Users and Groups

From wiki
Revision as of 09:32, 22 July 2020 by PeterThorpe (talk | contribs) (Usage: How to add a new user)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Some, though not all, of the tips here are for setting up users and groups.

The tool of choice is smbldap.

Usage: How to add a new user


it may be required now to discable the firewall when creating new accouts. Make sure you turn it back on:

/etc/init.d/iptables save
/etc/init.d/iptables stop
  • To create a new user(s)

Root has a script in bin/, so as root:

sh bin/ <user> <user1> <user2>

if this line fails go to the admin page which talk about ldap. Manually doing the command from the script worked for me when this failed

# (only if needed - perl errors) service restart slapd
smbldap-groupadd -a $NU
smbldap-useradd -g $NU -a $NU
smbldap-passwd $NU
echo $path
cd $basepath
cp -r $bash_files/.{m,n,b,g}* $NU
chown -R $NU:$NU $path
smbldap-groupadd -a $NU
chown -R $NU:$NU $path
chmod 0701 $NU
chcon 'unconfined_u:object_r:user_home_dir_t:s0' $path

will create groups, accounts, home folder and all relevant files into the new home folder. Then you need to setup passwords with (password promt will appear):

smbldap-passwd <user>

for each of the users.

Then setup an ssh key for logging into the nodes by doing the following:

as root user, login a user via

su - <newuserid>

and execute


and just accept all the suggestions, keep accepting then as they are ... .ssh/id_rsa and .ssh/, then get created.


cp .ssh/ .ssh/authorized_keys


chmod 600 .ssh/authorized_keys

then ssh node1 should log in to node1 without password (no need to test other nodes).

Then tell the user to change their password by doing:



  • To create a new group (we dont have groups YET!)
smbldap-groupadd -a <newgrpname>
  • To add users to a certain group (note that this seems to take some time to propagate, as well as only working on fresh logins)
smbldap-groupmod -m <list,of,users> <targetgroup>

as root turn firewall back on

/etc/init.d/iptables start

change a password

when a user forgets their password and asks for a new one: as root

smbldap-passwd <user>