Creating multiple user logins assigned to multiple groups at one time

English Install/Boot/Login
1

I have a single computer for our building which various building residents need to be able to log into with their own names. I have a listing of all the usernames (over 300 users) and passwords in a text file. I did some research and found that it should be possible to add them using a script, but there were so many changes whenever a possible script was posted that I had trouble following the message threads to get a coherent final script to use.

So far, here is what I have found, and I hope this works in Suse 11.3:
But it doesn’t say anything about adding to more than one group? I know if I add thru YAST, it adds to users, and then by default adds to the additional group “video” (is this for them to be able to log in with the gui?)

However, the script I found shows one user group, but didn’t say what to do if I needed to add to more than one group? Or will adding these users via the list auto-add them to video because of the default in YAST? Or do I need to put both groups, maybe comma-separated or something?

I am a mostly newbie here, and I really don’t do code, but I can follow directions if they’re explained well enough! lol!

Here’s what I found:

Use chmod command:

# touch /root/batch-user-add.txt
# chmod 0600 /root/batch-user-add.txt

Create a user list as follows. Open file:

# vi /root/batch-user-add.txt

Append username and password following the format provided of:

loginname:password:uid:gid:comment:home_dir:shell

*** does this mean simply copy/paste the below user info into the batch-user-add.txt file?

also, what happens if you don’t define shell? and which shell is better?


Unit0106:concorderesident:1201:1001:Unit 106:/home/Unit0106:/bin/bash
Unit0107:concorderesident:1202:1001:Unit 107:/home/Unit0107:/bin/bash
Unit0108:concorderesident:1203:1001:Unit 108:/home/Unit0108:/bin/bash
Unit0109:concorderesident:1204:1001:Unit 109:/home/Unit0109:/bin/bash
Unit0201:concorderesident:1205:1001:Unit 201:/home/Unit0201:/bin/bash
Unit0202:concorderesident:1206:1001:Unit 202:/home/Unit0202:/bin/bash
Unit0203:concorderesident:1207:1001:Unit 203:/home/Unit0203:/bin/bash
Unit0204:concorderesident:1208:1001:Unit 204:/home/Unit0204:/bin/bash
Unit0205:concorderesident:1209:1001:Unit 205:/home/Unit0205:/bin/bash
Unit0206:concorderesident:1210:1001:Unit 206:/home/Unit0206:/bin/bash
Unit0207:concorderesident:1211:1001:Unit 207:/home/Unit0207:/bin/bash
Unit0208:concorderesident:1212:1001:Unit 208:/home/Unit0208:/bin/bash
Unit0209:concorderesident:1213:1001:Unit 209:/home/Unit0209:/bin/bash
Unit0210:concorderesident:1214:1001:Unit 210:/home/Unit0210:/bin/bash
Unit0301:concorderesident:1215:1001:Unit 301:/home/Unit0301:/bin/bash
Unit0302:concorderesident:1216:1001:Unit 302:/home/Unit0302:/bin/bash
Unit0303:concorderesident:1217:1001:Unit 303:/home/Unit0303:/bin/bash
Unit0304:concorderesident:1218:1001:Unit 304:/home/Unit0304:/bin/bash
Unit0305:concorderesident:1219:1001:Unit 305:/home/Unit0305:/bin/bash
Unit0306:concorderesident:1220:1001:Unit 306:/home/Unit0306:/bin/bash

Now create users in batch:

# newusers /root/batch-user-add.txt

Ok, this seems fairly straightforward so far, and the command line doesn’t intimidate me too much, as I grew up on DOS. :\

Can someone tell me if I’m doing this right? And if I need to worry about whether it’s only adding to the group “users” and not to “video” ? Or how to add to both?

and final question, a quick way to set all those newly created users to require them to change their password on first login, and then to never have the password expire afterwards? (hopefully without resetting my root password in the process?)

Any help on this is greatly appreciated! Thanks!

2

Then it says:
Verify that your /etc/group, /etc/passwd and /etc/shadow files are updated:
***does this mean that typing the following lines of code will automatically update these files?

less /etc/group
less /etc/passwd
less /etc/shadow
3

Please, when you do not know exactly what a certain command (like less) is doing, then use

man less

Then you will see that less only lists a file in a certain way and does not change the file and certainly will not “update” it.

Same

man 5 passwd

will explain to you what all the fields in /etc/passwd are for. And when you have no shell defined, the user can not log in because he will have no shell to run. And in Linux it is rather normal to have bash as shell. But you (as system manager) can of course offer them another shell. And the user can himself change the shell, either after login for the moment (exec), or as starter for her/his next login (chsh).

I do not know the command newusers, thus I can not make any comment on it’s functionality. The standard command to add a user is useradd and that command can of course be used in a script that reads a batch of users to add and then do that useradd.

My advice would be to study several man pages and may be some more documentation about user/group administration before you begin to act as system manager for a rather big group of users.

Of course, when during that study you encounter questions on details, you can come back here, but it is a bit difficult to explain all the basics here, the more while the docs are available on your system.

4

Thanks. I appreciate your reply on this. I have been going thru the “man” pages, I just hadn’t quite gotten that far yet when I made the post, but I did afterwards realize that this was just viewing those files to make sure they had been changed. :slight_smile:

My biggest question was in the initial post, as to whether the script and instructions that I found (and I have been researching this for days) would indeed do what I am trying to do. And whether it would allow me to add that list of users to more than one group, or if I’d have to go in and run a different script to bulk-add them to an additional group.

As far as acting as system manager for a big group of users, no choice there. Was win2kpro before, but it was no longer supported, and finally when the machine died, it was replaced with a newer refurbished machine with no OS on it yet, and after some discussion, it was decided to try this, as I’d had success with it personally on my own computers.

I’ve just not had to add such a large group of users under linux before. On windoze, there are various tools for quickly cloning user accounts, etc. So that’s what I’ve been trying to find here, is a way to either add a bunch of users at once with the same settings for all, or a ready-made tool of some sort that will do this.

System has been down for a few days now, between the old one dying, and getting this new one set up, and I’ve been researching this question for days, and not found an adequate answer, and I’m trying to hurry a bit due to the people in the building getting impatient. :slight_smile: I’ve already got the networking and printer sharing and stuff set up. Just need to get all these accounts added and hoping to avoid hours and hours of data entry. :slight_smile:

5

I repeat, I can not comment on a script you found somewhere and where you only provide it’s name. When you want people to comment on a script found somewhere in the dark on the internet, you better provide it’s contents here.

6

Ummmm… I DID provide the entire directions/contents of it in the initial post.
I’ll summarize again below:

(chmod the batch-user-add.txt file)

touch /root/batch-user-add.txt

chmod 0600 /root/batch-user-add.txt

(open the batch-user-add.txt file to edit it)

vi /root/batch-user-add.txt

(add the following into the batch-user-add.txt file)

Unit0106:concorderesident:1201:1001:Unit 106:/home/Unit0106:/bin/bash
Unit0107:concorderesident:1202:1001:Unit 107:/home/Unit0107:/bin/bash
Unit0108:concorderesident:1203:1001:Unit 108:/home/Unit0108:/bin/bash
Unit0109:concorderesident:1204:1001:Unit 109:/home/Unit0109:/bin/bash
Unit0201:concorderesident:1205:1001:Unit 201:/home/Unit0201:/bin/bash
Unit0202:concorderesident:1206:1001:Unit 202:/home/Unit0202:/bin/bash
Unit0203:concorderesident:1207:1001:Unit 203:/home/Unit0203:/bin/bash
Unit0204:concorderesident:1208:1001:Unit 204:/home/Unit0204:/bin/bash
Unit0205:concorderesident:1209:1001:Unit 205:/home/Unit0205:/bin/bash
Unit0206:concorderesident:1210:1001:Unit 206:/home/Unit0206:/bin/bash
Unit0207:concorderesident:1211:1001:Unit 207:/home/Unit0207:/bin/bash
Unit0208:concorderesident:1212:1001:Unit 208:/home/Unit0208:/bin/bash
Unit0209:concorderesident:1213:1001:Unit 209:/home/Unit0209:/bin/bash
Unit0210:concorderesident:1214:1001:Unit 210:/home/Unit0210:/bin/bash
Unit0301:concorderesident:1215:1001:Unit 301:/home/Unit0301:/bin/bash
Unit0302:concorderesident:1216:1001:Unit 302:/home/Unit0302:/bin/bash
Unit0303:concorderesident:1217:1001:Unit 303:/home/Unit0303:/bin/bash
Unit0304:concorderesident:1218:1001:Unit 304:/home/Unit0304:/bin/bash
Unit0305:concorderesident:1219:1001:Unit 305:/home/Unit0305:/bin/bash
Unit0306:concorderesident:1220:1001:Unit 306:/home/Unit0306:/bin/bash

(save the file, and then run the linux command newusers)

newusers /root/batch-user-add.txt

I didn’t find it somewhere in the dark on the internet. newusers is a linux command. And I am trying to follow the directions between that and the linked man pages of passwd and other related commands, and am trying to find out if it will A) do what I need it to do, and B) if I’ve got the syntax right.
newusers(8): update/create new users in batch - Linux man page
passwd(5): password file - Linux man page

I don’t know how many other ways I can word my questions? I know I’m new to all this, but I HAVE been doing my homework and reading for days now, and trying to ask intelligent questions, only to be put down? :frowning:

7

Sorry, some misunderstanding. But I do not have the tool newusers (and thus not it’s man page) on my standard 11.2 system. Thus my idea was after reading:

I did some research and found that it should be possible to add them using a script, but there were so many changes whenever a possible script was posted that I had trouble following the message threads to get a coherent final script to use.

So far, here is what I have found, and I hope this works in Suse 11.3:
But it doesn’t say anything about adding to more than one group? I know if I add thru YAST, it adds to users, and then by default adds to the additional group “video” (is this for them to be able to log in with the gui?)

However, the script I found shows one user

that you use some script found somewhere.

I will read through the man page you provided a link to after my lunch :wink:

8

I’ve never used the newusers command, so I would just use a custom script to add the users.

For example


#!/bin/bash

for USERS in $(cat /root/batch-user-add.txt)
do
  USER=`echo ${USERS} | cut -d ":" -f1`
  PASSWD=`echo ${USERS} | cut -d ":" -f2`
  UID=`echo ${USERS} | cut -d ":" -f3`
  ##Add more fields here...

  ##man useradd to learn about all the switches
  useradd ${USER} -p ${PASSWD} -u ${UID}
done

You can use the chage command to force a user to change their password


chage -d 0 Unit0106

Hiatt

9

You should not be modifying passwd, shadow, group files directly. You should call useradd to do the work. Among other things it creates the home directory, puts initial files there and does various checks. It will also flag the account for a password change if wanted.

10

I would replace

USER=`echo ${USERS} | cut -d ":" -f1`
  PASSWD=`echo ${USERS} | cut -d ":" -f2`
  UID=`echo ${USERS} | cut -d ":" -f3`
  ##Add more fields here...

with

echo "$USERxiS" | IFS=':' read USER PASSWD UID GID INF HOME SHELL

Or even more radical:

while IFS=':' read USER PASSWD UID GID INF HOME
do      useradd $USER -p $PASSWD
         # more parameters and more statements
done </root/batch-user-add.txt

But those are all niceties.

11

I didn’t find it somewhere in the dark on the internet. newusers is a linux command.

As soon as an executable file is in your system, it’s name is a Linux command. Thus that does not say much.
I can not find this newusers tool in the standard openSUSE repos, thus again may I ask where you found (and installed it from). Where it only to cure my curiousity.

And when I am correcr in my assumption that newusers is not a by default installed tool, then I hope you understand why I did not have any knowledge about it. And why I then asked you to explain more about it.

I hinted earlier that a simple script, reading some datafile containing all you need for every new user on a new line (as you created allready) and calling useradd in a loop, will do what you want. This opinion is supported by other posts above. Use tools like useradd for doing the real work, do not edit system files yourself. As you without doubt have seen yourself in the meantime, the* -G *option of useradd will add additional groups to the user.

And when you want to learn a bit more about what you did thus far, try to explain why you did:

# touch /root/batch-user-add.txt
# chmod 0600 /root/batch-user-add.txt

where starting with vi (or any other means to create the file) would be enough.

12

As I said, I didn’t write it. I don’t know enough about code to write it. I found this or a variation on this on many many linux how-to sites. I didn’t download it to my system from any website anywhere. I have a fresh install of opensuse 11.3 64bit.

Honestly, if all you feel like doing is jumping down my throat because I don’t know exactly what different things do, and because I’m trying to follow instructions I found on linux forums and how-to sites before I came here to ask for help, then don’t bother. I’ll go somewhere where someone is actually willing to help instead of trying to make me feel bad to elevate themselves.

How am I to know I didn’t need to chmod the file first? The directions I found said I needed to, so that it couldn’t be accessed by anyone but root since it contains unencrypted passwords.

Anyhow, here are just a few of the links where I got all this information from.
It’s on a lot of sites, and it’s in the book “Linux in a nutshell” so I guess it’s not some little-known script.
Linux Command Directory: newusers - O’Reilly Media
The Ultimate Guide to Create Users in Linux / Unix
Linux: How To Create Multiple Users Accounts in Batch
User Management
newusers command from a file

My problem is that each site tells it a tad differently. I want to make sure I get it right for MY system. However, if you are not familiar with the command at all, please don’t bother replying further, because all you’ve been doing is trying to tell me it’s not a linux function, simply because you’ve never used it, and you’ve been doing it in a condescending way, which is just uncalled for.

I’ll go somewhere else to get help, where maybe people are friendlier to newbies and have less of an attitude.

However, since you mentioned you don’t seem to have it on your Suse system, here’s some info on what to do if you cannot find it on YOUR system. :slight_smile:
newusers - command not found

13

You should not need the chmod because the umask of root should be such that any file you create is not readable by the world. Maybe they wrote that somewhere to make it extra save for a noob. But that helps only very partly then, because that same noob will create his/her next file without it because she/he does not understand why the chmod is done. I gave this last paragraph to you as an extra “when you want to learn a bit more” and as you seem to understand what these two statements do (and it seems you did that allready earlier) that is fine.

When several sources you consulted tell you things a bit different, then you could expect to have yet more different advices here. In Unix/Linux allmost everything can be done in several ways of which at least a few are OK to use.

You should use these different advices as hints. Going with what they say to man pages and the like so that you understand what al those statements/commands/tools do. After all it is you that in the end wil type them in the system and it is you that is responsible for their results. You can not hide yourself behind the statement “I did what some bloke on the internet told me” when you have to answer your users questions.

From what I read in the man page of newusers, I doubt if I would use it. The man page is very scanty and it does not explain very much about what is done and what not. On the other hand useradd is a well know Unix/Linux tool of old that definitely will create a new user with everything needed (and extra groups can be connected to that user as you asked for). When you give an EXACT and PRECISE definition on what you want done by a script around useradd and your data file, I can try to make one for you. As I see it, it is only a few lines where you can yourself understand what it does and if it is dangerous.

I am still flabbergasted about that newusers. I do not have it on 11.2. It is not a package on 11.3, but it could be part of a package. I will find out that later on a 11.3 system I manage for a friend.

14

Ok, I will try to explain exactly what I need to accomplish. I have a text file which contains the info for approx 385 users. it is set up in the format of:

loginname:password:uid:gid:comment:home_dir:shell

So for an example, using the first line from the list in my text file

Unit0106:concorderesident:1201:1001:Unit 106:/home/Unit0106:/bin/bash

Unit0106 is the loginname
concorderesidents is the password (this is what they should log in with the first time, and then be prompted to change their password to a new one which will not expire)
1201 is the uid
1001 is the gid (for the “users” group - however according to yast, it says it adds users to “users” and then secondary group “video”. Do I need to worry about that? )
Unit 0106 is the comment
/home/Unit0106 is the home directory it should create
/bin/bash is the shell

That’s what I need it to do. Create the 300+ users, with default passwords that they have to change on login, with their own home directories, and setting whatever settings are required for setting up the users.

15

This should work for you


##seq will output numbers 106 to 500
for USERNAME in $(seq 106 500)
do
  ##useradd command adds the user, -c sets the comment, -m creates home dir
  ##-g sets the user's main group, -s  sets the user's shell, Unit0${USERNAME} is the user name
  useradd -c "Unit ${USERNAME}" -m -g 1001 -s /bin/bash Unit0${USERNAME} "
  ##chage forces the user to set the password on login
  chage -d 0 Unit0${USERNAME}
done

I hope this helps, let me know if you need more explaination of what the script is doing.

Hiatt

16

The program useradd uses a few defaults that are defined in

henk@boven:~> cat /etc/default/useradd
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
GROUPS=video
CREATE_MAIL_SPOOL=no
henk@boven:~>

To make use of this it might be nice to edit this file (or better, use the useradd --save-defaults call) such that

GROUP=users

when that is the primary group you want to attach to these users. We do not have to mention that then in the useradd call everytime. You say that 1001 is the GID of the group users. That means that the next statement gives the shown output:

henk@boven:~> grep users /etc/group
users:x:1001:
henk@boven:~>

Please check.

Because HOME=/home, all home directories will be created as /home/<username> and thus no mentioning of this to useradd is needed.

SHELL=/bin/bash, thus no mentioniung of this to useradd is needed.

When you want more groups added to the user mention them in GROUPS= (seperated by commas). There is allready video there, but you may remove that when you want.

When that is done, we are then left with the following useradd call.

But in the mean time, I have seen that jthiatt08 has allready seen that your usernames are very regular and thus cab be created by the system instead of by hand. Thus a file with names, etc is not needed at all.

See his solution and tell us what you think of it.

17

Ok, yes, please clarify? Is it going to take the exact usernames from my text file? Because they’re not straight thru from 106 - 500, they’re 10 units per floor on 31 floors, and so that’s how the usernames in the text file are set up. So we have 106-109, then 201-210, 301-310, 401-410 etc. thru the 12th floor. No 13th floor. 1401-1410 etc all the way thru the 29th floor. then the 30th floor is 3001 - 3006, and 31st floor is 3101 - 3104.

I did see a similar script a couple days ago that did a lot of usernames in a sequence, but due to our username requirements, they have to be more specific, which is why I had to manually create a file of all the exact names to be used.

Does that make sense?

18

10 units per floor on 31 floors will make two loops, one within the other. I never would create these typing by hand since computers were invented.
But I leave it toHiatt to give you the double loop :wink:

19

Hmm, try this


#!/bin/bash
##floor 1 - 31
for FLOOR in $(seq 1 31)
do

   ##no 13th floor, =)
   if  "${FLOOR}" != "13" ]
   then
     ##units 1 - 10
     for UNITS in $(seq 1 10)
     do
        ##pad username with zeros
        USER="`printf "%02d" ${FLOOR}``printf "%02d" ${UNITS}`"
        useradd -c "Unit ${USER}" -m -g 1001 -s /bin/bash Unit${USER}
        chage -d 0 Unit${USER}
     done
   fi
done

Good luck!
Hiatt

20

Looks good (apart from that silly 13th floor, is there a hole there? rotfl!)