|
|
Sponsored Content
Special Forums
Cybersecurity
Mass account creation
Post 302929322 by rbatte1 on Friday 19th of December 2014 12:31:22 PM
12-19-2014
Moderator
Mass account creation
By the company winning business from another outsource provider, I've suddenly inherited towards 300 servers and all accounts are local.
One of the immediate tasks is to set up all the OS, DB, and app support staff on all of the servers operating systems. I've slapped together a crude script for the RHEL servers that needs a little tweaking dependant on the release and it reads an input file that contains the user ids, what to put in the comments, groups etc. It also reads the password I've set in the file and uses chpasswd to push that in without me keying them (twice) for each user on each server.
All well and good, but now the servers being looked at are AIX 6 & Solaris 8 I think - it reports as 5.8 on uname (I'm only certified on Solaris 2.6
) and haven't had one for many years. Do either of these have a similar function to chpasswd that I can exploit with a script with? There is no expect though. I do recall that there is the crypt on Solaris that I could possibly use somehow.
The only other option I can think of is to set them all up on one server, then copy the encrypted password to all the others, but then I'd have to directly edit /etc/shadow or /etc/security/passwd and I'd prefer not to. If I have to do so, then naturally it will be against a copy that I can then switch in.
On Solaris, I've found putspent, but that requires C-code wrapping around it and I have almost nil experience.
Any pointers welcome. I'm happy to do the leg work if it's a rather terse tool - preferably not in C, but I will take any help I can get!
Thanks, in advance,
Robin
One of the immediate tasks is to set up all the OS, DB, and app support staff on all of the servers operating systems. I've slapped together a crude script for the RHEL servers that needs a little tweaking dependant on the release and it reads an input file that contains the user ids, what to put in the comments, groups etc. It also reads the password I've set in the file and uses chpasswd to push that in without me keying them (twice) for each user on each server.
All well and good, but now the servers being looked at are AIX 6 & Solaris 8 I think - it reports as 5.8 on uname (I'm only certified on Solaris 2.6
) and haven't had one for many years. Do either of these have a similar function to chpasswd that I can exploit with a script with? There is no expect though. I do recall that there is the crypt on Solaris that I could possibly use somehow.The only other option I can think of is to set them all up on one server, then copy the encrypted password to all the others, but then I'd have to directly edit /etc/shadow or /etc/security/passwd and I'd prefer not to. If I have to do so, then naturally it will be against a copy that I can then switch in.
On Solaris, I've found putspent, but that requires C-code wrapping around it and I have almost nil experience.
Any pointers welcome. I'm happy to do the leg work if it's a rather terse tool - preferably not in C, but I will take any help I can get!
Thanks, in advance,
Robin
|
|
9 More Discussions You Might Find Interesting
1. Forum Support Area for Unregistered Users & Account Problems
I created an account a while back, but never received any confirmation, so I could never get the full access... :( I logged back in today, but I'd forgotten what I'd used for username... anyway, I entered my email address and it said that I would receive my login information, which I... (2 Replies)
Discussion started by: seaghan
2 Replies
2. UNIX for Dummies Questions & Answers
I have a couple thousand data files that all have to have there own directory named exactly the same as the file name. Then the file needs to be moved to that directory. For example files test1.mat, test2.mat, test3.mat in directory X need to have directories test1, test2, test3 created... (6 Replies)
Discussion started by: AeroEngy
6 Replies
3. UNIX for Dummies Questions & Answers
Hi All,
Is there a simple and obvious way to see when an account was created.An account has come to my attention in /etc/passwd and a last on it shows having never logged in and the home directory looks to be a couple of years old.
Just wondering if I'm over looking anything obvious.
... (2 Replies)
Discussion started by: Hayez
2 Replies
4. UNIX for Dummies Questions & Answers
hi, i tried searching the forum for a thread about this, but came up empty handed. is there a way to pull a list of all user accounts, with the associated creation date? thanks in advance! (2 Replies)
Discussion started by: lilweezy
2 Replies
5. UNIX for Advanced & Expert Users
Hi all,
I want to know the time when a perticular user is created, atleat in which year it is created. Could any one help me in this issue.
Thanks in advance.
Regards,
M.Sukumar (1 Reply)
Discussion started by: sukumar
1 Replies
6. UNIX for Dummies Questions & Answers
Hi, how to create account with the following
be cron enabled
only accessible via sudo (1 Reply)
Discussion started by: vilves
1 Replies
7. AIX
Is it possible in VI to do a global change but take the search patterns and the replacement patterns from an external file ?
I have cases where I can have 100,200 or 300+ global changes to do. All the new records are inside a file and I must VI a work file to change all of them.
Also, can... (1 Reply)
Discussion started by: Browser_ice
1 Replies
8. How to Post in the The UNIX and Linux Forums
I have made password less connection to my remote account. and i tried to execute commands at a time. but i am unable to execute the commands.
ssh $ACCOUNT_DETAILS@$HOST_DETAILS
cd ~/JEE/*/logs/ (1 Reply)
Discussion started by: kishored005
1 Replies
9. Shell Programming and Scripting
Hi Folks,
I had a request to create the user request. Between, I just write a script a create, Update Geos, and update the password. My script as below:
The error message, what I am getting is all the users are updated with the same Goes value..
#!/bin/bash
for i in `cat users.txt`;do... (2 Replies)
Discussion started by: gsiva
2 Replies
LEARN ABOUT MINIX
pwdauth
PWDAUTH() PWDAUTH() NAME
pwdauth - password authentication program SYNOPSIS
/usr/lib/pwdauth DESCRIPTION
Pwdauth is a program that is used by the crypt(3) function to do the hard work. It is a setuid root utility so that it is able to read the shadow password file. Pwdauth expects on standard input two null terminated strings, the password typed by the user, and the salt. That is, the two arguments of the crypt function. The input read in a single read call must be 1024 characters or less including the nulls. Pwdauth takes one of two actions depending on the salt. If the salt has the form "##user" then the user is used to index the shadow password file to obtain the encrypted password. The input password is encrypted with the one-way encryption function contained within pwdauth and compared to the encrypted password from the shadow password file. If equal then pwdauth returns the string "##user" with exit code 0, otherwise exit code 2 to signal failure. The string "##user" is also returned if both the shadow password and the input password are null strings to allow a password-less login. If the salt is not of the form "##user" then the password is encrypted and the result of the encryption is returned. If salt and password are null strings then a null string is returned. The return value is written to standard output as a null terminated string of 1024 characters or less including the null. The exit code is 1 on any error. SEE ALSO
crypt(3), passwd(5). NOTES
A password must be checked like in this example: pw_ok = (strcmp(crypt(key, pw->pw_passwd), pw->pw_passwd) == 0); The second argument of crypt must be the entire encrypted password and not just the two character salt. AUTHOR
Kees J. Bot (kjb@cs.vu.nl) PWDAUTH()