User management

###############################################################################
Managing Useradmin & Groupadmin
################################################################################
Creating User Acct

lrwxrwxrwx  1 root root 7 Jan  6 17:58 /usr/sbin/adduser -> useradd
-rwxr-xr-x  1 root root 57532 Nov 24  2004 /usr/sbin/useradd
###############################################################################


1)  useradd <username>
2)  adduser <username>

useradd -c "comment" -u <uid> -g <primary grpname> -G <supplemetary grp1,grp2>
-k /etc/skel -s /bin/bash -d /ghar/sameer -f <inactive days> -e <yyyy-mm-dd>
<username>

-c = comment
-u = User ID
-g = primary Group Name
-G = Seconday or Supplmentary Group Names

-s = A default Login Shell
-d = Home dir of a user which has to be created but if it is not created
          then use option -m which will create that specified home folder
-f = Inactive Days
-e = expiry days

##############################################################################
Modification of user accts

1)  usermod -c "comment" -d /newhomedir  -e yyyy-mm-dd -f 5 -g <grpname>
-G <grp1,grp2> -l <login name> -s /bin/bash -u <UID> -L -U <username>

-L = Lock a user's password
-U = To Unlock a user's password
-f = Inactive Days
-l = To change a username
###########################################################################
Managing User's
1) userdel <username>
Note : - Simply specifying userdel command user will be deleted but it's home
         dir will be remain in a system.
2) userdel -r <username>
Note  :- To remove useracct along with it's home folder
#############################################################################
Managing Groups

1) groupadd <grpname>
2) groupmod -g <GID> -n <new grp name> <old grp name>
3)  groupmod -g <GID> <old grp name>
-g = GID of an old group
-n = New name to an old group
4) groupdel <grpname>
#############################################################################
To set a password for a user
1) passwd <username>
2) passwd -l <username> To lock a user password
3) passwd -u <username> To unlock a user password
#############################################################################
Changing user information
1) chfn <username>
#############################################################################
To view user Information
1) finger <username>
2) finger
#############################################################################
To print real & effective UID's & GID's
1) id <username>


#############################################################################
To Change Account Age (Expiration Date / Shadow file info )

1) chage <user_name>

2) chage -l <user_name>    # To list Info on A/C age .

#############################################################################

Important Files of acct admin

1) /etc/passwd :- User Account Information
2) /etc/shadow :- Secure User Account Information
3) /etc/group :- Group Information
4) /etc/gshadow :- Secure Group Information
5) /etc/default/useradd :- Default information use while useradd command
6) /etc/login.defs :- System-wide settings
7) /etc/skel :- Directory containing default files for profile
                           It stores hidden user profile files for every user

8) /etc/pam.d :- Linux PAM Directory  

############################################################################
1) /etc/passwd :- User Account Information

-rw-r--r--  1 root root 2628 Jan  7 14:50 /etc/passwd

# vim /etc/passwd

user1:x:500:500:New User:/home/user1:/bin/bash
 
1) user1 :- User login name  
2) x :- User's encrypted password
3) 500 :- UID
4) 500 :- GID of Primary Group(Grp name has to be verified from /etc/group)
5) New User :- Comment or GECOS (General Electric Comprehensive OS)
6) /home/user1 :- Default home dir of a user
7) /bin/bash :- Default login shell of a user
###############################################################################


2) /etc/shadow :- Secure User Account Information

----------  1 root root 1592 Jan 10 19:03 /etc/shadow

adi:$1$kn02TpPA$vsCpJF8PE9IrsDVnhk.pR/:15023:0:99999:7:::

1) adi :- Username can be upto 8 characters case-sensitive,usually all lowercase

2) $1$kn02TpPA$ :- using md5 algorithm password 13 charaters encrypted a blank entry
   (eg: :)indicates a password is not required to login and a "*" indicates the
   account has been disabled
   (!! means password is not set or !! encrypted password means password is disabled)

3) 15023 :- The number of Days (since Jan 1 1970) since the last password changed

4) 0 :- The min number of days before password may be change or min password age
   or password changing frequency (0 indicates password

5) 99999 :- The number of days after which password must be change
  (99999 indicates user can keep his or her password unchaged for many many years)

6) 7 :- The number of days a warning is displayed to a user
    before the account is expired .
   (7 for a full week)

7) x :- The number of days since Jan 1 , 1970 that an account has be
  disabled (day on which acct will be expire)

8) x :- The number of days password expires & after that account will
   be disabled (Inactive days)

9)              :- Reserved for future use .

###############################################################################
3) /etc/group : Group File

-rw-r--r--. 1 root root 1425 Jul 13 13:00 /etc/group


sysadmin:x:505:jaison,rajath,mahesh

1)sysadmin : Group Name
2)x : Encrypted Password
3)505 : GID
4)adi,rajath,mahesh : Users who have sysadmin as thier Secondary Group




###############################################################################



lastlog


last

lastb