useradd(1M)						  System Administration Commands					       useradd(1M)

NAME

       useradd - administer a new user login on the system

SYNOPSIS

       useradd [-A authorization [,authorization...]]
	    [-b base_dir] [-c comment] [-d dir] [-e expire]
	    [-f inactive] [-g group] [-G group [,group]...]
	    [-K key=value] [-m [-k skel_dir]] [-p projname]
	    [-P profile [,profile...]] [-R role [,role...]]
	    [-s shell] [-u uid [-o]] login

       useradd -D [-A authorization [,authorization...]]
	    [-b base_dir] [-s shell [-k skel_dir]] [-e expire]
	    [-f inactive] [-g group] [-K key=value] [-p projname]
	    [-P profile [,profile...]] [-R role [,role...]]

DESCRIPTION

       useradd	adds  a new user to the /etc/passwd and /etc/shadow and /etc/user_attr files. The -A and -P options respectively assign authoriza-
       tions and profiles to the user. The -R option assigns roles to a user. The -p option associates a project with a user. The -K option adds a
       key=value pair to /etc/user_attr for the user. Multiple key=value pairs may be added with multiple -K options.

       useradd	also  creates  supplementary group memberships for the user (-G option) and creates the home directory (-m option) for the user if
       requested. The new login remains locked until the passwd(1) command is executed.

       Specifying useradd -D with the -s, -k,-g, -b, -f, -e, -A, -P, -p, -R, or -K option (or any combination of these options) sets  the  default
       values for the respective fields. See the -D option, below. Subsequent useradd commands without the -D option use these arguments.

       The  system  file  entries created with this command have a limit of 2048 characters per line. Specifying long arguments to several options
       can exceed this limit.

       useradd requires that usernames be in the format described in passwd(4). A warning message is displayed if these restrictions are not  met.
       See passwd(4) for the requirements for usernames.

OPTIONS

       The following options are supported:

       -A authorization

	   One	or  more comma separated authorizations defined in auth_attr(4). Only a user or role who has grant rights to the authorization can
	   assign it to an account.

       -b base_dir

	   The base directory for new login home directories (see the -d option below. When a new user account is  being  created,  base_dir  must
	   already exist unless the -m option or the -d option is also specified.

       -c comment

	   Any	text  string.  It is generally a short description of the login, and is currently used as the field for the user's full name. This
	   information is stored in the user's /etc/passwd entry.

       -d dir

	   The home directory of the new user. It defaults to base_dir/account_name, where base_dir is the  base  directory  for  new  login  home
	   directories and account_name is the new login name.

       -D

	   Display  the  default values for group, base_dir, skel_dir, shell, inactive, expire, proj, projname and key=value pairs. When used with
	   the -g, -b, -f, -e, -A, -P, -p, -R, or -K options, the -D option sets the default values for the specified fields. The  default  values
	   are:

	   group

	       other (GID of 1)

	   base_dir

	       /home

	   skel_dir

	       /etc/skel

	   shell

	       /bin/sh

	   inactive

	       0

	   expire

	       null

	   auths

	       null

	   profiles

	       null

	   proj

	       3

	   projname

	       default

	   key=value (pairs defined in user_attr(4)

	       not present

	   roles

	       null

       -e expire

	   Specify  the  expiration  date for a login. After this date, no user will be able to access this login. The expire option argument is a
	   date entered using one of the date formats included in the template file /etc/datemsk. See getdate(3C).

	   If the date format that you choose includes spaces, it must be quoted. For example, you can enter 10/6/90 or October 6,  1990.  A  null
	   value (" ") defeats the status of the expired date. This option is useful for creating temporary logins.

       -f inactive

	   The	maximum number of days allowed between uses of a login ID before that ID is declared invalid. Normal values are positive integers.
	   A value of 0 defeats the status.

       -g group

	   An existing group's integer ID or character-string name. Without the -D option, it defines the new user's primary group membership  and
	   defaults  to the default group. You can reset this default value by invoking useradd -D -g group. GIDs 0-99 are reserved for allocation
	   by the Solaris Operating System.

       -G group

	   An existing group's integer ID or character-string name. It defines the new user's supplementary group membership.  Duplicates  between
	   group  with	the -g and -G options are ignored. No more than NGROUPS_MAX groups can be specified. GIDs 0-99 are reserved for allocation
	   by the Solaris Operating System.

       -K key=value

	   A key=value pair to add to the user's attributes. Multiple -K options may be used to add  multiple  key=value  pairs.  The  generic	-K
	   option  with  the appropriate key may be used instead of the specific implied key options (-A, -P, -R, -p). See user_attr(4) for a list
	   of valid key=value pairs. The "type" key is not a valid key for this option. Keys may not be repeated.

       -k skel_dir

	   A directory that contains skeleton information (such as .profile) that can be copied into a new user's home directory.  This  directory
	   must already exist. The system provides the /etc/skel directory that can be used for this purpose.

       -m

	   Create  the new user's home directory if it does not already exist. If the directory already exists, it must have read, write, and exe-
	   cute permissions by group, where group is the user's primary group.

       -o

	   This option allows a UID to be duplicated (non-unique).

       -P profile

	   One or more comma-separated execution profiles defined in prof_attr(4).

       -p projname

	   Name of the project with which the added user is associated. See the projname field as defined in project(4).

       -R role

	   One or more comma-separated execution profiles defined in user_attr(4). Roles cannot be assigned to other roles.

       -s shell

	   Full pathname of the program used as the user's shell on login. It defaults to an empty field causing the system to use /bin/sh as  the
	   default. The value of shell must be a valid executable file.

       -u uid

	   The	UID of the new user. This UID must be a non-negative decimal integer below MAXUID as defined in <sys/param.h>. The UID defaults to
	   the next available (unique) number above the highest number currently assigned. For example, if UIDs 100, 105, and  200  are  assigned,
	   the next default UID number will be 201. UIDs 0-99 are reserved for allocation by the Solaris Operating System.

FILES

       /etc/datemsk

       /etc/passwd

       /etc/shadow

       /etc/group

       /etc/skel

       /usr/include/limits.h

       /etc/user_attr

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWcsu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Committed 		   |
       +-----------------------------+-----------------------------+

SEE ALSO

       passwd(1),  profiles(1), roles(1), users(1B), groupadd(1M), groupdel(1M), groupmod(1M), grpck(1M), logins(1M), pwck(1M), userdel(1M), user-
       mod(1M), getdate(3C), auth_attr(4), passwd(4), prof_attr(4), project(4), user_attr(4), attributes(5)

DIAGNOSTICS

       In case of an error, useradd prints an error message and exits with a non-zero status.

       The following indicates that login specified is already in use:

	 UX: useradd: ERROR: login is already in use. Choose another.

       The following indicates that the uid specified with the -u option is not unique:

	 UX: useradd: ERROR: uid uid is already in use. Choose another.

       The following indicates that the group specified with the -g option is already in use:

	 UX: useradd: ERROR: group group does not exist. Choose another.

       The following indicates that the uid specified with the -u option is in the range of reserved UIDs (from 0-99):

	 UX: useradd: WARNING: uid uid is reserved.

       The following indicates that the uid specified with the -u option exceeds MAXUID as defined in <sys/param.h>:

	 UX: useradd: ERROR: uid uid is too big. Choose another.

       The following indicates that the /etc/passwd or /etc/shadow files do not exist:

	 UX: useradd: ERROR: Cannot update system files - login cannot be created.

NOTES

       The useradd utility adds definitions to only the local /etc/group, etc/passwd, /etc/passwd, /etc/shadow, /etc/project,  and  /etc/user_attr
       files.  If a network name service such as NIS or NIS+ is being used to supplement the local /etc/passwd file with additional entries, user-
       add cannot change information supplied by the network name service. However useradd will verify the uniqueness of the user name	(or  role)
       and user id and the existence of any group names specified against the external name service.

SunOS 5.11							    19 Feb 2008 						       useradd(1M)