#!/usr/bin/sh # # Remote cross-platform user add script, # passwd/LDAP/NIS and Solaris/HP-UX/Linux/AIX compliant # # Completed: # - creating multiple/single server # - adding multiple/single user # # Problems: # - remote reading of /etc/shadow # (Possible solution, not use shadow, but use passwd) # # Todo: # - loop for multi-userid and multi-user real name # - change access rights # - temporary root rights # - delete user # - profiles developper/admin/user # - adding multiple/single userID # ###### # Define variable options DATE=`date +'%d-%m-%Y %H:%M'` ###### # Use syslog for logging? SYSLOG=0 ###### # Define logfile LOGFILE="/home/arcangel/Scripts/work/ruseradd.log" ################################################################################ # DO NOT CHANGE ANYTHING BELOW # ################################################################################ ###### # ruseradd version VERSION="0.5" LOGPREFIX="ruseradd" WHOAMI=`who am i | awk '{print $1}'` ###### # Log debug to standart error debug() { if [ "$RUSERDEBUG" -eq 1 ]; then echo "debug: [$DATE] $1" >&2 fi } ###### # Log all output to logfile log() { if [ "$SYSLOG" -eq 1 ]; then logger -p info "$LOGPREFIX : [$DATE] $1" else echo "[$DATE] $1" >> $LOGFILE fi } ###### # Define usage usage() { debug "Printing help and exitting" cat< = specify server name or file with list of servers -n = Specify user name of file with list of users -u UID = Specify UID (Only for single user) -p PASSWORD = Specify a password the user(s) EOF } if [ "$1" = "" ] then debug "No option given, printing help and exitting." usage exit 1 fi ###### # GETOPTS FLAGS GETOPTS="s:dn:vu:p:h" ###### # Look for command line options while getopts $GETOPTS opt; do case "$opt" in s) SERV=$OPTARG debug "Setting server name(s)" ;; d) RUSERDEBUG=1 debug "Turning debug mode on" ;; n) USR=$OPTARG debug "Setting user name(s)" ;; u) USRID=$OPTARG debug "Setting user ID" ;; v) echo "Remote useradd $VERSION, written by tako.vangaalen@eds.com" exit 1 ;; h) debug "Printing help and exitting" usage exit 1 ;; p) debug "Setting and encrypting password" PASSWORD=`openssl passwd $OPTARG` ;; \?) usage exit 1 ;; esac done ###### # Test if command line option is name or file debug "Checking if -s is server name or file" if [ -f $SERV ] then SERVER=`cat $SERV` else SERVER=$SERV fi debug "Checking if -n is user name or file" if [ -f $USR ] then USERNAME=`cat $USR` else USERNAME=$USR fi ###### # User management functions ###### # LDAP ###### # NIS ###### # System - Solaris user_create_solaris() { # Checking for defined UID or set next available NEXTUID=`awk -F: '{print $3+1}' /etc/passwd | sort -n | tail -1` debug "Checking for UID - USRID = $USRID" USERID=`if [ -f "$USR" -o "$USRID" = "" ]; then echo "-u $NEXTUID"; else echo "-u $USRID"; fi` ADDSUCCESS=0 debug "Create user Solaris" # Adding users # START SSH ssh -2 -t $s " ###### # Log debug to standart error debug() { if [ "$RUSERDEBUG" -eq 1 ]; then echo "debug: [$DATE] \$1" >&2 fi } if [ \`id $n | grep $n | wc -l\` = \"1\" ] then echo \"$LOGPREFIX : User already excists\" echo 0 > /var/tmp/ruseradd.env else debug \"Adding user(s) on $s\" echo useradd $USERID $n echo 1 > /var/tmp/ruseradd.env fi " # END SSH ADDSUCCESS=`ssh $s "cat /var/tmp/ruseradd.env; rm /var/tmp/ruseradd.env"` if [ "$ADDSUCCESS" = "1" ] then log "$WHOAMI added $n to $s" else log "$WHOAMI failed to add $n on $s" fi if [ "$RUSERDEBUG" = "1" ]; then sleep 2; fi } ###### # Actual user add loop debug "Entering server list loop" for s in $SERVER do # Check for LDAP if [ `ssh $s "ps -ef | grep ldap | grep -v grep | wc -l"` != "0" ]; then echo "$LOGPREFIX : Server in LDAP."; LDAP=1 ;else LDAP=0 ;if [ "$RUSERDEBUG" = "1" ]; then sleep 2; fi; fi debug "Checked for LDAP - LDAP = $LDAP" # Check for NIS if [ `ssh $s "ps -ef | grep ypbind | grep -v grep | wc -l"` != "0" ]; then echo "$LOGPREFIX : Server in NIS."; NIS=1; else NIS=0 ; if [ "$RUSERDEBUG" = "1" ]; then sleep 2; fi; fi debug "Checked for NIS - NIS = $NIS" # Check OS OS=`ssh $s uname -s` # If no LDAP or NIS add user. if [ "$LDAP" != "0" -o "$NIS" != "0" ] then wait else debug "Entering username loop" for n in $USERNAME do debug "Checking OS" case $OS in SunOS) user_create_solaris ;; *) echo "$LOGPREFIX : NOT SUN !!" exit 1 ;; esac done fi done