Change uid and/or gid of files and directories on local Unix hosts to the uid/gid that is now maintained in Active Directory.
Description:
The oat_changeowner utility is the final part of aligning ownership of local Unix files and directories. Oat-modify is the utility that will actually change ownership attributes on the local systems.
It is best to run this utility at run level one (see your operating system manual for information about changing run levels). This prevents the creation of files by users until this step has been completed.
Synopsis
oat_changeowner [ ./oat_changeowner [-h] [-v] [-r] [-t] [-n] [-m] [-b backup_directory] [-e exclude_files] [-u user_matching_result_file] [-g group_matching_result_file] [-d directory | -f file| -l file_list] [-o modified_files] {process|continue|rollback} ]
Modes and Options
-h Show the help screen.
-v Show the version of the utility.
-r Proceed without switching to single-user mode if the system is at a different runlevel. It is recommended that you perform ownership reassignment in single-user mode, because this guarantees that the utility has exclusive access to the files and directories it is processing. At other runlevels, inconsistency may arise. Use the -r option at your own risk. If not supplied at a run level other than one, this utility will print a warning message and stop.
-t Run the utility in test mode without actually modifying the specified files and directories. Instead of modification, create a list of files and directories that would be modified.
-n Enables the processing of NFS shares mounted locally. If you specify NFS shares for processing but omit this option, these shares will be ignored.
-m Remove user and group accounts from local files (normally, /etc/passwd and /etc/group) after their resource ownership settings have been successfully aligned with the settings of Unix-enabled accounts in Active Directory. This option makes sense only if you use the utility with the process sub-command.
-b backup_directory The path to the directory to which the original /etc/passwd, /etc/shadow and /etc/group files will be copied for backup.
-e exclude_file Exclude file contains file and directory paths that should be ingnored by this utility.
-u user_matching_result_file The path to the file that shows the correspondence between local user accounts and Unix-enabled Active Directory user accounts. This option and/or -g must be specified.
-g group_matching_result_file The path to the file that shows the correspondence between local user accounts and Unix-enabled Active Directory user accounts. This option and/or -u must be specified.
-d directory A directory to be processed by the utility. If you want to specify several files and/or directories, use the -l option described below.
-f file A file to be processed. If you want to specify several files and/or directories, use the -l option described below.
-l file_list The path to a file that contains file and directory paths that are to be processed by the utility.
-o output_file The path to the file that will contain all files and directories that were actually processed successfully. If ommitted stdout is assumed. Always provide a filename for recovery purposes by using this option or redirecting stdout to a file.
process This sub-command specifies that ownership of the files and directories on the local Unix host will be modified unless the -t is specified. To process based on the user match file:
$ oat_changeowner -u user_matching_result_file -o processed_files process
The following command is equivalent to the previous one.
$ oat_changeowner -u user_matching_result_file process > processed_files
continue Similar to the process subcommand except that any files and directories contained in the -o output_file will be skipped. Use this subcommand if the process subcommand above is terminated. If the following command is interupted:
$ oat_changeowner -u user_matching_result_file process > processed_files
Use this command with the -o option to skip any files already changed.
$ oat_changeowner -u user_matching_result_file -o processed_files continue
Note: It is not always necassary to continue. Using process will change any files created in directories that were already modified.
rollback This sub-command specifies that ownership of files and directories on the local Unix host is to be restored to the previous configuration. To rollback based on the user match file:
$ oat_changeowner -u user_matching_result_file rollback
To rollback the files that were changed:
$ oat_changeowner -l processed_files rollback