Re: Making a useradd script

Lluis Clemente · ‎07-15-2008

First of all thanks to you all, this is my first post, but I've read good info in other ones.
My system is a 11.11 and I'm trying to make a script so giving a username it makes the useradd with a specified home.
Making this once may not be worth a script but I have 4 other machines with local autentication, and my next step is to trigger via ssh the changes on the main one.

I've seen I can use useradd.sam to pass a password but it seems to be taken as a preencripted MD5 one.

My script would do something like this :

PASSWORD = Encrypt (username)
useradd.sam -p PASSWORD username

(I want username = password)

I didn't find anyone who tried user creation with scripts but this is important for my workaround. (if there is any easier way tell please)

Excuse my english, thanks in advance.

Steven E. Protter · ‎07-15-2008

Shalom,

You might wish to go with a LDAP or NIS based authentication system to let one computer handle authentication on all.

Don't use useradd.sam

User useradd directly in your script, make sure the default user configuration is in /etc/skel so the user looks good.

Add customization for NFS and other oddities.

(I want username = password)
Bad idea, violates common sense and will be used against you on the next security audit.

Set a policy and have a password that expires in 7 days (Build that into your script).

Or Empty the password and use the passwd command to force new password at first login

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Bill Hassell · ‎07-15-2008

> useradd.sam -p

Yes, this requires the encrypted password. The attached script will return the encrypted password suitable for useradd.sam -p.

Bill Hassell, sysadmin

Bill Hassell · ‎07-15-2008

Whoops, it did not attach...here is the program (it's in C language):

#include
#include

/* 1st param is the desired password */
/* A random seed (2 chars) will be */
/* automatically chosen. */
/* For good passwords: */
/* Use random chars, mixed apha- */
/* numerics and MiXeD CaSe for */
/* better protection. */

main(argc, argv)
int argc;
char *argv[];
{

char salt[3];
char *EncryptedPasswd;
int CheckRand;
int Fixup;
int SeedChar;

printf("\nUsage: pw \n\n");

/* Generate a random starting point for seed charcaters */

srand(time(NULL));
for ( SeedChar = 0; SeedChar <= 1; SeedChar++) {
CheckRand = 46 + rand() % 76; /* random number from 46 to 122 */
Fixup = 7 + rand() % 13; /* random number from 7 to 20 */
salt[SeedChar] = toascii(((CheckRand >= 58 && CheckRand <= 64) ||
(CheckRand >= 91 && CheckRand <= 96) ? CheckRand + Fixup : CheckRand));
}

EncryptedPasswd=crypt(argv[1], salt);
printf("\nRequested pw= %s, Automatic Seed= %s, encrypted pw= %s\n",
argv[1], salt, EncryptedPasswd);
}

You run it interactively to obtain the encrypted password, then you can use the result in useradd.sam

Bill Hassell, sysadmin

James R. Ferguson · ‎07-15-2008

Hi:

Here's a simple Perl script to generate an encrypted password that you can use with your 'useradd':

# cat .pwgen
#!/usr/bin/perl -l
die "One arg expected\n" unless @ARGV;
print crypt(
$ARGV[0],
join( '',
( '.', '/', 0 .. 9, 'A' .. 'Z', 'a' .. 'z' )[ rand 64, rand 64 ] )
);
1;

...run as:

# ./pwgen plaintext

The script's output is your corresponding encrypted password.

Regards!

...JRF...

Mark Trux · ‎07-15-2008

awk -F: '{print $1, $2, $3, $4, $5, $6, $7}' /tmp/user | while read user pwd uid gid gecos home shell
do
useradd -u ${uid} -g ${gid} -c "${gecos}" -d ${home} -m -s ${shell} ${user}
done

VK2COT · ‎07-15-2008

Hello,

Take a look at another possibility.

I wrote it for Unix support team who
needed to add around 500 Unix accounts
on AIX, Linux, Solaris and HP-UX servers
(without manual intervention):

http://www.circlingcycle.com.au/Unix-sources/add-batch-Unix-accounts.pl.txt

Cheers,

VK2COT

VK2COT - Dusan Baljevic

Lluis Clemente · ‎07-15-2008

Thanks to you all, it will take me time to review all the info. You are Greatfull.

May I say that this is not a critical machine, it's for only one aplication, and only LAN use, so I can't change the requirements (username = passwd) but hurts!

thanks one more time. I keep working.

Lluis Clemente · ‎07-16-2008

This seems perfect!
Thanks one more time.
Now I know exactly what I need.

Lluis Clemente · ‎07-17-2008

Sorry once again.
I'm having problems with useradd.sam parameters.
./useradd.sam -d /opt/oracle/tstusr -m

With useradd this would create the home dir in the specified folder, but with useradd.sam, it creates the user, writes the /home atribute correctly, but doesn't create it.
any ideas?
thks.

Lluis Clemente · ‎07-17-2008

---sorry.
I'll do :

useradd -d $home user
usermod.sam -p $passwd user

as the script did...
so it creates the path

James R. Ferguson · ‎07-17-2008

Hi Lluis:

As you conclude, please see:

http://forums12.itrc.hp.com/service/forums/helptips.do?#28

Regards!

...JRF...

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Making a useradd script

Making a useradd script