User Account Creation

Introduction

This is intended as guide to anyone who needs to create an account while the system manager is unavailable. You will need the root password to the aquila.star and sgra.star machines. They are known to Mark Birkinshaw and Mark Taylor and are stored in Science and Engineering FITS team keypass system.

Important considerations:

Undergraduates are not allowed on this system, they use the solva.phy server and the machines in 2.20. Possible exceptions may be granted, eg for Summer students, talk to the system manager. But ideally due to sensitive material kept on this system, they should not be given access without all other options being explored.
Many accounts have non-UoB usernames, so we use a mechanism whereby the relevant parts of /etc/passwd and /etc/shadow are copied to machines as required. Users with UoB usernames and accounts should not need this done.

This is how ordinary user accounts are created on the Astrophysics system. First edit the script /root/useradd_staff_postgrad on sgra.star.bris.ac.uk

You will need a username, uid and the full name. check spelling and get uid from seis.bris.ac.uk using the finger and id commands. We tend to assume /bin/bash as the default shell. 'source' the script and it will produce an useradd line eg

usr/sbin/useradd -g users -d /home/hwakeford -s /bin/bash -m -k /etc/skel/ -c 'Hannah Wakeford' hwakeford

Run this line on the home disk server (currently sgra.star) and on aquila.star. The master copy of the accounts are stored in /etc/passwd and to some extent /etc/shadow on aquila. UoB usernames and passwords can be authenticated against active directory, non-UoB names won't resolve.

For non UoB names (sometimes this is necessary for UoB ones if authentication problems occur) create a password using mkpasswd from the expect package, eg

[root@mme-desktop ~]# mkpasswd -l 10
b3unT?uu8S

Send passwd to user with instructions to change it immediately. Eg

Hi new user,

OK, your temporary password for the hwakeford account is below. Please log in to aquila.star.bris.ac.uk and change it immediately using the passwd command. 

b3unT?uu8S

Please let me know when you've done this, as I can then copy your password to other systems you may want to use.

Regards,
Rhys

To copy the user accounts to new computer, or to update an existing one, run the script below on the new computer.

/usr/local/sbin/passwd_update

Problems?

If you get this error:

useradd: user 'vq21447' already exists

then check if user is already in /etc/passwd, if not the system is getting the username from the UoB directory. So in order to create a local account, you need to edit /etc/nsswitch on the machine producing the error. Change the line

passwd files sss

or similar to

passwd files

temporarily to allow the useradd command to work. Then change it back again.

Rhys Morris

Last modified: Friday, 14 July 2023