1. Managing User Accounts and User Environments in Oracle Solaris 11.4
  2. About User Accounts and User Environments
  3. User and Group Commands

User and Group Commands

Different commands for users and groups are supported in Oracle Solaris.

The commands described in the following table are used for managing users, roles, and groups.

Table 1-3 Commands Used to Manage Users, Roles, and Groups

Man Page for Command Description For Additional Information
useradd(8) Creates users locally or in an LDAP repository. How to Add a User
usermod(8) Changes user properties locally or in an LDAP repository. If the user properties are security-relevant, such as role assignment, this task might be restricted to your security administrator or to the root role.

How to Modify a User Account

Creating a Role in Securing Users and Processes in Oracle Solaris 11.4
userdel(8) Deletes a user from the system or from the LDAP repository. Can involve additional cleanup, such as cron job removal. How to Delete a User

roleadd(8)

rolemod(8)

roledel(8)

 Manages roles locally or in an LDAP repository. Roles cannot log in. Users assume an assigned role to perform administrative tasks. Assigning Rights to Users in Securing Users and Processes in Oracle Solaris 11.4

groupadd(8)

groupmod(8)

groupdel(8)

 Manages groups locally or in an LDAP repository. How to Add a Group

The following table describes the commands that system administrators can use to obtain information about user accounts. This information is stored in various files within the /etc directory.

Table 1-4 Commands Used to Obtain Information About Users

Command Man Page Reference Description
auths(1) Lists and manages authorizations.
getent(8) Displays a list of entries from the administrative database. The information generally comes from one or more of the sources that are specified for the /etc/nsswitch.conf database.
logins(8) Displays information about users, roles, and system logins. The output is controlled by the command options that are specified and can include user, role, system login, UID, passwd account field value, primary group, primary group ID, multiple group names, multiple group IDs, home directory, login shell, and password-aging parameters.
profiles(1) Lists and manages rights profiles.
roles(1) Displays the roles that are assigned to a user.
userattr(1) Displays the first value that is found for attribute_name. If a user is not specified, the user is taken from the real user ID of the process. Attribute names are defined in the man pages.
prof_attr(5) --

The groups command lists the groups to which a user belongs. A user can have only one primary group at a time. However, through the newgrp command, users can temporarily change their primary group.