Context Navigation

source: npl/fileserver/smb-ldap-tool/modified/smbldap-useradd @ 128fde4

gcc484perl-5.22

Last change on this file since 128fde4 was c5c522c, checked in by Edwin Eefting <edwin@datux.nl>, 8 years ago
initial commit, transferred from cleaned syn3 svn tree
Property mode set to `100755`
File size: 22.5 KB

Line
1	#!/usr/bin/perl -w
2
3	# $Id: smbldap-useradd 6139 2015-07-13 11:38:44Z edwin $
4	#
5	# This code was developped by IDEALX (http://IDEALX.org/) and
6	# contributors (their names can be found in the CONTRIBUTORS file).
7	#
8	# Copyright (C) 2002 IDEALX
9	#
10	# This program is free software; you can redistribute it and/or
11	# modify it under the terms of the GNU General Public License
12	# as published by the Free Software Foundation; either version 2
13	# of the License, or (at your option) any later version.
14	#
15	# This program is distributed in the hope that it will be useful,
16	# but WITHOUT ANY WARRANTY; without even the implied warranty of
17	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18	# GNU General Public License for more details.
19	#
20	# You should have received a copy of the GNU General Public License
21	# along with this program; if not, write to the Free Software
22	# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
23	# USA.
24
25	# Purpose of smbldap-useradd : user (posix,shadow,samba) add
26
27	use strict;
28
29	use FindBin;
30	use FindBin qw($RealBin);
31	use lib "$RealBin/";
32	use smbldap_tools;
33	use Crypt::SmbHash;
34	#####################
35
36
37	use Getopt::Std;
38	my %Options;
39
40	my $ok = getopts('o:abnmwiPG:u:O:g:d:s:c:k:t:A:B:C:D:E:F:H:M:N:S:T:W:?', \%Options);
41
42	if ( (!$ok) \|\| (@ARGV < 1) \|\| ($Options{'?'}) ) {
43	print_banner;
44	print "Usage: $0 [-awmugdsckABCDEFGHMNPST?] username\n";
45	print " -o add the user in the organizational unit (relative to the user suffix)\n";
46	print " -a is a Windows User (otherwise, Posix stuff only)\n";
47	print " -b is a AIX User\n";
48	print " -w is a Windows Workstation (otherwise, Posix stuff only)\n";
49	print " -i is a trust account (Windows Workstation)\n";
50	print " -u uid\n";
51	print " -O Organization\n";
52	print " -g gid\n";
53	print " -G supplementary comma-separated groups\n";
54	print " -n do not create a group\n";
55	print " -d home\n";
56	print " -s shell\n";
57	print " -c gecos\n";
58	print " -m creates home directory and copies /etc/skel\n";
59	print " -k skeleton dir (with -m)\n";
60	print " -t time. Wait 'time' seconds before exiting (when adding Windows Workstation)\n";
61	print " -P ends by invoking smbldap-passwd\n";
62	print " -A can change password ? 0 if no, 1 if yes\n";
63	print " -B must change password ? 0 if no, 1 if yes\n";
64	print " -C sambaHomePath (SMB home share, like '\\\\PDC-SRV\\homes')\n";
65	print " -D sambaHomeDrive (letter associated with home share, like 'H:')\n";
66	print " -E sambaLogonScript (DOS script to execute on login)\n";
67	print " -F sambaProfilePath (profile directory, like '\\\\PDC-SRV\\profiles\\foo')\n";
68	print " -H sambaAcctFlags (samba account control bits like '[NDHTUMWSLKI]')\n";
69	print " -N surname\n";
70	print " -S family name\n";
71	print " -M local mailAddress (comma seperated)\n";
72	print " -T mailToAddress (forward address) (comma seperated)\n";
73	print " -W set groupwareServer field to this value. (used by custom usersync scripts)\n";
74	print " -? show this help message\n";
75	exit (1);
76	}
77
78	my $ldap_master=connect_ldap_master();
79
80
81	# cause problems when dealing with getpwuid because of the
82	# negative ttl and ldap modification
83	my $nscd_status = system "/etc/init.d/nscd status >/dev/null 2>&1";
84
85	if ($nscd_status == 0) {
86	system "/etc/init.d/nscd stop > /dev/null 2>&1";
87	}
88
89
90	# Read only first @ARGV
91	my $userName = $ARGV[0];
92
93	# For computers account, add a trailing dollar if missing
94	if (defined($Options{'w'})) {
95	if ($userName =~ /[^\$]$/s) {
96	$userName .= "\$";
97	}
98	}
99
100	# untaint $userName (can finish with one or two $)
101	if ($userName =~ /^([\w -.]+\$?)$/) {
102	$userName = $1;
103	} else {
104	print "$0: illegal username\n";
105	exit (1);
106	}
107
108	# user must not exist in LDAP (should it be nss-wide ?)
109	my ($rc, $dn) = get_user_dn2($userName);
110	if ($rc and defined($dn)) {
111	print "$0: user $userName exists\n";
112	exit (9);
113	} elsif (!$rc) {
114	print "$0: error in get_user_dn2\n";
115	exit(10);
116	}
117
118	# Read options
119	# we create the user in the specified ou (relative to the users suffix)
120	my $user_ou=$Options{'o'};
121	my $node;
122	if (defined $user_ou) {
123	if (!($user_ou =~ m/^ou=(.*)/)) {
124	$node=$user_ou;
125	$user_ou="ou=$user_ou";
126	} else {
127	($node)=($user_ou=~m/ou=(.*)/);
128	}
129	# $config{usersdn}="$user_ou,$config{usersdn}";
130	# if the ou does not exist, we create it
131	my $mesg = $ldap_master->search ( base => "$config{usersdn}",
132	scope => "one",
133	filter => "(&(objectClass=organizationalUnit)(ou=$node))"
134	);
135	$mesg->code && die $mesg->error;
136	if ($mesg->count eq 0) {
137	print "creating $user_ou first (as $user_ou,$config{usersdn})\n";
138	# add organizational unit
139	my $add = $ldap_master->add ("ou=$node,$config{usersdn}",
140	attr => [
141	'objectclass' => ['top','organizationalUnit','zarafa-company'],
142	'ou' => "$node"
143	]
144	);
145	$add->code && die "failed to add entry: ", $add->error ;
146	}
147	$config{usersdn}="$user_ou,$config{usersdn}";
148	}
149
150	my $userUidNumber = $Options{'u'};
151	if (!defined($userUidNumber)) {
152	$userUidNumber=get_next_id($config{usersdn},"uidNumber");
153	} elsif (getpwuid($userUidNumber)) {
154	die "Uid already exists.\n";
155	}
156
157	if ($nscd_status == 0) {
158	system "/etc/init.d/nscd start > /dev/null 2>&1";
159	}
160
161	my $createGroup = 0;
162	my $userGidNumber = $Options{'g'};
163	# gid not specified ?
164	if (!defined($userGidNumber)) {
165	# windows machine => $config{defaultComputerGid}
166	if (defined($Options{'w'})) {
167	$userGidNumber = $config{defaultComputerGid};
168	# } elsif (!defined($Options{'n'})) {
169	# create new group (redhat style)
170	# find first unused gid starting from $config{GID_START}
171	# while (defined(getgrgid($config{GID_START}))) {
172	# $config{GID_START}++;
173	# }
174	# $userGidNumber = $config{GID_START};
175
176	# $createGroup = 1;
177
178	} else {
179	# user will have gid = $config{defaultUserGid}
180	$userGidNumber = $config{defaultUserGid};
181	}
182	} else {
183	my $gid;
184	if (($gid = parse_group($userGidNumber)) < 0) {
185	print "$0: unknown group $userGidNumber\n";
186	exit (6);
187	}
188	$userGidNumber = $gid;
189	}
190
191	my $group_entry;
192	my $userGroupSID;
193	my $userRid;
194	my $user_sid;
195	if (defined $Options{'a'} or defined $Options{'i'}) {
196	# as grouprid we use the value of the sambaSID attribute for
197	# group of gidNumber=$userGidNumber
198	$group_entry = read_group_entry_gid($userGidNumber);
199	$userGroupSID = $group_entry->get_value('sambaSID');
200	unless ($userGroupSID) {
201	print "Error: SID not set for unix group $userGidNumber\n";
202	print "check if your unix group is mapped to an NT group\n";
203	exit (7);
204	}
205
206	# as rid we use 2 * uid + 1000
207	$userRid = 2 * $userUidNumber + 1000;
208	# let's test if this SID already exist
209	$user_sid="$config{SID}-$userRid";
210	my $test_exist_sid=does_sid_exist($user_sid,$config{usersdn});
211	if ($test_exist_sid->count == 1) {
212	print "User SID already owned by\n";
213	# there should not exist more than one entry, but ...
214	foreach my $entry ($test_exist_sid->all_entries) {
215	my $dn= $entry->dn;
216	chomp($dn);
217	print "$dn\n";
218	}
219	exit(7);
220	}
221	}
222
223	my $userHomeDirectory;
224	my ($givenName,$userCN, $userSN);
225	my @userMailLocal;
226	my @userMailTo;
227	my $tmp;
228	if (!defined($userHomeDirectory = $Options{'d'})) {
229	$userHomeDirectory = &subst_user($config{userHome}, $userName);
230	}
231	# RFC 2256
232	# sn: : nom (option S)
233	# givenName: prenom (option N)
234	# cn: person's full name
235	$userHomeDirectory=~s/\/\//\//;
236	$config{userLoginShell} = $tmp if (defined($tmp = $Options{'s'}));
237	$config{userGecos} = $tmp if (defined($tmp = $Options{'c'}));
238	$config{skeletonDir} = $tmp if (defined($tmp = $Options{'k'}));
239	$givenName = (utf8Encode($Options{'N'}) \|\| $userName);
240	$userSN = (utf8Encode($Options{'S'}) \|\| $userName);
241	if ($Options{'N'} and $Options{'S'}) {
242	$userCN="$givenName"." $userSN";
243	} else {
244	$userCN=$userName;
245	}
246
247	@userMailLocal = &split_arg_comma($Options{'M'});
248	@userMailTo = &split_arg_comma($Options{'T'});
249
250	########################
251
252	# MACHINE ACCOUNT
253	if (defined($Options{'w'}) or defined($Options{'i'})) {
254
255	# if Options{'i'} and username does not end with $ caracter => we add it
256	if ( $Options{'i'} and !($userName =~ m/\$$/) ) {
257	$userName.="\$";
258	}
259
260	if (!add_posix_machine ($userName,$userUidNumber,$userGidNumber,$Options{'t'})) {
261	die "$0: error while adding posix account\n";
262	}
263
264	if (defined($Options{'i'})) {
265	# For machine trust account
266	# Objectclass sambaSAMAccount must be added now !
267	my $pass;
268	my $pass2;
269
270	system "stty -echo";
271	print "New password : ";
272	chomp($pass=<STDIN>);
273	print "\n";
274	system "stty echo";
275
276	system "stty -echo";
277	print "Retype new password : ";
278	chomp($pass2=<STDIN>);
279	print "\n";
280	system "stty echo";
281
282	if ($pass ne $pass2) {
283	print "New passwords don't match!\n";
284	exit (10);
285	}
286	my ($lmpassword,$ntpassword) = ntlmgen $pass;
287	my $date=time;
288	my $modify = $ldap_master->modify ( "uid=$userName,$config{computersdn}",
289	changes => [
290	replace => [objectClass => ['top', 'person', 'organizationalPerson', 'inetOrgPerson', 'posixAccount', 'sambaSAMAccount']],
291	add => [sambaLogonTime => '0'],
292	add => [sambaLogoffTime => '2147483647'],
293	add => [sambaKickoffTime => '2147483647'],
294	add => [sambaPwdCanChange => '0'],
295	add => [sambaPwdMustChange => '2147483647'],
296	add => [sambaPwdLastSet => "$date"],
297	add => [sambaAcctFlags => '[I ]'],
298	add => [sambaLMPassword => "$lmpassword"],
299	add => [sambaNTPassword => "$ntpassword"],
300	add => [sambaSID => "$user_sid"],
301	add => [sambaPrimaryGroupSID => "$config{SID}-515"]
302	]
303	);
304
305	$modify->code && die "failed to add entry: ", $modify->error ;
306	}
307
308	$ldap_master->unbind;
309	exit 0;
310	}
311
312	# USER ACCOUNT
313	# add posix account first
314	my $add;
315	#Syn-3 uses option $Options{'a'} to add a user
316	# if AIX account, inetOrgPerson obectclass can't be used
317	if (defined($Options{'b'})) {
318	$add = $ldap_master->add ("uid=$userName,$config{usersdn}",
319	attr => [
320	'objectclass' => ['top','person', 'organizationalPerson', 'posixAccount','shadowAccount'],
321	'cn' => "$userCN",
322	'sn' => "$userSN",
323	'uid' => "$userName",
324	'uidNumber' => "$userUidNumber",
325	'gidNumber' => "$userGidNumber",
326	'homeDirectory' => "$userHomeDirectory",
327	'loginShell' => "$config{userLoginShell}",
328	'gecos' => "$config{userGecos}",
329	'userPassword' => "{crypt}x"
330	]
331	);
332	} else {
333	#extra info for Syn-3
334	my $SHADOW_MIN = "0";
335	my $SHADOW_MAX = "9999";
336	my $SHADOW_WARN = "7";
337	my $SHADOW_EXPIRE = "0";
338	my $OrganiZation=$Options{'O'};
339	my $PREF_LANG = "NL";
340	my $MAIL_ENAB = "OK";
341	my $OX_APP_DAYS = "5";
342	my $STD_GID = "500";
343	my $INET_MAIL = "TRUE";
344	my $OX_TASK_DAYS = "5";
345	my $OX_TZ = "Europe/Amsterdam";
346	my $WRITE_GLOBAL_ADDR = "TRUE";
347
348	my $GROUPWARE_SERVER="none";
349	if (defined($Options{'W'}))
350	{
351	$GROUPWARE_SERVER=$Options{'W'};
352	}
353
354	$add = $ldap_master->add ("uid=$userName,$config{usersdn}",
355	attr => [
356	'objectclass' => ['top','inetOrgPerson','posixAccount','shadowAccount','person','organizationalPerson','OXUserObject'],
357	'cn' => "$userCN",
358	'sn' => "$userSN",
359	'givenName' => "$givenName",
360	'uid' => "$userName",
361	'uidNumber' => "$userUidNumber",
362	'gidNumber' => "$userGidNumber",
363	'homeDirectory' => "$userHomeDirectory",
364	'loginShell' => "$config{userLoginShell}",
365	'gecos' => "$config{userGecos}",
366	'userPassword' => "{crypt}x",
367	#'OpenLDAPaci' => "1#entry#grant;r,w,s,c;cn,initials,mail,title,ou,l,birthday,description,street,postalcode,st,c,oxtimezone,homephone,mobile,pager,facsimiletelephonenumber,telephonenumber,labeleduri,jpegphoto,loginDestination,sn,givenname,;r,s,c;[all]#self#",
368	'shadowMin' => "$SHADOW_MIN",
369	'shadowMax' => "$SHADOW_MAX",
370	'shadowWarning' => "$SHADOW_WARN",
371	'shadowExpire' => "$SHADOW_EXPIRE",
372	'description' => "$userName",
373	'givenName' => "$userSN $userCN",
374	'o' => "$OrganiZation",
375	'preferredLanguage' => "$PREF_LANG",
376	'userCountry' => "Syn3world",
377	'mailEnabled' => "$MAIL_ENAB",
378	'lnetMailAccess' => "$INET_MAIL",
379	'OXAppointmentDays' => "$OX_APP_DAYS",
380	'OXGroupID' => "$STD_GID",
381	'OXTaskDays' => "$OX_TASK_DAYS",
382	'OXTimeZone' => "$OX_TZ",
383	'writeGlobalAddressBook' => "$WRITE_GLOBAL_ADDR",
384	'groupwareServer' => "$GROUPWARE_SERVER"
385	]
386	);
387	}
388	$add->code && warn "failed to add entry: ", $add->error ;
389
390	my $add2 = $ldap_master->add ("ou=addr,uid=$userName,$config{usersdn}", attr => [ 'objectclass' => ['top','organizationalUnit'], 'ou' => "addr" ] );
391
392	my $add3 = $ldap_master->modify ("cn=AddressAdmins,o=AddressBook,$config{suffix}",add => { member => "uid=$userName,$config{usersdn}" });
393	$add3->code && warn "failed to add entry: ", $add3->error ;
394
395
396	#if ($createGroup) {
397	# group_add($userName, $userGidNumber);
398	#}
399
400	if ($userGidNumber != $config{defaultUserGid}) {
401	group_add_user($userGidNumber, $userName);
402	}
403
404	my $grouplist;
405	# adds to supplementary groups
406	if (defined($grouplist = $Options{'G'})) {
407	add_grouplist_user($grouplist, $userName);
408	}
409
410	# If user was created successfully then we should create his/her home dir
411	if (defined($tmp = $Options{'m'})) {
412	unless ( $userName =~ /\$$/ ) {
413	if ( !(-e $userHomeDirectory) ) {
414	system "mkdir $userHomeDirectory 2>/dev/null";
415	system "cp -a $config{skeletonDir}/.[a-z,A-Z]* $config{skeletonDir}/* $userHomeDirectory 2>/dev/null";
416	system "chown -R $userUidNumber:$userGidNumber $userHomeDirectory 2>/dev/null";
417	if (defined $config{userHomeDirectoryMode}) {
418	system "chmod $config{userHomeDirectoryMode} $userHomeDirectory 2>/dev/null";
419	} else {
420	system "chmod 700 $userHomeDirectory 2>/dev/null";
421	}
422	}
423	}
424	}
425
426	# we start to defined mail adresses if option M or T is given in option
427	my @adds;
428	if (@userMailLocal) {
429	my @mail;
430	foreach my $m (@userMailLocal) {
431	my $domain = $config{mailDomain};
432	if ($m =~ /^(.+)@/) {
433	push (@mail, $m);
434	# mailLocalAddress contains only the first part
435	$m= $1;
436	} else {
437	push(@mail, $m.($domain ? '@'.$domain : ''));
438	}
439	}
440	push(@adds, 'mailLocalAddress' => [ @userMailLocal ]);
441	push(@adds, 'mail' => [ @mail ]);
442	}
443	if (@userMailTo) {
444	push(@adds, 'mailRoutingAddress' => [ @userMailTo ]);
445	}
446	if (@userMailLocal \|\| @userMailTo) {
447	push(@adds, 'objectClass' => 'inetLocalMailRecipient');
448	}
449
450	# Add Samba user infos
451	if (defined($Options{'a'})) {
452	if (!$config{with_smbpasswd}) {
453
454	my $winmagic = 2147483647;
455	my $valpwdcanchange = 0;
456	my $valpwdmustchange = $winmagic;
457	my $valpwdlastset = 0;
458	my $valacctflags = "[UX]";
459
460	if (defined($tmp = $Options{'A'})) {
461	if ($tmp != 0) {
462	$valpwdcanchange = "0";
463	} else {
464	$valpwdcanchange = "$winmagic";
465	}
466	}
467
468	if (defined($tmp = $Options{'B'})) {
469	if ($tmp != 0) {
470	$valpwdmustchange = "0";
471	# To force a user to change his password:
472	# . the attribut sambaPwdLastSet must be != 0
473	# . the attribut sambaAcctFlags must not match the 'X' flag
474	$valpwdlastset=$winmagic;
475	$valacctflags = "[U]";
476	} else {
477	$valpwdmustchange = "$winmagic";
478	}
479	}
480
481	if (defined($tmp = $Options{'H'})) {
482	$valacctflags = "$tmp";
483	}
484
485
486	my $modify = $ldap_master->modify ( "uid=$userName,$config{usersdn}",
487	changes => [
488	add => [objectClass => 'sambaSAMAccount'],
489	add => [sambaPwdLastSet => "$valpwdlastset"],
490	add => [sambaLogonTime => '0'],
491	add => [sambaLogoffTime => '2147483647'],
492	add => [sambaKickoffTime => '2147483647'],
493	add => [sambaPwdCanChange => "$valpwdcanchange"],
494	add => [sambaPwdMustChange => "$valpwdmustchange"],
495	add => [displayName => "$config{userGecos}"],
496	add => [sambaAcctFlags => "$valacctflags"],
497	add => [sambaSID => "$config{SID}-$userRid"]
498	]
499	);
500
501	$modify->code && die "failed to add entry: ", $modify->error ;
502
503	} else {
504	my $FILE="\|smbpasswd -s -a $userName >/dev/null" ;
505	open (FILE, $FILE) \|\| die "$!\n";
506	print FILE <<EOF;
507	x
508	x
509	EOF
510	;
511	close FILE;
512	if ($?) {
513	print "$0: error adding samba account\n";
514	exit (10);
515	}
516	} # with_smbpasswd
517
518	$tmp = defined($Options{'E'}) ? $Options{'E'} : $config{userScript};
519	my $valscriptpath = &subst_user($tmp, $userName);
520
521	$tmp = defined($Options{'C'}) ? $Options{'C'} : $config{userSmbHome};
522	my $valsmbhome = &subst_user($tmp, $userName);
523
524	my $valhomedrive = defined($Options{'D'}) ? $Options{'D'} : $config{userHomeDrive};
525	# if the letter is given without the ":" symbol, we add it
526	$valhomedrive .= ':' if ($valhomedrive && $valhomedrive !~ /:$/);
527
528	$tmp = defined($Options{'F'}) ? $Options{'F'} : $config{userProfile};
529	my $valprofilepath = &subst_user($tmp, $userName);
530
531	if ($valhomedrive) {
532	push(@adds, 'sambaHomeDrive' => $valhomedrive);
533	}
534	if ($valsmbhome) {
535	push(@adds, 'sambaHomePath' => $valsmbhome);
536	}
537
538	if ($valprofilepath) {
539	push(@adds, 'sambaProfilePath' => $valprofilepath);
540	}
541	if ($valscriptpath) {
542	push(@adds, 'sambaLogonScript' => $valscriptpath);
543	}
544	if (!$config{with_smbpasswd}) {
545	push(@adds, 'sambaPrimaryGroupSID' => $userGroupSID);
546	push(@adds, 'sambaLMPassword' => "XXX");
547	push(@adds, 'sambaNTPassword' => "XXX");
548	}
549	my $modify = $ldap_master->modify ( "uid=$userName,$config{usersdn}",
550	add => {
551	@adds
552	}
553	);
554
555	$modify->code && die "failed to add entry: ", $modify->error ;
556	}
557
558	# add AIX user
559	if (defined($Options{'b'})) {
560	my $modify = $ldap_master->modify ( "uid=$userName,$config{usersdn}",
561	changes => [
562	add => [objectClass => 'aixAuxAccount'],
563	add => [passwordChar => "!"],
564	add => [isAdministrator => "false"]
565	]
566	);
567
568	$modify->code && die "failed to add entry: ", $modify->error ;
569	}
570
571
572	$ldap_master->unbind; # take down session
573
574
575	if (defined($Options{'P'})) {
576	exec "$RealBin/smbldap-passwd \"$userName\""
577	}
578
579	exit 0;
580
581	########################################
582
583	=head1 NAME
584
585	smbldap-useradd - Create a new user
586
587	=head1 SYNOPSIS
588
589	smbldap-useradd [-o user_ou] [-c comment] [-d home_dir] [-g initial_group] [-G group[,...]] [-m [-k skeleton_dir]] [-s shell] [-u uid [ -o]] [-P] [-A canchange] [-B mustchange] [-C smbhome] [-D homedrive] [-E scriptpath] [-F profilepath] [-H acctflags] login
590
591	=head1 DESCRIPTION
592
593	Creating New Users
594	The smbldap-useradd command creates a new user account using the values specified on the command line and the default values from the system and from the configuration files (in /etc/smbldap-tools directory).
595
596	For Samba users, rid is '2uidNumber+1000', and sambaPrimaryGroupSID is '$SID-2gidNumber+1001', where $SID is the domain SID. Thus you may want to use :
597	$ smbldap-useradd -a -g "Domain Admins" -u 500 Administrator
598	to create an domain administrator account (admin rid is 0x1F4 = 500 and grouprid is 0x200 = 512).
599
600	Without any option, the account created will be an Unix (Posix) account. The following options may be used to add information:
601
602	-o
603	The user's account will be created in the specified organazional unit. It is relative to the user suffix dn ($usersdn) defined in the configuration file.
604
605	-a
606	The user will have a Samba account (and Unix).
607
608	-b
609	The usrer is an AIX acount
610
611	-w
612	Creates an account for a Samba machine (Workstation), so that it can join a sambaDomainName.
613
614	-i
615	Creates an interdomain trust account (machine Workstation). A password will be asked for the trust account.
616
617	-c "comment"
618	The new user's comment field (gecos).
619
620	-d home_dir
621	The new user will be created using home_dir as the value for the user's login directory. The default is to append the login name to userHomePrefix (defined in the configuration file) and use that as the login directory name.
622
623	-g initial_group
624	The group name or number of the user's initial login group. The group name must exist. A group number must refer to an already existing group. The default group number is defined in the configuration file (defaultUserGid="513").
625
626	-G group,[...]
627	A list of supplementary groups which the user is also a member of. Each group is separated to the next by a comma, with no intervening whitespace. The groups are subject to the same restrictions as the group given with the -g option. The default is for the user to belong only to the initial group.
628
629	-m
630	The user's home directory will be created if it does not exist. The files contained in skeletonDir will be copied to the home directory if the -k option is used, otherwise the files contained in /etc/skel will be used instead. Any directories contained in skeletonDir or /etc/skel will be created in the user's home directory as well. The -k option is only valid in conjunction with the -m option. The default is to not create the directory and to not copy any files.
631
632	-s shell
633	The name of the user's login shell. The default is to leave this field blank, which causes the system to select the default login shell.
634
635	-t time
636	Wait <time> seconds before exiting script when adding computer's account. This is useful when Master/PDC and Slaves/BDCs are connected through the internet (replication is not real time)
637
638	-u uid
639	The numerical value of the user's ID. This value must be unique, unless the -o option is used. The value must be nonnegative. The default is to use the smallest ID value greater than 1000 and greater than every other user.
640
641	-P
642	ends by invoking smbldap-passwd
643
644	-A
645	can change password ? 0 if no, 1 if yes
646
647	-B
648	must change password ? 0 if no, 1 if yes
649
650	-C sambaHomePath
651	SMB home share, like '\\\\PDC-SRV\\homes'
652
653	-D sambaHomeDrive
654	letter associated with home share, like 'H:'
655
656	-E sambaLogonScript
657	relative to the [netlogon] share (DOS script to execute on login, like 'foo.bat'
658
659	-F sambaProfilePath
660	profile directory, like '\\\\PDC-SRV\\profiles\\foo'
661
662	-H sambaAcctFlags
663	spaces and trailing bracket are ignored (samba account control bits like '[NDHTUMWSLKI]'
664
665	-M local mail aliases (multiple addresses are seperated by spaces)
666
667	-N canonical name
668	defaults to gecos or username, if gecos not set
669
670	-S surname
671	defaults to username
672
673	-T mailToAddress (forward address) (multiple addresses are seperated by spaces)
674
675	-n do not print banner message
676
677	=head1 SEE ALSO
678
679	useradd(1)
680
681	=cut
682
683	#'

Note: See TracBrowser for help on using the repository browser.

Download in other formats: