The following example shows the commands and data needed to create a classic Centrify zone named “zone1”. Zone creation is almost identical for all zone types. Only the value of displayName and the schema pseudo-attribute differ from zone type to zone type.
Before you can create the zone itself, however, you must create an Active Directory container with the appropriate properties. The zone container must also contain four other sub-containers to accommodate the UNIX attributes for Computers, Users, Groups, and NISMaps for the zone. You can create your zone anywhere within the directory tree.
To create a zone container and zone properties using the ldapadd command:
ldapadd -H ldap://mydc.acme.com << END_DATA
# Add the zone container
dn: cn=zone1,cn=myzones,dc=acme,dc=com
objectClass: container
cn: zone1
description: uidnext:10005
description: gidnext:10007
description: gidreserved:0-99
description: uidreserved:0-99
description: availableshells:/bin/bash:/bin/csh:/bin/sh:/bin/tcsh
description: defaulthome:/home/${user}
description: privategroupcreation:True
description: defaultshell:/bin/bash
description: schema:Dynamic_Schema_3_0
displayName: \$CimsZoneVersion2
showInAdvancedViewOnly: TRUE
name: default
# Add the Computers sub-container dn: CN=Computers, cn=zone1,cn=myzones,dc=acme,dc=com objectClass: container cn: Computers showInAdvancedViewOnly: TRUE name: Computers
# Add the Groups sub-container dn: CN=Groups, cn=zone1,cn=myzones,dc=acme,dc=com objectClass: container cn: Groups showInAdvancedViewOnly: TRUE name: Groups
# Add the Users sub-container dn: CN=Users, cn=zone1,cn=myzones,dc=acme,dc=com objectClass: container cn: Users showInAdvancedViewOnly: TRUE name: Users
# Add the NISMaps sub-container dn: CN=NisMaps, cn=zone1,cn=myzones,dc=acme,dc=com objectClass: container cn: NisMaps showInAdvancedViewOnly: TRUE name: NisMaps END_DATA
Doc Feedback