[Freeipa-users] Ipa add-user non interactively specifying a password.
Janelle
janellenicole80 at gmail.com
Tue Sep 1 20:06:45 UTC 2015
You could use --random instead of --password, which will force a nice 10
char random PW that can be captured and sent to your user.
~J
On 9/1/15 12:54 PM, Chris Mohler wrote:
> Thanks Craig!
> That's quite a handy reply. It's actually a lot nicer than what I was
> planning to do. I appreciate this a lot.
>
> -Chris
>
>
> On 09/01/2015 03:33 PM, Craig White wrote:
>> -----Original Message-----
>> From: freeipa-users-bounces at redhat.com
>> [mailto:freeipa-users-bounces at redhat.com] On Behalf Of Chris Mohler
>> Sent: Tuesday, September 01, 2015 12:17 PM
>> To: freeipa-users at redhat.com
>> Subject: [Freeipa-users] Ipa add-user non interactively specifying a
>> password.
>>
>> Hi List,
>> I'm trying to make a script to add users non interactively with ipa
>> add-user and specify a password of testpw
>>
>> I tried:
>>
>> ipa user-add username --first=firstname --last=lastname
>> --homedir=/home/username --password testpw --gidnumber=0000
>> --noprivate --shell=/bin/bash
>> #ipa: ERROR: command 'user_add' takes at most 1 argument
>>
>> and this:
>>
>> ipa user-add username --first=firstname --last=lastname
>> --homedir=/home/username --password=testpw --gidnumber=0000
>> --noprivate --shell=/bin/bash
>> #ipa: error: --password option does not take a value
>>
>> No Luck.
>>
>> Any suggestions?
>> -----
>> I will take it a lot further - salt to taste (and watch the line
>> wraps)...
>>
>> #!/bin/sh
>> #
>> # Script to automate adding users
>> #
>> # Updated 12/16/2014
>> # Craig White
>> #
>> CMD1='/usr/bin/ipa user-add'
>> CMD2='/usr/bin/ipa group-add-member'
>> TEE='/usr/bin/tee -a'
>> LOG='/tmp/ipa_users_add.txt'
>> MAIL='/bin/mailx'
>> KERB=`klist -s; echo $?`
>>> $LOG
>> [[ -n "$4" ]] || { echo "Usage: ipa_user_add.sh LOGIN FIRST_NAME
>> LAST_NAME EMAIL GROUPS " && echo " REQUIRED ----> ^
>> ^ ^ ^" && echo "You can have many groups separated
>> with just a space"; exit 0 ; }
>> [[ $KERB == "0" ]] || { echo "Your kerberos ticket has expired -
>> Please create a valid kerberos ticket by typing 'kinit'"; exit 0 ; }
>> if [ -z "$EMAIL" ]; then
>> echo "You need to add EMAIL to your environment variables - type
>> 'export EMAIL=YOUR_EMAIL_ADDRESS' before running this command or
>> better yet, add it to your .bash_profile"
>> exit 0
>> fi
>>
>> $CMD1 $1 --first=$2 --last=$3 --random --email=$4 | $TEE $LOG
>> echo "---- ----- ----- ----- -----" | $TEE $LOG
>> echo "You must login and change your password" | $TEE $LOG
>> echo "SSH to some server you have access to" | $TEE $LOG
>> echo "or" | $TEE $LOG
>> echo "https://_IPA_SERVER_1_/ipa/ui OR
>> https://_IPA_SERVER_2_/ipa/ui" | $TEE $LOG
>> echo " - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>> - - - - - - - - - - - - - - - - - - -" | $TEE $LOG
>> $CMD2 ipausers --users=$1 | $TEE $LOG
>> if [ -n "$5" ]; then
>> $CMD2 $5 --users=$1 | $TEE $LOG
>> fi
>> if [ -n "$6" ]; then
>> $CMD2 $6 --users=$1 | $TEE $LOG
>> fi
>> if [ -n "$7" ]; then
>> $CMD2 $7 --users=$1 | $TEE $LOG
>> fi
>> if [ -n "$8" ]; then
>> $CMD2 $8 --users=$1 | $TEE $LOG
>> fi
>> if [ -n "$9" ]; then
>> $CMD2 $9 --users=$1 | $TEE $LOG
>> fi
>> echo "See attachment for login information" | $MAIL -s 'New Account
>> Information' -r $EMAIL -a $LOG $4
>> /bin/rm -f $LOG
>
More information about the Freeipa-users
mailing list