[Freeipa-users] Ipa add-user non interactively specifying a password.

Chris Mohler cmohler at oberlin.edu
Tue Sep 1 20:07:38 UTC 2015 

Thanks Alexander,

I tried the help but there were only two choices. Specify a password 
interactively --password, or randomly generate one with --random. I 
agree with you the errors in the output are expected I was just hoping 
for some undocumented magic.

Piping the output from cat into the password prompt is a great idea and 
does fix the issue I was having. It's not really intuitive but still 
makes me wonder why I didn't think of that.

Anyhow I changed it up a bit with
echo testpw | ipa user-add username --first=firstname --last=lastname 
--password --gidnumber=0000 --noprivate --shell=/bin/bash

And it totally works.

Thank you again.

-Chris



On 09/01/2015 03:39 PM, Alexander Bokovoy wrote:
> On Tue, 01 Sep 2015, Chris Mohler wrote:
>> Hi List,
>> I'm trying to make a script to add users non interactively with ipa 
>> add-user and specify a password of testpw
>>
>> I tried:
>>
>> ipa user-add username --first=firstname --last=lastname 
>> --homedir=/home/username --password testpw --gidnumber=0000 
>> --noprivate --shell=/bin/bash
>> #ipa: ERROR: command 'user_add' takes at most 1 argument
>>
>> and this:
>>
>> ipa user-add username --first=firstname --last=lastname 
>> --homedir=/home/username --password=testpw --gidnumber=0000 
>> --noprivate --shell=/bin/bash
>> #ipa: error: --password option does not take a value
>>
>> No Luck.
>>
>> Any suggestions?
> Read the help :)
> $ ipa help user-add|grep --  --password
>  --password            Prompt to set the user password
>
> E.g. --password option does not take *any* parameter, it *prompts* to
> enter the password and expects standard input to provide the password.
> In the first example you added a parameter after --password and since
> --password does not consume anything, it was considered as another
> argument but 'ipa user-add' indeed takes a single argument, thus an
> error.
>
> In the second example you are explicitly forcing --password to take some
> parameter and is told that it does not accept anything, just like help
> is saying.
>
> What you want can be achieved like this:
>
> $ cat /my/password/file | ipa user-add username --first=firstname 
> --last=lastname --password
>

More information about the Freeipa-users mailing list