Create new user

From DISI
Jump to navigation Jump to search

Identify a UID

Check if a uid that is not taken by any other users. Start from 150** 

On CentOS 6
$ getent passwd | grep 150**
On CentOS 7
$ id 150**

Create users and superuser on the LDAP GUI:

Make sure you turn on Switchy Omega 

https://ds.ucsf.bkslab.org/ldapadmin/cmd.php

If you are seeing this error message 

You cannot visit ds.ucsf.bkslab.org right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later.

You will need to delete 'bkslab.org' domain from your 'Domain security policies' in Chrome 

chrome://net-internals/#hsts

To create a visitor:

Click OU=Visitors
Click Create new entry here
Select Generic: User Account
Fill in appropriate sections
-home dir should be /nfs/home/<username>
-password should be encrypted with sha512
-group should be visitors
Keep the uid LDAP suggested and edit in the one you picked later.

Create User's Home Directory

Log in as root on mem 

$ sh /nfs/home/[create-visitor.sh/create-member.sh] <user_name>

Generate ssh for login

Create ssh key

In the user's home directory's personal computer: 

$ ssh keygen

Add user's public key to Portal

$ ssh s_khtang@portal.ucsf.bkslab.org
$ sudo -i
$ cd /opt/keys/user
$ vim <username>
Copy the .rsa_key.pub content into the file

Add user into Portal

On LDAP Admin 

Choose  dc=bkslab,dc=org (17) > Group > Portal
Enter <username> in Add Value

Add s_ user in alpha

Since Alpha was created before ldap admin system, new user must be created individually on this machine.

Add the s_ user in 

vim /etc/passwd 
vim /etc/group

Change password 

passwd s_<user>
Retrieved from "http://wiki.docking.org/index.php?title=Create_new_user&oldid=16835"