Users and Groups

From wiki
Jump to: navigation, search

Introduction

Some, though not all, of the tips here are for setting up users and groups.

The tool of choice is smbldap.

Usage: How to add a new user

Users

it may be required now to discable the firewall when creating new accouts. Make sure you turn it back on: https://www.cyberciti.biz/faq/turn-on-turn-off-firewall-in-linux/ 

/etc/init.d/iptables save
/etc/init.d/iptables stop
  • To create a new user(s)

Root has a script in bin/creasu.sh, so as root: 

sh bin/creasu.sh <user> <user1> <user2>

if this line fails go to the admin page which talk about ldap. Manually doing the command from the script worked for me when this failed 

# (only if needed - perl errors) service restart slapd

NU=test06
smbldap-groupadd -a $NU
smbldap-useradd -g $NU -a $NU
smbldap-passwd $NU
bash_files=/etc/skel
basepath=/storage/home/users
path=$basepath/$NU
echo $path
cd $basepath
cp -r $bash_files/.{m,n,b,g}* $NU
chown -R $NU:$NU $path
smbldap-groupadd -a $NU
chown -R $NU:$NU $path
chmod 0701 $NU
chcon 'unconfined_u:object_r:user_home_dir_t:s0' $path

will create groups, accounts, home folder and all relevant files into the new home folder. Then you need to setup passwords with (password promt will appear): 

smbldap-passwd <user>

for each of the users.

Then setup an ssh key for logging into the nodes by doing the following:

as root user, login a user via 

su - <newuserid>

and execute 

ssh-keygen

and just accept all the suggestions, keep accepting then as they are ... .ssh/id_rsa and .ssh/id_rsa.pub, then get created.

then 

cp .ssh/id_rsa.pub .ssh/authorized_keys

and 

chmod 600 .ssh/authorized_keys

then ssh node1 should log in to node1 without password (no need to test other nodes).

Then tell the user to change their password by doing: 

passwd

Groups

  • To create a new group (we dont have groups YET!)
smbldap-groupadd -a <newgrpname>
  • To add users to a certain group (note that this seems to take some time to propagate, as well as only working on fresh logins)
smbldap-groupmod -m <list,of,users> <targetgroup>

as root turn firewall back on 

/etc/init.d/iptables start

change a password

when a user forgets their password and asks for a new one: as root 

smbldap-passwd <user>
Retrieved from "http://stab.st-andrews.ac.uk/wiki/index.php?title=Users_and_Groups&oldid=3506"