*** UNIX MANUAL PAGE BROWSER ***

useradd(8) System Manager's Manual useradd(8) NAME useradd - Adds a new user login account SYNOPSIS /usr/sbin/useradd [-u uid [-o]] [-g group] [-G group[,group...]] [-c comment] [-d dir] [-k skel_dir] [-m] [-s shell] [-f inactive] [-e ex- pire] [-t type] [-x extended_option] login /usr/sbin/useradd -D [-g group] [-f inactive] [-e expire] [-b base_dir] [-s shell] [-k skel_dir] [-x extended_option] FLAGS When used without arguments, this flag displays the system default at- tributes for user and group information. If invoked with any combina- tion of the flags, -b, -e, -f, -g, -k, -s, or -x, it sets the default values for those flags. Subsequent invocations of useradd without the -D flag uses these new defaults. For example, the following command sets the default expiry date for any new login that is created subse- quently: useradd -D -e 08/19/97 This flag is a comma separated list of groups that defines the supplementary group membership for a new user. Groups can be specified by the group's name or by its group identification number (GID). An error is displayed for each group that does not ex- ist. Duplicate groups are ignored. Sets the default directory for user login accounts. If -d dir is not specified, the default base_dir is concatenated with the user's login to define the home directory. If the -m flag is not used, base_dir must exist. The -b flag can be used only with the -D flag. Specifies a short description of the login, and is currently used as the field for the user's full name in the user database file. The comment argument can be any text string. If the text string contains spaces, enclose the string in quotes. Specifies the home directory of the new user. If not specified, dir defaults to base_dir/login, where base_dir is the default directory for user login accounts and login is the name of the new login ac- count. This flag is only for use on systems running in enhanced security mode and is useful for creating temporary logins. The value of the expire argument is a date, must be in the format 10/27/97. A blank value ("") defeats the status of the expired date. Use the -D flag to reset the default value of the expiry date. This flag is for use on systems running in enhanced secu- rity mode only. This is the maximum number of days allowed be- tween usage of a login ID before that login ID is declared in- valid. The value must be specified as a non-negative integer. A value of -1, which is the default value, defeats the status. You can reset the default value of -1 by invoking the following command: useradd -D -f inactive When used with the -D flag, the -g flag defines the system default for a new group. The group argument can be specified as an existing group's identification number (GID) or character-string name. When used without the -D flag, it specifies the primary group for the new user login account. When used without the -D flag, the -k flag specifies the directory that contains skeleton in- formation (such as startup files) that can be copied into a new user's home directory. This directory must exist. The system provides a "skel" directory, /usr/skel that can be used for this purpose. When used with the -D flag, it defines the system default. Cre- ates the new user's home directory if it doesn't already exist. If the directory already exists, it must have read, write and execute permissions by group, where group is the user's primary group. Allows a user identification (UID) number to be dupli- cated (non-unique). This flag can be used only with the -u flag. When used without the -D flag, it specifies the full pathname of the program used as the user's login shell. If both the -D and -s flags are not specified, the user's login shell defaults to /bin/sh. The shell argument must be a valid exe- cutable file. When used with the -D flag, it defines the system default. Adds a local plus (+) or local minus (-) NIS user from the user data- base. The value of the type parameter can be + or -. Specifies the user identification number (UID) of the new user. The uid must be specified as a non-negative decimal integer. The following extended_option attributes are available. If you use more than one extended_option attribute on the command line, you must precede each attribute with the -x flag or enclose the desired attributes in quotes. Indicates whether or not the ac- count is distributed. The value of the distributed=n attribute can be 0 or 1. If set to 0, the account is added to the local system. If set to 1, the account is added to the NIS master database on the running system. Indicates whether or not the account is local. The value of the local=n attribute can be 0 or 1. If set to 1, the account is added to the local database. If set to 0, the account information is added to the NIS master database. Indicates whether or not the account is locked by the system administrator. The value of the administrative_lock_ap- plied=n attribute can be 0 or 1. If set to 0, the account is not locked. If set to 1, the account is explicitly locked by the system administrator. Indicates the database search order. The value of the local_first=n attribute can be 0 or 1. If set to 0 and a cell database (NIS) ex- ists, that database is searched first. If set to 1, the local data- base is searched first. Indicates the home directory of the new user. This directory overrides the home directory in the NIS data- base. Indicates the default login shell of the new user. This di- rectory overrides the default login shell in the NIS database. The following extended_option attributes are available only on sys- tems running in enhanced security mode. If you use more than one ex- tended_option attribute on the command line, you must precede each attribute with the -x flag or enclose the desired attributes in quotes. Specifies the time, in days, between the last password change and the password expiration. (A new password must be chosen.) The value of n must be an integer. If the value of the passwd_expi- ration_time attribute is set to 0, there is no password expiration time. Specifies the time, in days, between the last password change and the expiration of the account. The value of n must be an integer. If the passwd_lifetime attribute is set to 0, the password lifetime is infinite. Specifies the time, in days, which must pass before a user can change the user account password. The value of n must be an in- teger. The passwd_min_change_time=0 argument means there is no mini- mum time to change the user account password. Specifies the new lo- gin name of the user. It can be a string of any printable charac- ters, except a colon (:) or newline (\n) character. DESCRIPTION The useradd command adds and administers user accounts on the system. Invoking useradd without the -D flag adds a new user entry to the user database. It also creates supplementary group memberships for the user (with the -G flag) and creates the home directory for the user, if re- quested with the -m flag. Invoking useradd -D with no additional flags displays the system de- fault values that are used when creating a new login account. The -x flag lets the system administrator specify whether the new user login account is local or distributed over a network. If this flag is not specified on the command line, the system adds the new user login account to the appropriate database as specified by the system de- faults. The default behavior on the system for the useradd command is distrib- uted=0 and local=1. With these values, the system adds the user login account to the local database by default. Setting the distributed= and local= attributes to the same value (for example, distributed=0 and lo- cal=0) produces an error. If the user identification number (UID) is not specified, it defaults to the next available (unique) number. This number is calculated as the next available UID greater than the nextUID and minUID. The user database file entries created with useradd cannot exceed 512 characters per line. Specifying long arguments to several options may exceed this limit. You must have superuser privilege to execute this command. EXAMPLES The following example adds the user, newuser, to the user database: useradd newuser The following example adds the user, newuser, to the user database with user id of 451: % useradd -u 451 newuser The following example adds the user, newuser, using the next available user id with csh as the login shell, and creates the home directory: % useradd -m -s /bin/csh newuser The following example adds the local user, xyz, that overrides the de- fault home directory in the NIS master database: % useradd -t + -d /users/xyz xyz The following example changes the default base directory to /user/users1 for all new users: % useradd -D -b /user/users1 The following example adds the new user, xyz, to the NIS master data- base: % useradd -x distributed=1 xyz EXIT VALUES The useradd command exits with one of the following values: Success In- valid command syntax or insufficient privilege. A usage message for the useradd command or an error message is displayed. An invalid argu- ment was provided to an option. The UID, which is specified with the -u flag, is already in use (not unique). The GID, which is specified with the -g flag, does not exist. The specified login is not unique. Cannot update the group database. The login was added to the user database, but not to the group database. Unable to create the home di- rectory (with the -m flag) or unable to complete the copy of skel_dir to the home directory. FILES The useradd command operates on the appropriate files for the specific level of system security. RELATED INFORMATION Commands: groupadd(8), groupdel(8), groupmod(8), passwd(1), userdel(8), usermod(8) Documents: System Administration, Security delim off useradd(8)