Content-type: text/html Man page of useradd

useradd

Section: Maintenance Commands (8)
Index Return to Main Contents
 

NAME

useradd - Adds a new user login account  

SYNOPSIS

/usr/sbin/useradd [-u uid [-o]] [-g group] [-G group[,group...]] [-c comment] [-d dir] [-k skel_dir] [-m] [-s shell] [-f inactive] [-e expire] [-t type] [-x extended_option] login

/usr/sbin/useradd -D [-g group] [-f inactive] [-e expire] [-b base_dir] [-s shell] [-k skel_dir] [-x extended_option]  

FLAGS

When used without arguments, this flag displays the system default attributes for user and group information. If invoked with any combination of the flags, -b, -e, -f, -g, -k, -s, or -x, it sets the default values for those flags. Subsequent invocations of useradd without the -D flag uses these new defaults. For example, the following command sets the default expiry date for any new login that is created subsequently:

useradd -D -e 08/19/97 This flag is a comma separated list of groups that defines the supplementary group membership for a new user. Groups can be specified by the group's name or by its group identification number (GID). An error is displayed for each group that does not exist. Duplicate groups are ignored. Sets the default directory for user login accounts. If -d dir is not specified, the default base_dir is concatenated with the user's login to define the home directory. If the -m flag is not used, base_dir must exist.

The -b flag can be used only with the -D flag. Specifies a short description of the login, and is currently used as the field for the user's full name in the user database file. The comment argument can be any text string. If the text string contains spaces, enclose the string in quotes. Specifies the home directory of the new user. If not specified, dir defaults to base_dir/login, where base_dir is the default directory for user login accounts and login is the name of the new login account. This flag is only for use on systems running in enhanced security mode and is useful for creating temporary logins. The value of the expire argument is a date, must be in the format 10/27/97. A blank value ("") defeats the status of the expired date. Use the -D flag to reset the default value of the expiry date. This flag is for use on systems running in enhanced security mode only. This is the maximum number of days allowed between usage of a login ID before that login ID is declared invalid. The value must be specified as a non-negative integer. A value of -1, which is the default value, defeats the status. You can reset the default value of -1 by invoking the following command:

useradd -D -f inactive When used with the -D flag, the -g flag defines the system default for a new group. The group argument can be specified as an existing group's identification number (GID) or character-string name.

When used without the -D flag, it specifies the primary group for the new user login account. When used without the -D flag, the -k flag specifies the directory that contains skeleton information (such as startup files) that can be copied into a new user's home directory. This directory must exist. The system provides a "skel" directory, /usr/skel that can be used for this purpose.

When used with the -D flag, it defines the system default. Creates the new user's home directory if it doesn't already exist. If the directory already exists, it must have read, write and execute permissions by group, where group is the user's primary group. Allows a user identification (UID) number to be duplicated (non-unique). This flag can be used only with the -u flag. When used without the -D flag, it specifies the full pathname of the program used as the user's login shell. If both the -D and -s flags are not specified, the user's login shell defaults to /bin/sh. The shell argument must be a valid executable file.

When used with the -D flag, it defines the system default. Adds a local plus (+) or local minus (-) NIS user from the user database. The value of the type parameter can be + or -. Specifies the user identification number (UID) of the new user. The uid must be specified as a non-negative decimal integer.

The following extended_option attributes are available. If you use more than one extended_option attribute on the command line, you must precede each attribute with the -x flag or enclose the desired attributes in quotes. Indicates whether or not the account is distributed. The value of the distributed=n attribute can be 0 or 1. If set to 0, the account is added to the local system. If set to 1, the account is added to the NIS master database on the running system. Indicates whether or not the account is local. The value of the local=n attribute can be 0 or 1. If set to 1, the account is added to the local database. If set to 0, the account information is added to the NIS master database. Indicates whether or not the account is locked by the system administrator. The value of the administrative_lock_applied=n attribute can be 0 or 1. If set to 0, the account is not locked. If set to 1, the account is explicitly locked by the system administrator. Indicates the database search order. The value of the local_first=n attribute can be 0 or 1. If set to 0 and a cell database (NIS) exists, that database is searched first. If set to 1, the local database is searched first. Indicates the home directory of the new user. This directory overrides the home directory in the NIS database. Indicates the default login shell of the new user. This directory overrides the default login shell in the NIS database.

The following extended_option attributes are available only on systems running in enhanced security mode. If you use more than one extended_option attribute on the command line, you must precede each attribute with the -x flag or enclose the desired attributes in quotes. Specifies the time, in days, between the last password change and the password expiration. (A new password must be chosen.) The value of n must be an integer. If the value of the passwd_expiration_time attribute is set to 0, there is no password expiration time.

Specifies the time, in days, between the last password change and the expiration of the account. The value of n must be an integer. If the passwd_lifetime attribute is set to 0, the password lifetime is infinite. Specifies the time, in days, which must pass before a user can change the user account password. The value of n must be an integer. The passwd_min_change_time=0 argument means there is no minimum time to change the user account password. Specifies the new login name of the user. It can be a string of any printable characters, except a colon (:) or newline (\n) character.

 

DESCRIPTION

The useradd command adds and administers user accounts on the system.

Invoking useradd without the -D flag adds a new user entry to the user database. It also creates supplementary group memberships for the user (with the -G flag) and creates the home directory for the user, if requested with the -m flag.

Invoking useradd -D with no additional flags displays the system default values that are used when creating a new login account.

The -x flag lets the system administrator specify whether the new user login account is local or distributed over a network. If this flag is not specified on the command line, the system adds the new user login account to the appropriate database as specified by the system defaults.

The default behavior on the system for the useradd command is distributed=0 and local=1. With these values, the system adds the user login account to the local database by default. Setting the distributed= and local= attributes to the same value (for example, distributed=0 and local=0) produces an error.

If the user identification number (UID) is not specified, it defaults to the next available (unique) number. This number is calculated as the next available UID greater than the nextUID and minUID.

The user database file entries created with useradd cannot exceed 512 characters per line. Specifying long arguments to several options may exceed this limit.

You must have superuser privilege to execute this command.  

EXAMPLES

The following example adds the user, newuser, to the user database: useradd newuser

The following example adds the user, newuser, to the user database with user id of 451: % useradd -u 451 newuser

The following example adds the user, newuser, using the next available user id with csh as the login shell, and creates the home directory: % useradd -m -s /bin/csh newuser

The following example adds the local user, xyz, that overrides the default home directory in the NIS master database: % useradd -t + -d /users/xyz xyz

The following example changes the default base directory to /user/users1 for all new users: % useradd -D -b /user/users1

The following example adds the new user, xyz, to the NIS master database: % useradd -x distributed=1 xyz  

EXIT VALUES

The useradd command exits with one of the following values: Success Invalid command syntax or insufficient privilege. A usage message for the useradd command or an error message is displayed. An invalid argument was provided to an option. The UID, which is specified with the -u flag, is already in use (not unique). The GID, which is specified with the -g flag, does not exist. The specified login is not unique. Cannot update the group database. The login was added to the user database, but not to the group database. Unable to create the home directory (with the -m flag) or unable to complete the copy of skel_dir to the home directory.  

FILES

The useradd command operates on the appropriate files for the specific level of system security.  

RELATED INFORMATION

Commands:  groupadd(8), groupdel(8), groupmod(8), passwd(1), userdel(8), usermod(8)

Documents:  System Administration, Security delim off


 

Index

NAME
SYNOPSIS
FLAGS
DESCRIPTION
EXAMPLES
EXIT VALUES
FILES
RELATED INFORMATION

This document was created by man2html, using the manual pages.
Time: 02:40:31 GMT, October 02, 2010