[Freeipa-users] Ipa add-user non interactively specifying a password.

Craig White CWhite at skytouchtechnology.com
Tue Sep 1 19:33:51 UTC 2015 

-----Original Message-----
From: freeipa-users-bounces at redhat.com [mailto:freeipa-users-bounces at redhat.com] On Behalf Of Chris Mohler
Sent: Tuesday, September 01, 2015 12:17 PM
To: freeipa-users at redhat.com
Subject: [Freeipa-users] Ipa add-user non interactively specifying a password.

Hi List,
I'm trying to make a script to add users non interactively with ipa add-user and specify a password of testpw

I tried:

ipa user-add username --first=firstname --last=lastname --homedir=/home/username --password testpw --gidnumber=0000 --noprivate --shell=/bin/bash
#ipa: ERROR: command 'user_add' takes at most 1 argument

and this:

ipa user-add username --first=firstname --last=lastname --homedir=/home/username --password=testpw --gidnumber=0000 --noprivate --shell=/bin/bash
#ipa: error: --password option does not take a value

No Luck.

Any suggestions?
-----
I will take it a lot further - salt to taste (and watch the line wraps)...

#!/bin/sh
#
# Script to automate adding users
#
# Updated 12/16/2014
# Craig White
#
CMD1='/usr/bin/ipa user-add'
CMD2='/usr/bin/ipa group-add-member'
TEE='/usr/bin/tee -a'
LOG='/tmp/ipa_users_add.txt'
MAIL='/bin/mailx'
KERB=`klist -s; echo $?`
> $LOG
[[ -n "$4" ]] || { echo "Usage: ipa_user_add.sh LOGIN FIRST_NAME LAST_NAME EMAIL GROUPS " && echo "       REQUIRED ---->     ^       ^          ^       ^" && echo "You can have many groups separated with just a space"; exit 0 ; }
[[ $KERB == "0" ]] || { echo "Your kerberos ticket has expired - Please create a valid kerberos ticket by typing 'kinit'"; exit 0 ; }
if [ -z "$EMAIL" ]; then
  echo "You need to add EMAIL to your environment variables - type 'export EMAIL=YOUR_EMAIL_ADDRESS' before running this command or better yet, add it to your .bash_profile"
  exit 0
fi

$CMD1 $1 --first=$2 --last=$3 --random --email=$4 | $TEE $LOG
echo "---- ----- ----- ----- -----" | $TEE $LOG
echo "You must login and change your password" | $TEE $LOG
echo "SSH to some server you have access to" | $TEE $LOG
echo "or" | $TEE $LOG
echo "https://_IPA_SERVER_1_/ipa/ui  OR  https://_IPA_SERVER_2_/ipa/ui" | $TEE $LOG
echo " - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" | $TEE $LOG
$CMD2 ipausers --users=$1 | $TEE $LOG
if [ -n "$5" ]; then
  $CMD2 $5 --users=$1 | $TEE $LOG
fi
if [ -n "$6" ]; then
  $CMD2 $6 --users=$1 | $TEE $LOG
fi
if [ -n "$7" ]; then
  $CMD2 $7 --users=$1 | $TEE $LOG
fi
if [ -n "$8" ]; then
  $CMD2 $8 --users=$1 | $TEE $LOG
fi
if [ -n "$9" ]; then
  $CMD2 $9 --users=$1 | $TEE $LOG
fi
echo "See attachment for login information" | $MAIL -s 'New Account Information' -r $EMAIL -a $LOG $4
/bin/rm -f $LOG

More information about the Freeipa-users mailing list