smbldap-useradd(8)
NAME
smbldap-useradd - Create a new user
SYNOPSIS
smbldap-useradd [-o user_ou] [-c comment] [-d home_dir] [-g initial_group] [-G group[,...]] [-m [-k skeleton_dir]] [-s shell] [-u uid [ -o]] [-P] [-A canchange] [-B mustchange] [-C smbhome] [-D homedrive] [-E scriptpath] [-F profilepath] [-H acctflags] login
DESCRIPTION
Creating New Users The smbldap-useradd command creates a new user
account using the values specified on the command line and the
default values from the system and from the configuration files (in
/etc/smbldap-tools directory).
For Samba users, rid is '2*uidNumber+1000', and sambaPrimaryGroupSID
is '$SID-2*gidNumber+1001', where $SID is the domain SID. Thus you may
want to use : $ smbldap-useradd -a -g "Domain Admins" -u 500 Administrator to create an domain administrator account (admin rid is 0x1F4 =
500 and grouprid is 0x200 = 512).
Without any option, the account created will be an Unix (Posix)
account. The following options may be used to add information:
- -o node
- The user's account will be created in the specified organazional
- unit. It is relative to the user suffix dn ($usersdn) defined in the
configuration file. Ex: 'ou=admin,ou=all' - -a
- The user will have a Samba account (and Unix).
- -b
- The usrer is an AIX acount
- -w
- Creates an account for a Samba machine (Workstation), so that it can
- join a sambaDomainName.
- -i
- Creates an interdomain trust account (machine Workstation). A pass
- word will be asked for the trust account.
- -c "comment"
- The new user's comment field (gecos). This option is for gecos only!
- To set as user's full name use the -N and -S options.
- -d home_dir
- The new user will be created using home_dir as the value for the
- user's login directory. The default is to append the login name
to userHomePrefix (defined in the configuration file) and use that
as the login directory name. - -g initial_group
- The group name or number of the user's initial login group. The
- group name must exist. A group number must refer to an already
existing group. The default group number is defined in the configuration file (defaultUserGid="513"). - -G group,[...]
- A list of supplementary groups which the user is also a member of.
- Each group is separated to the next by a comma, with no intervening
whitespace. The groups are subject to the same restrictions as
the group given with the -g option. The default is for the user to
belong only to the initial group. - -m
- The user's home directory will be created if it does not exist. The
- files contained in skeletonDir will be copied to the home directory if
the -k option is used, otherwise the files contained in /etc/skel
will be used instead. Any directories contained in skeletonDir or
/etc/skel will be created in the user's home directory as well. The -k option is only valid in conjunction with the -m option. The
default is to not create the directory and to not copy any files. - -s shell
- The name of the user's login shell. The default is to leave
- this field blank, which causes the system to select the default login shell.
- -t time
- Wait <time> seconds before exiting script when adding computer's
- account. This is useful when Master/PDC and Slaves/BDCs are connected
through the internet (replication is not real time) - -u uid
- The numerical value of the user's ID. This value must be
- unique, unless the -o option is used. The value must be nonnegative. The default is to use the smallest ID value greater than 1000 and greater than every other user.
- -P
- ends by invoking smbldap-passwd
- -A
- can change password ? 0 if no, 1 if yes
- -B
- must change password ? 0 if no, 1 if yes
- -C sambaHomePath
- SMB home share, like '\\\\PDC-SRV\\homes'
- -D sambaHomeDrive
- letter associated with home share, like 'H:'
- -E sambaLogonScript
- relative to the [netlogon] share (DOS script to execute on login,
- like 'foo.bat'
- -F sambaProfilePath
- profile directory, like '\\\\PDC-SRV\\profiles\\foo'
- -H sambaAcctFlags
- spaces and trailing bracket are ignored (samba account control bits
- like '[NDHTUMWSLKI]'
- -M mail
- local mail aliases (multiple addresses are seperated by spaces)
- -N givenname
- family name. Defaults to username
- -S surname
- defaults to username
- -T mailToAddress
- Forward address (multiple addresses are seperated by spaces)
- -n
- do not print banner message