Setting Up User Accounts by Using the CLI
This section discusses ways of preparing for the creation of user accounts.
About Setting Up User Accounts
Oracle Solaris typically creates a user account home directory as an individual ZFS file system and a ZFS dataset that are mounted under the /export/home
file system. As a result, you can back up each home directory, create a ZFS snapshot of it, and replace its contents from a snapshot.
To administer a user account, you must have the appropriate rights profile such as the User Management rights profile. The tasks in this guide assumes that you have these rights. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.
If you are setting up user accounts by using LDAP, you would need to specify LDAP as the repository for user information. Then you can assign user attributes to the user accounts. For more information, see How to Assign Default User Attributes for LDAP Accounts.
For security, you can label processes and files that would control user access to sensitive files. See Chapter 6, Labeling Processes for Data Loss Protection in Securing Users and Processes in Oracle Solaris 11.4.
Gathering User Information
When setting up user accounts, you would need to gather the following information about each user.
- User Name
- Role Name
- Profiles or Authorization
- UID
- Primary Group
- Secondary Groups
- Default Shell
- Password Status and Aging
- Home Directory Path Name
- Mounting Method
- Permissions on Home Directory
- Mail Server
- Add to These Email Aliases
- Desktop System Name
Identifying Users by Packages
To find all the users that were delivered by a package (do not represent humans) on this system, you must specify the --l
option. Note that this search excludes user packages created manually by the useradd
command.
:$ pkg search -lo username, pkg.name user::
Caution:
Do not try to change the users' output with thepkg search
command.