466 lines
7.5 KiB
HTML
466 lines
7.5 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Creating User Accounts</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.63
|
|
"><LINK
|
|
REL="HOME"
|
|
TITLE="Linux Administration Made Easy"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="General System Administration Issues"
|
|
HREF="administrative-issues.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="Root Account"
|
|
HREF="root-account.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="Changing User Passwords"
|
|
HREF="changing-user-passwords.html"></HEAD
|
|
><BODY
|
|
CLASS="SECT1"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Linux Administration Made Easy</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="root-account.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 6. General System Administration Issues</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="changing-user-passwords.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="SECT1"
|
|
><H1
|
|
CLASS="SECT1"
|
|
><A
|
|
NAME="CREATING-USER-ACCOUNTS"
|
|
>6.2. Creating User Accounts</A
|
|
></H1
|
|
><DIV
|
|
CLASS="WARNING"
|
|
><P
|
|
></P
|
|
><TABLE
|
|
CLASS="WARNING"
|
|
BORDER="1"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
ALIGN="CENTER"
|
|
><B
|
|
>Warning</B
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
ALIGN="LEFT"
|
|
><P
|
|
>(WARNING: SLACKWARE-CENTRIC. NEEDS UPDATE FOR RED
|
|
HAT)</P
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
><P
|
|
>This section assumes you are using the Shadow password suite on your
|
|
Linux system. If you are not, you should consider doing so, as it helps
|
|
to tighten up security somewhat. The Shadow suite is fairly easy to
|
|
install and will automatically convert your non-shadow password file
|
|
format over to the new shadow format.</P
|
|
><P
|
|
>There are two steps to creating a new user account. The first is to
|
|
actually create the account itself, the second is to provide an alias to
|
|
their e-mail address (at my place of employment, we follow the convention
|
|
of <SPAN
|
|
CLASS="QUOTE"
|
|
>"Firstname.Lastname@our.domain.name"</SPAN
|
|
>.)</P
|
|
><P
|
|
>To create the account, decide on the username you are going to
|
|
assign to the user. The username is at most 8 characters long, and
|
|
wherever possible you should choose their last name, or last name and
|
|
first initial if a user account already exists (the adduser script will
|
|
detect and prevent you from adding duplicate account names).</P
|
|
><P
|
|
>You will then be prompted to enter other information: full name of
|
|
user, user group (usually the default value), a user id # (automatically
|
|
assigned), home directory (automatically assigned), a user shell, some
|
|
password expiration values, and finally the desired password (which won't
|
|
echo to the screen; you should have the user choose a password between 6
|
|
to 8 characters in length for security reasons).</P
|
|
><P
|
|
>Please note that <EM
|
|
>everything</EM
|
|
> should be
|
|
entered in lowercase, except for the full name of the user which can be
|
|
entered in a <SPAN
|
|
CLASS="QUOTE"
|
|
>"pleasing format"</SPAN
|
|
> (eg. Joe Smith) and the
|
|
password. Case is sensitive, so inform your user(s) they must use
|
|
identical case when entering their username and password.</P
|
|
><P
|
|
>Here is a sample session where we will add a user named Joe
|
|
Smith:</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
><TT
|
|
CLASS="PROMPT"
|
|
>mail:~#</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>/sbin/adduser</B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>User to add (^C to quit):</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>smith</B
|
|
></TT
|
|
>
|
|
That name is in use, choose another.
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>User to add (^C to quit):</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>smithj</B
|
|
></TT
|
|
>
|
|
Editing information for new user [smithj]
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>Full Name:</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>Joe Smith</B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>GID [100]:</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
> </B
|
|
></TT
|
|
>
|
|
Checking for an available UID after 500
|
|
First unused uid is 859
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>UID [859]:</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
> </B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>Home Directory [/home/smithj]:</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
> </B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>Shell [/bin/bash]:</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
> </B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>Min. Password Change Days [0]:</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
> </B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>Max. Password Change Days [30]:</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>90</B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>Password Warning Days [15]:</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
> </B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>Days after Password Expiry for Account Locking [10]:</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>0</B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>Password [smithj]:</</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>FL1539</B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>Retype Password:</</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>Fl1539</B
|
|
></TT
|
|
>
|
|
Sorry, they do not match.
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>Password:</</TT
|
|
>> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>FL1539</B
|
|
></TT
|
|
>
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>Retype Password:</</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>FL1539</B
|
|
></TT
|
|
>
|
|
|
|
Information for new user [smithj]:
|
|
Name: Joe Smith
|
|
Home directory: /home/smithj
|
|
Shell: /bin/bash
|
|
Password: <hidden>
|
|
Uid: 859 Gid: 100
|
|
Min pass: 0 maX pass: 99999
|
|
Warn pass: 7 Lock account: 0
|
|
public home Directory: no
|
|
Type 'y' if this is correct, 'q' to cancel and quit the program,
|
|
<TT
|
|
CLASS="PROMPT"
|
|
>or the letter of the item you wish to change:</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>Y</B
|
|
></TT
|
|
></PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><P
|
|
>The next step is to create the alias for the person's e-mail
|
|
account. This gives people the choice of using their account name for
|
|
their e-mail address, or their full name (First.Last combination) to make
|
|
it <SPAN
|
|
CLASS="QUOTE"
|
|
>"easier"</SPAN
|
|
> for the outside world to guess their e-mail
|
|
address when trying to contact them for the first time.</P
|
|
><P
|
|
>To add the e-mail alias, edit the
|
|
``<TT
|
|
CLASS="LITERAL"
|
|
><TT
|
|
CLASS="FILENAME"
|
|
>/etc/aliases</TT
|
|
></TT
|
|
>'' file as
|
|
follows:</P
|
|
><P
|
|
><TT
|
|
CLASS="PROMPT"
|
|
>mail#</TT
|
|
> <TT
|
|
CLASS="USERINPUT"
|
|
><B
|
|
>pico -w /etc/aliases</B
|
|
></TT
|
|
></P
|
|
><P
|
|
>Add the new alias at the bottom of the file. The format for an
|
|
alias is:</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>First.Lastname:username</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><P
|
|
>You should ask the user what preference they have for this (eg.
|
|
Joseph.Smith or Joe.Smith). For our new Joe Smith user, the entry would
|
|
be as follows:</P
|
|
><TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><PRE
|
|
CLASS="SCREEN"
|
|
>Joe.Smith:smith</PRE
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><P
|
|
>When finished adding the alias, press
|
|
<TT
|
|
CLASS="LITERAL"
|
|
><<B
|
|
CLASS="KEYCAP"
|
|
>Ctrl</B
|
|
>>-<<B
|
|
CLASS="KEYCAP"
|
|
>X</B
|
|
>></TT
|
|
>
|
|
and save the file. Then, type ``<TT
|
|
CLASS="LITERAL"
|
|
>newaliases</TT
|
|
>'' to
|
|
update the aliases database.</P
|
|
><P
|
|
>At this point the user account has been created and is ready for
|
|
use. It is a good idea to remind the user that his username and password
|
|
must be entered in lowercase characters, and what their e-mail address
|
|
would be (eg. ``<EM
|
|
>Joe.Smith@mail.mydomain.name</EM
|
|
>'').</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="root-account.html"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="changing-user-passwords.html"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>Root Account</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="administrative-issues.html"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Changing User Passwords</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |