDAP directory.

About this task

The Db2® database system supports setting Db2 registry variables and CLI configuration at the user level. (This is not available on the Linux® and UNIX platforms.) User level support provides user-specific settings in a multi-user environment. An example is Windows Terminal Server where each logged on user can customize his or her own environment without interfering with the system environment or another user's environment.

The LDIF utility for the IBM Tivoli Directory Server is LDIF2DB.

LDIF file containing the attributes for a person object appears similar to the following:
   File name: newuser.ldif
 
	dn: cn=Mary Burnnet, ou=Db2 Development, ou=Toronto, o=ibm, c=ca
	objectclass: ePerson
	cn: Mary Burnnet
	sn: Burnnet
	uid: mburnnet
	userPassword: password
	telephonenumber: 1-416-123-4567
	facsimiletelephonenumber: 1-416-123-4568
	title: Software Developer
Following is an example of the LDIF command to import an LDIF file using the IBM LDIF import utility:
   LDIF2DB -i newuser.ldif
Note:
  1. You must run the LDIF2DB command from the LDAP server.
  2. You must grant the required access (ACL) to the LDAP user object so that the LDAP user can add, delete, read, and write to his own object. To grant ACL for the user object, use the LDAP Directory Server Web Administration tool.