[K12OSN] re: HELP!! creating bulk users (Randall Swift)
Matt Oquist
moquist at majen.net
Fri Aug 24 20:25:32 UTC 2007
I have an alpha version of smblap-configure that helps with webmin
configuration. Webmin has a very decent bulk-user-add interface.
Note: As I said, this is *alpha*. Furthermore, webmin has security
issues and you shouldn't use it in production unless you know what you
are doing and have your webmin system well-protected by a firewall.
With that said, I'm using webmin on several production samba+ldap
severs ATM, so I know that my smbldap-configure package does work,
even if it's unpolished.
This can be used on any distro, but ATM I only have a debian/ubuntu
package. If you grab that package and extract the contents you can use
the scripts the same way, but you'll have to resolve all the
dependencies yourself.
=== HOW TO USE IT ===
1. Add the following line to your /etc/apt/sources.list file:
deb http://majen.net/feisty ./
That repo should actually work for any version of Ubuntu after
Dapper, but I've mostly tested on feisty. YMMV.
2. apt-get update
3. apt-get install smbldap-configure
- Just hit return for all of the questions that dpkg asks you
during installation. All of those settings will be overwritten
later when you run the smbldap script. I need to get rid of these
questions but am not sure yet how to do that properly so this
package can be added to universe.
4. cd /usr/share/smbldap-configure
5. ./smbldap all (just like you used to do)
6. apt-get install webmin
- I've taken the .deb from http://www.webmin.com/ and put it in the
majen.net repository. Note that I had to do this because webmin
is no longer included in the official debian/ubuntu
repositories...that should tell you something about its security
implications. Take this into consideration, please.
7. ./smbldap webmin (if you want to configure webmin)
Note: If you use the above to configure webmin, make sure you change
the permissions on the webmin config file, since your root password is
stored in there (!!!!!!!!). I TOLD you there were serious security
implications... this is insane, IMO. But for various reasons we're
using it for now anyway...
$ chmod 400 /etc/webmin/ldap-useradmin/config
Also, if you don't need actual users to log into your webmin server
directly (e.g., if you have a samba+ldap+nfs server and separate LTSP
servers that your users actually log into) then I highly recommend
adding an /etc/nologin file to keep everybody but root out:
$ echo Only root has access to this server. Too bad for you. >> /etc/nologin
Of course, if you're using Ubuntu the above may lock you out unless
you've set the root password ('sudo passwd'), but /etc/nologin is
removed when you reboot, so you can get back in that way.
I know it's not kosher, but right now I have root passwords set and
I have /etc/nologin created on webmin servers by startup scripts, just
to keep normal users from having ANY chance to get in and poke around.
Webmin still has issues, though, so be vigilant. (Have I emphasized
this enough?)
--matt
> Date: Thu, 23 Aug 2007 15:20:52 -0400
> From: "Randall Swift" <swift at msad52.org>
> I have a server with ubuntu 6.06 on it. I ran the smbldap-installer
> script and have it set up as my pdc. I created over 800 users useing the
> bulk add scripts that came with the installer. I noticed however that it
> did not create any home directory for these users. If I manually create a
> single user everything is fine home directory is created. I need to have
> home directories for these users. I need this fixed fast as school starts
> next week. Everything worked fine last year when I had it all running on
> fedora. This summer I switched it all over to ubuntu and have had nothing
> but headaches. I need help fast. Thanks for any input.
>
> Randy Swift
> Network Administrator
> Leavitt Area High School
> Turner, Maine 04282
> (207)225-3533
> swift at msad52.k12.me.us
--
Open Source Software Engineering Consultant
http://majen.net/
More information about the K12OSN
mailing list