Skip Navigation Links | |
Exit Print View | |
System Administration Guide: Basic Administration Oracle Solaris 10 8/11 Information Library |
1. Oracle Solaris Management Tools (Road Map)
2. Working With the Solaris Management Console (Tasks)
3. Working With the Oracle Java Web Console (Tasks)
4. Managing User Accounts and Groups (Overview)
5. Managing User Accounts and Groups (Tasks)
Setting Up User Accounts (Task Map)
How to Customize User Initialization Files
How to Add a Group With the Solaris Management Console's Groups Tool
How to Add a User With the Solaris Management Console's Users Tool
Adding Groups and Users With Command-Line Tools
Adding a Group and User With the groupadd and useradd Commands
Adding a Group and User With the smgroup and smuser Commands
Setting Up Home Directories With the Solaris Management Console
Maintaining User Accounts (Task Map)
How to Change a User's Password
How to Set Password Aging on a User Account
6. Managing Client-Server Support (Overview)
7. Managing Diskless Clients (Tasks)
8. Introduction to Shutting Down and Booting a System
9. Shutting Down and Booting a System (Overview)
10. Shutting Down a System (Tasks)
11. Modifying Oracle Solaris Boot Behavior (Tasks)
12. Booting an Oracle Solaris System (Tasks)
13. Managing the Oracle Solaris Boot Archives (Tasks)
14. Troubleshooting Booting an Oracle Solaris System (Tasks)
15. x86: GRUB Based Booting (Reference)
16. x86: Booting a System That Does Not Implement GRUB (Tasks)
17. Working With the Oracle Solaris Auto Registration regadm Command (Tasks)
18. Managing Services (Overview)
20. Managing Software (Overview)
21. Managing Software With Oracle Solaris System Administration Tools (Tasks)
22. Managing Software by Using Oracle Solaris Package Commands (Tasks)
|
You can create a form such as the following to gather information about users before adding their accounts.
|
Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.
# mkdir /shared-dir/skel/user-type
The name of a directory to store initialization files for a type of user.
# cp /etc/skel/local.cshrc /shared-dir/skel/user-type/.cshrc # cp /etc/skel/local.login /shared-dir/skel/user-type/.login # cp /etc/skel/local.profile /shared-dir/skel/user-type/.profile
Note - If the account has profiles assigned to it, then the user has to launch a special version of the shell called a profile shell to use commands (with any security attributes) that are assigned to the profile. There are three profile shells corresponding to the types of shells: pfsh (Bourne shell), pfcsh (C shell), and pfksh (Korn shell). For information about profile shells, see Role-Based Access Control (Overview) in System Administration Guide: Security Services.
For a detailed description on the ways to customize the user initialization files, see Customizing a User's Work Environment.
# chmod 744 /shared-dir/skel/user-type/.*
# ls -la /shared-dir/skel/*
Example 5-1 Customizing User Initialization Files
The following example shows how to customize the C-shell user initialization file in the /export/skel/enduser directory designated for a particular type of user. For an example of a .cshrc file, see Example 4-3.
# mkdir /export/skel/enduser # cp /etc/skel/local.cshrc /export/skel/enduser/.cshrc (Edit .cshrc file) # chmod 744 /export/skel/enduser/.*
You can add existing users to the group when you add the group. Or, you can just add the group and then add the user to the group when you add the user.
Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.
# /usr/sadm/bin/smc &
For more information on starting the Solaris Management Console, see How to Start the Console as Superuser or as a Role or How to Start the Solaris Management Console in a Name Service Environment.
A list of categories is displayed.
Use the Context help to add a group to the system.
For example, mechanoids.
For example, GID 101.
Use the following procedure to add a user with the Solaris Management Console's Users tool.
Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.
# /usr/sadm/bin/smc &
For more information on starting the Solaris Management Console, see How to Start the Console as Superuser or as a Role or How to Start the Solaris Management Console in a Name Service Environment.
A list of categories is displayed.
Use the Context help to add a user to the system.
Click Next between the steps below.
For example, kryten
For example, kryten series 3000.
For example, 1001.
For example, mechanoids.
This section provides examples of adding users and groups with command-line tools.
The following example shows how to use the groupadd and useradd commands to add the group scutters and the user scutter1 to files on the local system. These commands cannot be used to manage users in a name service environment.
# groupadd -g 102 scutters # useradd -u 1003 -g 102 -d /export/home/scutter1 -s /bin/csh \ -c "Scutter 1" -m -k /etc/skel scutter1 64 blocks
For more information, see the groupadd(1M) and useradd(1M) man pages.
The following example shows how to use the smgroup and smuser commands to add the group gelfs and the user camille to the NIS domain solar.com on the host starlite.
# /usr/sadm/bin/smgroup add -D nis:/starlitesolar.com -- -g 103 -n gelfs # /usr/sadm/bin/smuser add -D nis:/starlite/solar.com -- -u 1004 -n camille -c "Camille G." -d /export/home/camille -s /bin/csh -g gelfs
For more information, see the smgroup(1M) and smuser(1M) man pages.
Keep the following in mind when using Solaris Management Console to manage user home directories:
If you use the Users tool's Add User Wizard to add a user account and you specify the user's home directory as /export/home/username, the home directory is automatically set up to automount. Also, the following entry is added to the passwd file.
/home/username
There is only way you can use Users tool to set up a user account that does not automount the home directory. First, set up a user account template that disables this feature. Then, add users with this template. You cannot disable this feature with the Add User Wizard.
You can use the smuser add command with the -x autohome=N option to add a user without automounting the user's home directory. However, there is no option to the smuser delete command to remove the home directory after the user is added. You would have to remove the user and the user's home directory with the Users tool.
Use the following procedure to share a user's home directory.
Roles contain authorizations and privileged commands. For more information about roles, see Configuring RBAC (Task Map) in System Administration Guide: Security Services.
In this release, mountd is now started as part of the NFS server service. To see if the mountd daemon is running, type the following command:
# svcs network/nfs/server STATE STIME FMRI online Aug_26 svc:/network/nfs/server:default
# svcadm network/nfs/server
# share
share -F nfs /file-system
/file-system is the file system that contains the user's home directory that you need to share. By convention, the file system is /export/home.
# shareall -F nfs
This command executes all the share commands in the /etc/dfs/dfstab file so that you do not have to wait to reboot the system.
# share
Example 5-2 Sharing a User's Home Directory
The following example shows how to share the /export/home directory.
# svcs network/nfs/server # svcadm network/nfs/server # share # vi /etc/dfs/dfstab (The line share -F nfs /export/home is added.) # shareall -F nfs # share - /usr/dist ro "" - /export/home/user-name rw ""
See Also
If the user's home directory is not located on the user's system, you have to mount the user's home directory from the system where it is located. For detailed instructions, see How to Mount a User's Home Directory.
For information on automounting a home directory, see Task Overview for Autofs Administration in System Administration Guide: Network Services.
For more information, see How to Share a User's Home Directory.
system-name:/export/home/user-name - /export/home/username nfs - yes rw
The name of the system where the home directory is located.
The name of the user's home directory that will be shared. By convention, /export/home/username contains user home directories. However, you can use a different file system.
Required placeholders in the entry.
The name of the directory where the user's home directory will be mounted.
For more information about adding an entry to the /etc/vfstab file, see Overview of Mounting and Unmounting File Systems in System Administration Guide: Devices and File Systems.
# mkdir -p /export/home/username
# mountall
All entries in the current vfstab file (whose mount at boot fields are set to yes) are mounted.
# mount | grep username
Example 5-3 Mounting a User's Home Directory
The following example shows how to mount user ripley's home directory.
# vi /etc/vfstab (The line venus:/export/home/ripley - /export/home/ripley nfs - yes rw is added.) # mkdir -p /export/home/ripley # mountall # mount / on /dev/dsk/c0t0d0s0 read/write/setuid/intr/largefiles/xattr/onerror=panic/dev=... /devices on /devices read/write/setuid/dev=46c0000 on Thu Jan 8 09:38:19 2004 /usr on /dev/dsk/c0t0d0s6 read/write/setuid/intr/largefiles/xattr/onerror=panic/dev=... /proc on /proc read/write/setuid/dev=4700000 on Thu Jan 8 09:38:27 2004 /etc/mnttab on mnttab read/write/setuid/dev=47c0000 on Thu Jan 8 09:38:27 2004 /dev/fd on fd read/write/setuid/dev=4800000 on Thu Jan 8 09:38:30 2004 /var/run on swap read/write/setuid/xattr/dev=1 on Thu Jan 8 09:38:30 2004 /tmp on swap read/write/setuid/xattr/dev=2 on Thu Jan 8 09:38:30 2004 /export/home on /dev/dsk/c0t0d0s7 read/write/setuid/intr/largefiles/xattr/onerror=... /export/home/ripley on venus:/export/home/ripley remote/read/write/setuid/xattr/dev=...