In that wrapper script, you could also generate a changeme type password but also append some unique character to each one such as first and last letter in the user login or append the UID to the password. However you approach it, you can still use the convention of creating multiple cookie-cutter passwords, but also give them "some" uniqueness to "lessen" account compromise. Also, you may want to automatically lock any account that is not used in some fixed amount of days such as 30/45/60 so something like that. Paul M. Whitney Sr. Systems Engineer Worldwide Information Network Systems (WINS) Office: 301.306.6115 Mobile: 410.493.9448 Email: whitneyp@xxxxxxxxxxxxxxxx Email2: paul.whitney@xxxxxxx Pager: 1051178@xxxxxxxxxx -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Steve Phillips Sent: Sunday, April 06, 2008 11:14 AM To: General Red Hat Linux discussion list Subject: Re: shell script Cameron Simpson wrote: > On 05Apr2008 09:46, mark <m.roth2006@xxxxxxx> wrote: > | Anil Saini wrote: > | > i need a shell script that can create multiple users.... > | > i have already done it with newuser command..and worked fine > | > is thr any other way to create multiple user accouts and at the same it will > | > generate some random password... > | > | Generate a random password? And how will you know what it is to tell the user? > > By recording it in a file and printing them on little slips of paper, then > erasing the file? Hand the printouts to each user when they show up? > Force them to change them. > > | And how many users are you adding at once? I've never added more than one or > | two at a time, and my standard new user is set up with a password that is > | *required* to be changed at first login... and I give them all the same: > | changeme. <g> > > This is a better approach indeed. Actually, its a pretty bad approach. If you setup 1000 users with this, and I want to steal some accounts, all I need to do is login to my account, cat /etc/passwd then login to some of the other accounts that have yet to be 'activated' and change the passwords myself. Sure, eventually some users will try to login and then complain they can't and the password will be reset - but that creates trouble for the admins and overhead that was not necessary. And there will usually be at least one or two accounts that are never used, or the student never complains about. > I used to make accounts without passwords (not blank, disabled) and get > the users to enter a password when they show up the first day. > > However, this kind of thing doesn't work at places like universities > where 1000 new people show up at session start; then you do need to > give them all passwords. You could probably write a wrapper script or a script to generate /etc/shadow and /etc/passwd entries and depending on how you wanted your users grouped, /etc/group entries as well and then create thir home directory, chown it to the newly created user and copy the contents of /etc/skel to the new home directory, chowning it in the process. I did something similar when I had to create a few thousand new users based on a student database dump. (csv input) -- Steve. -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list