Step 2. Create Users / Groups via the CLI
Prerequisite: In order to use the “ipa” command, you must be authenticated by an IPA admin user.
You can achieve this using the “kinit” command
e.g:
[root@ds01 ~]# kinit admin Password for admin@EXAMPLE.COM: [root@ds01 ~]# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: admin@EXAMPLE.COM Valid starting Expires Service principal 08/28/12 20:41:39 08/29/12 20:41:37 krbtgt/EXAMPLE.COM@EXAMPLE.COM [root@ds01 ~]#
Creating users via the CLI is as follows
[root@ds01 ~]# ipa user-add First name: Dale Last name: Macartney User login [dmacartney]: ----------------------- Added user "dmacartney" ----------------------- User login: dmacartney First name: Dale Last name: Macartney Full name: Dale Macartney Display name: Dale Macartney Initials: DM Home directory: /home/dmacartney GECOS field: Dale Macartney Login shell: /bin/sh Kerberos principal: dmacartney@EXAMPLE.COM UID: 1272000001 GID: 1272000001 Password: False Kerberos keys available: False [root@ds01 ~]#
Now lets set a password for our new user
[root@ds01 ~]# ipa passwd dmacartney New Password: Enter New Password again to verify: --------------------------------------------- Changed password for "dmacartney@EXAMPLE.COM" --------------------------------------------- [root@ds01 ~]#
Your new user will now be able to authenticate and login via your authenticated workstation.
Deleting users is equally as simple.
[root@ds01 ~]# ipa user-del dmacartney ------------------------- Deleted user "dmacartney" ------------------------- [root@ds01 ~]#
Great write-up!
Cool. Great work.