Go to main content

Managing User Accounts and User Environments in Oracle® Solaris 11.4

Exit Print View

Updated: April 2019
 
 

User and Group Commands

Different commands for users and groups are supported in Oracle Solaris.

The commands described in the following table are used for managing users, roles, and groups.

Table 3  Commands Used to Manage Users, Roles, and Groups
Man Page for Command
Description
For Additional Information
Creates users locally or in an LDAP repository.
Changes user properties locally or in an LDAP repository. If the user properties are security-relevant, such as role assignment, this task might be restricted to your security administrator or to the root role.
Deletes a user from the system or from the LDAP repository. Can involve additional cleanup, such as cron job removal.
Manages roles locally or in an LDAP repository. Roles cannot log in. Users assume an assigned role to perform administrative tasks.
Manages groups locally or in an LDAP repository.

The following table describes the commands that system administrators can use to obtain information about user accounts. This information is stored in various files within the /etc directory.

Table 4  Commands Used to Obtain Information About Users
Command Man Page Reference
Description
Lists and manages authorizations.
Displays a list of entries from the administrative database. The information generally comes from one or more of the sources that are specified for the /etc/nsswitch.conf database.
Displays information about users, roles, and system logins. The output is controlled by the command options that are specified and can include user, role, system login, UID, passwd account field value, primary group, primary group ID, multiple group names, multiple group IDs, home directory, login shell, and password-aging parameters.
Lists and manages rights profiles.
Displays the roles that are assigned to a user.
Displays the first value that is found for attribute_name. If a user is not specified, the user is taken from the real user ID of the process. Attribute names are defined in the man pages.

The groups command lists the groups to which a user belongs. A user can have only one primary group at a time. However, through the newgrp command, users can temporarily change their primary group.