Hi folks,
As Adam Megacz posted previously, he has created a valuable
add/destroy user script for the new setup in
/afs/hcoop/common/etc/scripts/{create,destroy}-user
I was planning that we use an enhanced version of the adduser script
which would natively understand all the extensions, i.e. ldap,
kerberos and openafs.
However, since I'm under a heavy time constraint (hcoop- and not
hcop-related), I've decided to just improve Adam's scripts.
So I've
- added uid option to create-user
- added ldap entries for user, user.cgi and user.mailfilter
- added -policy option to kerberos invocations
- added -p root/admin option to kadmin.local invocations as,
when it's unspecified, defaults to whatever is the first principal in
ticket cache, which ends up being www-data/apache or something like
that..
(kadmin still works, but it's not nice).
- updated destroy-user in the same fashion
To create user, invoke
sh create-user <NAME> <ID>
Every user will use up three IDs (user, user.cgi and user.mailfilter).
I suggest that we create users in steps of 10.. Like, one user with
say, 10150, then another with 10160. This leaves enough space between
them for two more special IDs (like .cgi and .mailfilter), and
if we run out of uids, we can start using the ones at 5.. (10155, 10165,
etc..).
Excuse my writing style, my net link is too poor for anything better.
-doc
_______________________________________________
HCoop-SysAdmin mailing list
[email protected]
http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
