Differences
This shows you the differences between two versions of the page.
linux_wiki:freeipa_user_add [2016/11/26 23:00] billdozor created |
linux_wiki:freeipa_user_add [2019/05/25 23:50] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Freeipa User Add ====== | ||
- | |||
- | **General Information** | ||
- | |||
- | This script adds a new user account to FreeIPA and emails the user a temporary random password. | ||
- | |||
- | **Checklist** | ||
- | * Distro(s): | ||
- | * Other: [[http:// | ||
- | |||
- | ---- | ||
- | |||
- | ====== The Script ====== | ||
- | |||
- | Run this script on your FreeIPA server to add a new user account. | ||
- | <code bash user-add.sh> | ||
- | #!/bin/bash | ||
- | # Name: user-add.sh | ||
- | # Description: | ||
- | # Last Updated: 2016-10-07 | ||
- | # Recent Changes: | ||
- | ############################################################################################### | ||
- | |||
- | ##### Customize These Variables ##### | ||
- | # admin credentials | ||
- | admin_user=" | ||
- | |||
- | # system admins email | ||
- | system_admins_email=" | ||
- | |||
- | # self-service portal URL | ||
- | self_service_portal=" | ||
- | |||
- | # Temp files for output parsing and e-mail message | ||
- | new_user_output="/ | ||
- | new_user_email="/ | ||
- | ##### End of Customize Variables ##### | ||
- | |||
- | # | ||
- | # Functions; Main starts after | ||
- | # | ||
- | function show_usage | ||
- | { | ||
- | echo -e " | ||
- | echo -e " | ||
- | echo -e " | ||
- | echo -e " | ||
- | echo -e " | ||
- | echo -e " | ||
- | echo -e "-u username | ||
- | echo -e " | ||
- | echo -e "-> FreeIPA admin access." | ||
- | echo -e | ||
- | } | ||
- | |||
- | # | ||
- | # Get Script Arguments | ||
- | # | ||
- | # Reset POSIX variable in case it has been used previously in this shell | ||
- | OPTIND=1 | ||
- | |||
- | while getopts " | ||
- | case " | ||
- | h) # -h (help) argument | ||
- | show_usage | ||
- | exit 0 | ||
- | ;; | ||
- | u) # -u (username) argument | ||
- | user_name=" | ||
- | ;; | ||
- | *) # invalid argument | ||
- | show_usage | ||
- | exit 0 | ||
- | ;; | ||
- | esac | ||
- | done | ||
- | |||
- | # | ||
- | # Pre-Checks | ||
- | # | ||
- | |||
- | # See if we have a kerberos ticket, if not, prompt login | ||
- | / | ||
- | if [[ $? -ne 0 ]]; then | ||
- | echo ">> | ||
- | / | ||
- | echo | ||
- | fi | ||
- | |||
- | # | ||
- | # Main Starts Here | ||
- | # | ||
- | |||
- | echo -e " | ||
- | echo -e "#### | ||
- | echo -e " | ||
- | echo | ||
- | echo -e "This script will add a new user to FreeIPA and e-mail notification to them.\n" | ||
- | |||
- | |||
- | #### Gather Information #### | ||
- | |||
- | ## If no argument, prompt for username | ||
- | if [[ -z " | ||
- | echo -en "-> Username: " | ||
- | read user_name | ||
- | else | ||
- | # Otherwise, show user name provided from argument | ||
- | echo -e "-> Username: ${user_name}" | ||
- | fi | ||
- | |||
- | echo -en "-> User ID (auto assigned if not provided): " | ||
- | read user_id | ||
- | |||
- | echo -en "-> First Name: " | ||
- | read user_firstname | ||
- | |||
- | echo -en "-> Last Name: " | ||
- | read user_lastname | ||
- | |||
- | echo -en "-> Job Title: " | ||
- | read user_jobtitle | ||
- | |||
- | echo -en "-> Email Address: " | ||
- | read user_email | ||
- | |||
- | echo -en "-> Phone Number: " | ||
- | read user_phone | ||
- | |||
- | echo -e " | ||
- | echo -e "1) bash (default)" | ||
- | echo -e "2) tcsh" | ||
- | echo -e "3) sh" | ||
- | echo -e "4) csh" | ||
- | echo -en "=> Enter a number [Default: 1]: " | ||
- | read user_shell_menu | ||
- | |||
- | # Set a shell path | ||
- | case ${user_shell_menu} in | ||
- | 1) | ||
- | user_shell="/ | ||
- | ;; | ||
- | 2) | ||
- | user_shell="/ | ||
- | ;; | ||
- | 3) | ||
- | user_shell="/ | ||
- | ;; | ||
- | 4) | ||
- | user_shell="/ | ||
- | ;; | ||
- | *) | ||
- | user_shell="/ | ||
- | ;; | ||
- | esac | ||
- | |||
- | # Review information | ||
- | echo -e " | ||
- | echo -e " | ||
- | |||
- | if [[ -z ${user_id} ]]; then | ||
- | echo -e "User ID: (Will be auto generated)" | ||
- | else | ||
- | echo -e "User ID: ${user_id}" | ||
- | fi | ||
- | |||
- | echo -e "First Name: ${user_firstname}" | ||
- | echo -e "Last Name: ${user_lastname}" | ||
- | echo -e "Job Title: ${user_jobtitle}" | ||
- | echo -e "Email Address: ${user_email}" | ||
- | echo -e "Phone Number: ${user_phone}" | ||
- | echo -e " | ||
- | echo -en " | ||
- | read create_user | ||
- | |||
- | # Exit if not yes (" | ||
- | if [[ ${create_user} != " | ||
- | echo -e " | ||
- | exit 1 | ||
- | fi | ||
- | |||
- | # Create user with the info provided, set a random password | ||
- | if [[ -z ${user_id} ]]; then | ||
- | # User ID not provided, generate one automatically | ||
- | / | ||
- | | ||
- | # If the ipa user-add command had an error, exit. | ||
- | if [[ $? -ne 0 ]]; then | ||
- | echo -e " | ||
- | # Clear contents of tmp password file | ||
- | cat /dev/null > ${new_user_output} | ||
- | exit 1 | ||
- | fi | ||
- | else | ||
- | # User ID provided, use that one | ||
- | / | ||
- | |||
- | # If the ipa user-add command had an error, exit. | ||
- | if [[ $? -ne 0 ]]; then | ||
- | echo -e " | ||
- | # Clear contents of tmp password file | ||
- | cat /dev/null > ${new_user_output} | ||
- | exit 1 | ||
- | fi | ||
- | fi | ||
- | |||
- | ### Email the user the temporary random password ### | ||
- | |||
- | # Get temp random password from user output file | ||
- | user_tmp_password=" | ||
- | |||
- | # Clear contents of tmp password file | ||
- | cat /dev/null > ${new_user_output} | ||
- | |||
- | # Create email message | ||
- | echo -e " | ||
- | echo -e " | ||
- | echo -e " | ||
- | echo -e " | ||
- | |||
- | echo -e " | ||
- | echo -e " | ||
- | |||
- | echo -e " | ||
- | |||
- | echo -e " | ||
- | echo "> | ||
- | echo "> | ||
- | echo " | ||
- | echo " | ||
- | echo " | ||
- | echo " | ||
- | |||
- | echo -e "\nIf you have any questions, please contact your System Administrators." | ||
- | echo -e " | ||
- | echo " | ||
- | |||
- | # E-mail User the random password with login instructions | ||
- | echo -e " | ||
- | / | ||
- | |||
- | # Clear out contents of temporary email file | ||
- | cat /dev/null > ${new_user_email} | ||
- | |||
- | echo -e " | ||
- | echo -e "#### | ||
- | echo -e " | ||
- | </ | ||
- | |||
- | ---- | ||