Linux User Management
| Home > Administration > IT Operations Management > ITOM Package Library > Linux User Management | Index |
Introduction |
|
Target Environment Requirements
Credentials
Except for the Is Package Installed operation, Accounts used when executing jobs against operations contained within this package must adhere to the following requirements:
- The target machine must have a local admin user that will be used for running the operations;
- SSH Remote Login must be enabled for the user above user
- Configuration for the user must be added to the sudoers file on the target machine, to allow the above user to sudo without a password (example: __someadminuser ALL = (ALL) NOPASSWD:ALL__).
KeySafe Configuration
When creating SIS jobs for operations contained within this package, they need to be run on the target machine as a user who has the correct privileges on the target.
To configure your Target Machine account authentication in KeySafe:
- In the Admin console, navigate to: System > Security > KeySafe;
- Click on + then select
Username + Password; - Give the KeySafe Key a Title (this is the name/identifier for the target machine account as you will see it when creating an IT Automation Job, or adding an IT Automation node to a Business Process or Runbook);
- Optionally add a description;
- Populate the Username field with the domain/local account username for the account being used on the target machine;
- Populate the Password field with the password for the above account;
- Select Create Key to save.
Once you have created your KeySafe Key, you can then use it when creating IT Automation Jobs from this package. See screenshots to the right for examples.
Package Operations
The Linux User Management package contains the following operations, than can be used to create ITOM Jobs directly, or included in your Business Processes and/or IT Operations Management Runbooks.
Create User
Creates a Linux user account
Generic executes on ubuntu centos debian
Oracle SunOS fails if attempt to set password this needs to be done in a separate operation
Input Parameters
usernameMANDATORY -password-comment-createHomeDirectoryMANDATORY -loginShell-expiryDate-primaryGroup-SupplementaryGroups-homeDirectoryLocation-Cipher-
Output Parameters
UsernameUserIdCommentHomeDirectoryGroupsoutcomeMANDATORY The outcome of the operation (OK/FAIL)errorsAny errors returned by the operation
Delete User
Delate a Linux user
Solaris does not support the -r or -f
Input Parameters
username- UsernameRemoveFilesMANDATORY - Force the removal of filesRemoveHomeMANDATORY - Remove home directory and mail spool
Output Parameters
outcomeMANDATORY The outcome of the operation (OK/FAIL)errorsAny errors returned by the operation
User Details
Retrieve user details
Input Parameters
usernameMANDATORY -
Output Parameters
UserNameUserIdGroupIdCommentHomeDirectoryShellSupplementaryGroupsoutcomeMANDATORY The outcome of the operation (OK/FAIL)errorsAny errors returned by the operation
Lock User
Not supported on Solaris
Input Parameters
usernameMANDATORY -
Output Parameters
No output parameters
Unlock User
Not supported on Solaris
Input Parameters
username-
Output Parameters
outcomeMANDATORY The outcome of the operation (OK/FAIL)errorsAny errors returned by the operation
Modify User
Input Parameters
MoveDirMANDATORY - Move the contents of the home directory to the new location: HomeDirectoryHomeDirectory- Absolute Path to new Home DirectoryPassword- Users new passwordComment- GCEOS fieldLoginShell- Specifies the users login shellGroupName- New Primary Group nameSuppGroupNames- Comma Separated list of group namesAccountExpiry- Expiry date format = yyyy-mm-ddExpiryDays- Number of days after password expiry until the account is disabled.NewLoginName- Sets a new user name for the accountUserId- Sets new User ID for the user accountusernameMANDATORY - User login nameCipher-
Output Parameters
UsernameUserIdCommentHomeDirectoryGroupsoutcomeMANDATORY The outcome of the operation (OK/FAIL)errorsAny errors returned by the operation