Sponsored Content
Full Discussion: Mass account creation
Special Forums Cybersecurity Mass account creation Post 302929322 by rbatte1 on Friday 19th of December 2014 12:31:22 PM
Old 12-19-2014
Mass account creation

By the company winning business from another outsource provider, I've suddenly inherited towards 300 servers and all accounts are local.

One of the immediate tasks is to set up all the OS, DB, and app support staff on all of the servers operating systems. I've slapped together a crude script for the RHEL servers that needs a little tweaking dependant on the release and it reads an input file that contains the user ids, what to put in the comments, groups etc. It also reads the password I've set in the file and uses chpasswd to push that in without me keying them (twice) for each user on each server.

All well and good, but now the servers being looked at are AIX 6 & Solaris 8 I think - it reports as 5.8 on uname (I'm only certified on Solaris 2.6 Smilie) and haven't had one for many years. Do either of these have a similar function to chpasswd that I can exploit with a script with? There is no expect though. I do recall that there is the crypt on Solaris that I could possibly use somehow.

The only other option I can think of is to set them all up on one server, then copy the encrypted password to all the others, but then I'd have to directly edit /etc/shadow or /etc/security/passwd and I'd prefer not to. If I have to do so, then naturally it will be against a copy that I can then switch in.

On Solaris, I've found putspent, but that requires C-code wrapping around it and I have almost nil experience.

Any pointers welcome. I'm happy to do the leg work if it's a rather terse tool - preferably not in C, but I will take any help I can get!



Thanks, in advance,
Robin
 

9 More Discussions You Might Find Interesting

1. Forum Support Area for Unregistered Users & Account Problems

Account creation trouble

I created an account a while back, but never received any confirmation, so I could never get the full access... :( I logged back in today, but I'd forgotten what I'd used for username... anyway, I entered my email address and it said that I would receive my login information, which I... (2 Replies)
Discussion started by: seaghan
2 Replies

2. UNIX for Dummies Questions & Answers

Mass directory creation?

I have a couple thousand data files that all have to have there own directory named exactly the same as the file name. Then the file needs to be moved to that directory. For example files test1.mat, test2.mat, test3.mat in directory X need to have directories test1, test2, test3 created... (6 Replies)
Discussion started by: AeroEngy
6 Replies

3. UNIX for Dummies Questions & Answers

Account creation date

Hi All, Is there a simple and obvious way to see when an account was created.An account has come to my attention in /etc/passwd and a last on it shows having never logged in and the home directory looks to be a couple of years old. Just wondering if I'm over looking anything obvious. ... (2 Replies)
Discussion started by: Hayez
2 Replies

4. UNIX for Dummies Questions & Answers

user account creation date

hi, i tried searching the forum for a thread about this, but came up empty handed. is there a way to pull a list of all user accounts, with the associated creation date? thanks in advance! (2 Replies)
Discussion started by: lilweezy
2 Replies

5. UNIX for Advanced & Expert Users

how to find creation time of an account?

Hi all, I want to know the time when a perticular user is created, atleat in which year it is created. Could any one help me in this issue. Thanks in advance. Regards, M.Sukumar (1 Reply)
Discussion started by: sukumar
1 Replies

6. UNIX for Dummies Questions & Answers

Account creation Sudo enabled

Hi, how to create account with the following be cron enabled only accessible via sudo (1 Reply)
Discussion started by: vilves
1 Replies

7. AIX

VI questions : mass changes, mass delete and external insert

Is it possible in VI to do a global change but take the search patterns and the replacement patterns from an external file ? I have cases where I can have 100,200 or 300+ global changes to do. All the new records are inside a file and I must VI a work file to change all of them. Also, can... (1 Reply)
Discussion started by: Browser_ice
1 Replies

8. How to Post in the The UNIX and Linux Forums

Simultaneously try to execute commands after connecting to remote account to one account

I have made password less connection to my remote account. and i tried to execute commands at a time. but i am unable to execute the commands. ssh $ACCOUNT_DETAILS@$HOST_DETAILS cd ~/JEE/*/logs/ (1 Reply)
Discussion started by: kishored005
1 Replies

9. Shell Programming and Scripting

Shell script for user account Creation

Hi Folks, I had a request to create the user request. Between, I just write a script a create, Update Geos, and update the password. My script as below: The error message, what I am getting is all the users are updated with the same Goes value.. #!/bin/bash for i in `cat users.txt`;do... (2 Replies)
Discussion started by: gsiva
2 Replies
CHPASSWD(8)						    System Management Commands						       CHPASSWD(8)

NAME
chpasswd - update passwords in batch mode SYNOPSIS
chpasswd [options] DESCRIPTION
The chpasswd command reads a list of user name and password pairs from standard input and uses this information to update a group of existing users. Each line is of the format: user_name:password By default the passwords must be supplied in clear-text, and are encrypted by chpasswd. Also the password age will be updated, if present. By default, passwords are encrypted by PAM, but (even if not recommended) you can select a different encryption method with the -e, -m, or -c options. Except when PAM is used to encrypt the passwords, chpasswd first updates all the passwords in memory, and then commits all the changes to disk if no errors occurred for any user. When PAM is used to encrypt the passwords (and update the passwords in the system database) then if a password cannot be updated chpasswd continues updating the passwords of the next users, and will return an error code on exit. This command is intended to be used in a large system environment where many accounts are created at a single time. OPTIONS
The options which apply to the chpasswd command are: -c, --crypt-method METHOD Use the specified method to encrypt the passwords. The available methods are DES, MD5, NONE, and SHA256 or SHA512 if your libc support these methods. By default, PAM is used to encrypt the passwords. -e, --encrypted Supplied passwords are in encrypted form. -h, --help Display help message and exit. -m, --md5 Use MD5 encryption instead of DES when the supplied passwords are not encrypted. -R, --root CHROOT_DIR Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory. -s, --sha-rounds ROUNDS Use the specified number of rounds to encrypt the passwords. The value 0 means that the system will choose the default number of rounds for the crypt method (5000). A minimal value of 1000 and a maximal value of 999,999,999 will be enforced. You can only use this option with the SHA256 or SHA512 crypt method. By default, the number of rounds is defined by the SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS variables in /etc/login.defs. CAVEATS
Remember to set permissions or umask to prevent readability of unencrypted files by other users. CONFIGURATION
The following configuration variables in /etc/login.defs change the behavior of this tool: SHA_CRYPT_MIN_ROUNDS (number), SHA_CRYPT_MAX_ROUNDS (number) When ENCRYPT_METHOD is set to SHA256 or SHA512, this defines the number of SHA rounds used by the encryption algorithm by default (when the number of rounds is not specified on the command line). With a lot of rounds, it is more difficult to brute forcing the password. But note also that more CPU resources will be needed to authenticate users. If not specified, the libc will choose the default number of rounds (5000). The values must be inside the 1000-999,999,999 range. If only one of the SHA_CRYPT_MIN_ROUNDS or SHA_CRYPT_MAX_ROUNDS values is set, then this value will be used. If SHA_CRYPT_MIN_ROUNDS > SHA_CRYPT_MAX_ROUNDS, the highest value will be used. Note: This only affect the generation of group passwords. The generation of user passwords is done by PAM and subject to the PAM configuration. It is recommended to set this variable consistently with the PAM configuration. FILES
/etc/passwd User account information. /etc/shadow Secure user account information. /etc/login.defs Shadow password suite configuration. /etc/pam.d/chpasswd PAM configuration for chpasswd. SEE ALSO
passwd(1), newusers(8), login.defs(5), useradd(8). shadow-utils 4.5 01/25/2018 CHPASSWD(8)
All times are GMT -4. The time now is 12:41 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy