UNIX OS USER ID CREATION

UNIX OS USER ID CREATION

Creating User and Groups:

User and group accounts are created on respective servers based on the approved E-process user ID request form. Password for the user account is set as default. At first login user has to force to change the password. Following syntax are used to create user and group accounts:

                                           

Syntax for creating new group:

# groupadd –g <GID> < groupname>

Syntax for creating new user account:

# useradd  -u <UID> -g  <GID> -d <Home directory> -m –s /usr/bin/ksh  < User Name>.

Syntax for force to change the User Password at first login.

# passwd –f < User Name>

User Management Policy:

User accounts should be created only after e-process request is received from concern users.

It is mandatory for end user to specify hostname, username, home direcory, and type of shell

in e-process request. User account should be created with all options mentioned below.

 #useradd -u <UID> -g <GID>  -s <SHELL> -d <HOMEDIRECORY> -m <LOGiN>

For systemadmin,UID should be in the range  10000 to 10100     

 Users are forced to change their password upon first login

    # passwd -f <username>

End of every month, consistency and correctness of user accounts must be verified. Unix User ID list of all the servers will be sent to respective PSG teams with a copy to security team for

Review and suggest Unix admin team for any necessary modifications.

    # finger –h  <login>   

     #passwd –l <username>

# groupadd –g <GID> < group name>

Syntax for creating new user account:

The passwd ageing details

MINWEEKS=0              (Minimum time period before a password can be changed)

MAXWEEKS=4       ((Minimum time period that passwd is valid)

WARNWEEKS=2          (Time period until warning of date of password's ensuing expiration)

                                       PASSLENGTH=8           (Minimum length of a password, in characters)

Changing Directory and File Permissions:

File and directory permissions are changed as per the user requests, sent through mails. Following commands are used to change permissions.

Syntax to change file owner and group:

         # chown <username>: <groupname>  < File name>

Syntax to change directory owner and group recursively:

        # chown –R <username>: <group name> < Directory name>

Syntax to change File permissions:

       # chmod < xyz> < file name>

Where, x represents the permissions granted to the owner of the file, y represents the permissions granted to the group of the file and z represents the permissions granted to others.

The types of permissions and its numbers are as follows:

                     Read:                  r or 4

                     Write:                  w or 2

                      Execute:             x or 1

Syntax to change Directory permissions recursively:

# chmod –R <xyz> < Directory name>

Where, x, y, z is same as above.