Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
PTS_CREATEUSER(1)	     AFS Command Reference	     PTS_CREATEUSER(1)

NAME
       pts_createuser -	Creates	a user or machine entry	in the Protection
       Database

SYNOPSIS
       pts createuser -name <user name>+ [-id <user id>+]
	   [-cell <cell	name>] [-noauth] [-localauth] [-force]
	   [-help]

       pts createu -na <user name>+ [-i	<user id>+]
	   [-c <cell name>] [-no] [-l] [-f] [-h]

       pts cu -na <user	name>+ [-i <user id>+]
	   [-c <cell name>] [-no] [-l] [-f] [-h]

DESCRIPTION
       The pts createuser command creates an entry in the Protection Database
       for each	user or	machine	specified by the -name argument. A user	entry
       name becomes the	user's AFS username (the one to	provide	when
       authenticating with the AFS Authentication Server).  A machine entry's
       name is the machine's IP	address	or a wildcard notation that represents
       a range of consecutive IP addresses (a group of machines	on the same
       network). It is not possible to authenticate as a machine, but a	group
       to which	a machine entry	belongs	can appear on a	directory's access
       control list (ACL), thereby granting the	indicated permissions to any
       user logged on to the machine.

       AFS user	IDs (AFS UIDs) are positive integers and by default the
       Protection Server assigns an AFS	UID that is one	greater	than the
       current value of	the "max user id" counter in the Protection Database,
       incrementing the	counter	by one for each	user. To assign	a specific AFS
       UID, use	the -id	argument. If any of the	specified AFS UIDs is greater
       than the	current	value of the "max user id" counter, the	counter	is
       reset to	that value. It is acceptable to	specify	an AFS UID smaller
       than the	current	value of the counter, but the creation operation fails
       if an existing user or machine entry already has	it. To display or set
       the value of the	"max user id" counter, use the pts listmax or pts
       setmax command, respectively.

       The issuer of the pts createuser	command	is recorded as the entry's
       creator and the group system:administrators as its owner.

CAUTIONS
       The Protection Server reserves AFS UID 0	(zero) and returns an error if
       the -id argument	has that value.

OPTIONS
       -name <user name>+
	   Specifies either a username for a user entry, or an IP address
	   (complete or	wildcarded) for	a machine entry:

	   o   A username can include up to 63 numbers and lowercase letters,
	       but it is best to make it shorter than eight characters,
	       because many application	programs cannot	handle longer names.
	       Also, it	is best	not to include shell metacharacters or other
	       punctuation marks. In particular, the colon (":") and at-sign
	       ("@") characters	are not	acceptable. The	period is generally
	       used only in special administrative names, to separate the
	       username	and an instance, as in the example "pat.admin".

	   o   A machine identifier is its IP address in dotted	decimal
	       notation	(for example, 192.12.108.240), or a wildcard notation
	       that represents a set of	IP addresses (a	group of machines on
	       the same	network). The following	are acceptable wildcard
	       formats.	The letters "W", "X", "Y" and "Z" each represent an
	       actual number from the range 1 through 255.

	       o   W.X.Y.Z represents a	single machine,	for example
		   192.12.108.240.

	       o   W.X.Y.0 matches all machines	whose IP addresses start with
		   the first three numbers. For	example, 192.12.108.0 matches
		   both	192.12.108.119 and 192.12.108.120, but does not	match
		   192.12.105.144.

	       o   W.X.0.0 matches all machines	whose IP addresses start with
		   the first two numbers. For example, the address 192.12.0.0
		   matches both	192.12.106.23 and 192.12.108.120, but does not
		   match 192.5.30.95.

	       o   W.0.0.0 matches all machines	whose IP addresses start with
		   the first number in the specified address. For example, the
		   address 192.0.0.0 matches both 192.5.30.95 and
		   192.12.108.120, but does not	match 138.255.63.52.

	       Do not define a machine entry with the name 0.0.0.0 to match
	       every machine. The system:anyuser group is equivalent.

       -id <user id>+
	   Specifies an	AFS UID	for each user or machine entry,	rather than
	   allowing the	Protection Server to assign it.	Provide	a positive
	   integer.

	   If this argument is used and	the -name argument names multiple new
	   entries, it is best to provide an equivalent	number of AFS UIDs.
	   The first UID is assigned to	the first entry, the second to the
	   second entry, and so	on. If there are fewer UIDs than entries, the
	   Protection Server assigns UIDs to the unmatched entries based on
	   the "max user id" counter. If there are more	UIDs than entries, the
	   excess UIDs are ignored. If any of the UIDs is greater than the
	   current value of the	"max user id" counter, the counter is reset to
	   that	value.

       -cell <cell name>
	   Names the cell in which to run the command. For more	details, see
	   pts(1).

       -force
	   Enables the command to continue executing as	far as possible	when
	   errors or other problems occur, rather than halting execution at
	   the first error.

       -help
	   Prints the online help for this command. All	other valid options
	   are ignored.

       -localauth
	   Constructs a	server ticket using a key from the local
	   /usr/local/etc/openafs/server/KeyFile file. Do not combine this
	   flag	with the -cell or -noauth options. For more details, see
	   pts(1).

       -noauth
	   Assigns the unprivileged identity anonymous to the issuer. For more
	   details, see	pts(1).

OUTPUT
       The command generates the following string to confirm creation of each
       user:

	  User <name> has id <id>

EXAMPLES
       The following example creates a Protection Database entry for the user
       "johnson".

	  % pts	createuser -name johnson

       The following example creates three wildcarded machine entries in the
       ABC Corporation cell. The three entries encompass all of	the machines
       on the company's	networks without including machines on other networks:

	  % pts	createuser -name 138.255.0.0 192.12.105.0 192.12.106.0

PRIVILEGE REQUIRED
       The issuer must belong to the system:administrators group.

SEE ALSO
       pts(1), pts_listmax(1), pts_setmax(1)

COPYRIGHT
       IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

       This documentation is covered by	the IBM	Public License Version 1.0.
       It was converted	from HTML to POD by software written by	Chas Williams
       and Russ	Allbery, based on work by Alf Wachsmann	and Elizabeth Cassell.

OpenAFS				  2016-12-15		     PTS_CREATEUSER(1)

NAME | SYNOPSIS | DESCRIPTION | CAUTIONS | OPTIONS | OUTPUT | EXAMPLES | PRIVILEGE REQUIRED | SEE ALSO | COPYRIGHT

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=pts_createuser&sektion=1&manpath=FreeBSD+12.0-RELEASE+and+Ports>

home | help