====== Create Delete And Modify Local User Accounts ======

**General Information**

Expect to create some local user accounts and add them to groups on the exam.

----

===== User IDs and Files =====

User IDs
  * 0 = root
  * 1-200 = Red Hat assigned system users
  * 201-999 = Other system users
  * 1000+ = Regular users

User files
  * /etc/passwd - user account details
  * /etc/shadow - user account's hashed password and password age/expiry details

Useradd default settings:
  * /etc/default/useradd

Login default settings
  * /etc/login.defs

----

===== Adding Users =====

Add user with default settings
<code bash>
useradd rjones
</code>
  * Users belong to 1 primary group.
  * Users may belong to many other supplementary groups.

\\
Adding a user with a specific UID
<code bash>
useradd -u 5000 rjones
</code>
  * Creates a user "rjones" with a UID of "5000"

----

===== Modifying Users =====

User comment, usually for a full name (also known as the GECOS field)
<code bash>
usermod -c "Robert Jones" rjones
</code>

\\
Lock user account password (user cannot login with password)
<code bash>
usermod -L rjones
</code>
  * Note: This only locks the password from being used. It will not stop passwordless authentication such as public/private keys.
  * Use "usermod -e 1 rjones" to immediately disable the account. (-e = expire date; the date the account will be disabled)

\\
Unlock user account
<code bash>
usermod -U rjones
</code>

\\
Stop user from logging into a shell
<code bash>
usermod -s /sbin/nologin rjones
</code>

\\
Delete user account
<code bash>
userdel rjones
</code>
  * user cannot be logged in
  * -r => remove user's home directory and all files in it

----