Hi Guys,
I want to create user with a script:
user name, user id, primary group, group set, home directory, initial program, password, user information, another user can SU to user. And all the rest is the default.
Does anyone already have the script for this? Can you please share it with me and the rest on the group.
Thanks in advance,
itik
Hi,
Enter in command line: smitty user, choose Add a User. Then enter necessary information ie. name, groups etc. Finally press F6 and you'll get the complete script.
Greets,
Yac.
If you wish to automate user creation, first, as Yac suggests, create a user with "smitty user". Then copy the relevant parts of the smit.script and make them work for your needs.
@prichard & Yac: Sorry, but i do not think it is that simple. To be useful such a script will have to deal with several error conditions. What you get out of "smitty user" is simply a wrapper for the "mkuser" command.
For instance assume the following situation: The script is called to create a user "foo" with UID 42. The following errors now could occur and should be reported back with different error levels from the script:
a user "foo" exists already with uid=42 (=the user exists)
a user "foo" exists with uid=43 (username already taken)
a user "bar" exists with uid=42 (userid already taken)
a user "foo" with uid=43 and a user "bar" with uid=42 exist already
How about other errors, like (unsorted): the script not being called by root, unable to create the home directory, the username is not a legal one, the uid is not legal, ..... (and i don't even mention the errors connected with the group memberships)
True, the last step would be to call "mkuser" and be done, but the necessary checks before look like an interesting programming task.
I hope this helps.
bakunin
I did not say it would be simple. 
I just said that one can make the smit.script work for their needs. It is a starting point for automation. Until one understands what to check for one should stay with "smitty user" since it checks all that stuff for you. Very powerful.
Thank you for all your input.
I guess, I would be the first one to create the script. I'll share it when I'm done. It's hard adding hundreds of user manually or smitty, I really need to do it in a script.
Is there a danger of editing manually all these files?
/usr/lib/security/mkuser.default Contains the default values for new users.
/etc/passwd Contains the basic attributes of users.
/etc/security/user Contains the extended attributes of users.
/etc/security/user.roles Contains the administrative role attributes of users.
/etc/security/passwd Contains password information.
/etc/security/limits Defines resource quotas and limits for each user.
/etc/security/environ Contains the environment attributes of users.
/etc/group Contains the basic attributes of groups.
/etc/security/group Contains the extended attributes of groups.
/etc/security/.ids Contains standard and administrative user IDs and group IDs.
No, there is not, but IMHO it ist still preferable to do it with the AIX commands, namely mkuser.
I already attempted what you do now and can provide you with a script function to check some of the mentioned conditions. I will put it in here later this afternoon.
bakunin
Have a look at the /usr/lib/security/mkuser.sys script (which is executed by AIX when creating a new user). This is a good starting point for your own script. It can be extended easily, e.g. copying of .profile and/or .kshrc, setting an initial password, creating NIS maps, set disk quotas, sending an email to root just to name a few.
Sorry, took me a bit longer to post it as i had a busy schedule yesterday evening. Here is the promised script:
# ------------------------------------------------------------------------------
# f_CheckUser check UNIX user
# ------------------------------------------------------------------------------
# Author.....: Wolf Machowitsch
# last update: 2007 05 23 by: Wolf Machowitsch
# ------------------------------------------------------------------------------
# Revision Log:
# - 0.99 2007 05 23 Original Creation
# users are being checked if they exist (return 0)
# and possible problems in creating the user (name
# and or UID taken, both taken by different users,
# all these conditions lead to non-zero return values)
# are propagated back.
# As of now only AIX and Linux are explicitly supported.
#
# ------------------------------------------------------------------------------
# Usage:
#
# f_CheckUser char UserName int UserID
#
# checks if a user named <UserName> and with UID <UserID> does exist.
#
# Example: f_CheckUser foo 999 # checks if a user named foo
# # with UID 999 does exist
#
# Prerequisites:
# - to use this function, the FPATH variable must be set
#
# ------------------------------------------------------------------------------
# Documentation:
# f_CheckUser() tests for the existence of UNIX-useraccounts.
# If the user exists and is correct (correct name and UID, other
# properties are not checked) 0 is returned.
# If the user does not exist (meaning neither a user with that name
# nor a user with that UID does exist) 1 is being returned. If either
# the user name or the UID is taken by an existing user account, but the
# respective other ingredient is not, then 2 or 3 respectively is being
# returned. A return value of 4 is being caused by a resource conflict:
# both name and UID are taken, but by different accounts.
#
# Example:
# existing users | UID
# foo | 20
# bar | 30
#
# f_CheckUser foo 20 # yields 0
# f_CheckUser kuno 25 # yields 1
# f_CheckUser foo 25 # yields 2
# f_CheckUser kuno 20 # yields 3
# f_CheckUser bar 20 # yields 4
# f_CheckUser foo # yields 5 (no second parameter)
#
#
# Parameters: char UserName name of the user
# int UID ID of the user
#
# returns: 0: user exists
# 1: user does not exist
# 2: user name exists but with wrong UID
# 3: UID exists but with wrong user name
# 4: resource conflict: UserName with different UID AND
# UID with different user name
# 5: parameter/other/internal error
#
# ------------------------------------------------------------------------------
# known bugs:
#
# - none
# ------------------------------------------------------------------------------
# .....................(C) 2007 Wolf Machowitsch ...............................
# ------------------------------------------------------------------------------
f_CheckUser ()
{
$chFullDebug
# internal variables
typeset -i iRetVal=0 # return value (see docu)
typeset chUserName="$1" # user name
typeset -i iUID="$2" # UID
typeset chNameTest="" # buffer f. test by name
typeset chIDTest="" # buffer f. test by ID
typeset -i iErrLvl=0 # return code buffer
if [ -n "$2" ] ; then # UID given ?
iRetVal=5
fi
if [ -n "$1" ] ; then # name given ?
iRetVal=5
fi
if [ $iRetVal -gt 0 ] ; then
return $iRetVal
fi
case $OS in
AIX)
chNameTest="$( \
lsuser -a id $chUserName 2>/dev/null |\
sed 's/[ ]*id=/:/' \
)"
chIDTest="$( \
lsuser -a id ALL |\
sed -n '/id='"${iUID}"'[ ]*$/ {
s/[ ]*id=/:/p
}' \
)"
;;
Linux)
chNameTest="$( \
grep "^${chUserName}:" /etc/passwd |\
cut -d':' -f1,3 \
)"
chIDTest="$( \
grep "^\([^:]*:\)\{2\}${iUID}:" /etc/passwd |\
cut -d':' -f1,3 \
)"
;;
*)
f_CmdWarning "no explicit rule to check $OS for users"
chNameTest="$( \
grep "^${chUserName}:" /etc/passwd |\
cut -d':' -f1,3 \
)"
chIDTest="$( \
grep "^\([^:]*:\)\{2\}${iUID}:" /etc/passwd |\
cut -d':' -f1,3 \
)"
;;
esac
if [ -z "$chNameTest" -a -z "$chIDTest" ] ; then
iRetVal=1 # name AND UID not taken
elif [ -n "$chNameTest" -a -z "$chIDTest" ] ; then
iRetVal=2 # name taken, UID not taken
elif [ -z "$chNameTest" -a -n "$chIDTest" ] ; then
iRetVal=3 # name not taken, UID taken
else
# both name and UID taken
if [ "$chNameTest" == "$chIDTest" ] ; then
iRetVal=0 # by the same user -> ok
else
iRetVal=4 # by different users -> shit
fi
fi
return $iRetVal
}
# --- EOF f_CheckUser
I hope this helps.
bakunin