jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-22 08:50:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1bd76f6fe5
openafs/doc/html/AdminReference/auarf215.htm
Derrick Brashear d7da1acc31 initial-html-documentation-20010606 
pull in all documentation from IBM
2001-06-06 19:09:07 +00:00

184 lines
9.2 KiB
HTML
Raw Blame History

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 4//EN">
<HTML><HEAD>
<TITLE>Administration Reference</TITLE>
<!-- Begin Header Records ========================================== -->
<!-- /tmp/idwt3672/auarf000.scr converted by idb2h R4.2 (359) ID -->
<!-- Workbench Version (AIX) on 3 Oct 2000 at 16:18:30 -->
<META HTTP-EQUIV="updated" CONTENT="Tue, 03 Oct 2000 16:18:29">
<META HTTP-EQUIV="review" CONTENT="Wed, 03 Oct 2001 16:18:29">
<META HTTP-EQUIV="expires" CONTENT="Thu, 03 Oct 2002 16:18:29">
</HEAD><BODY>
<!-- (C) IBM Corporation 2000. All Rights Reserved -->
<BODY bgcolor="ffffff">
<!-- End Header Records ============================================ -->
<A NAME="Top_Of_Page"></A>
<H1>Administration Reference</H1>
<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf214.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Bot_Of_Page"><IMG SRC="../bot.gif" BORDER="0" ALT="[Bottom of Topic]"></A> <A HREF="auarf216.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
<P>
<H2><A NAME="HDRPTS_CREATEUSER" HREF="auarf002.htm#ToC_229">pts createuser</A></H2>
<A NAME="IDX5274"></A>
<A NAME="IDX5275"></A>
<A NAME="IDX5276"></A>
<A NAME="IDX5277"></A>
<A NAME="IDX5278"></A>
<A NAME="IDX5279"></A>
<A NAME="IDX5280"></A>
<A NAME="IDX5281"></A>
<A NAME="IDX5282"></A>
<A NAME="IDX5283"></A>
<A NAME="IDX5284"></A>
<A NAME="IDX5285"></A>
<A NAME="IDX5286"></A>
<A NAME="IDX5287"></A>
<A NAME="IDX5288"></A>
<A NAME="IDX5289"></A>
<A NAME="IDX5290"></A>
<A NAME="IDX5291"></A>
<A NAME="IDX5292"></A>
<P><STRONG>Purpose</STRONG>
<P>Creates a user or machine entry in the Protection Database
<P><STRONG>Synopsis</STRONG>
<PRE><B>pts createuser -name</B> &lt;<VAR>user&nbsp;name</VAR>><SUP>+</SUP> [<B>-id</B> &lt;<VAR>user&nbsp;id</VAR>><SUP>+</SUP>] [<B>-cell</B> &lt;<VAR>cell&nbsp;name</VAR>>]
[<B>-noauth</B>] [<B>-force</B>] [<B>-help</B>]
<B>pts createu -na</B> &lt;<VAR>user&nbsp;name</VAR>><SUP>+</SUP> [<B>-i</B> &lt;<VAR>user&nbsp;id</VAR>><SUP>+</SUP>] [<B>-c</B> &lt;<VAR>cell&nbsp;name</VAR>>]
[<B>-no</B>] [<B>-f</B>] [<B>-h</B>]
<B>pts cu -na</B> &lt;<VAR>user&nbsp;name</VAR>><SUP>+</SUP> [<B>-i</B> &lt;<VAR>user&nbsp;id</VAR>><SUP>+</SUP>] [<B>-c</B> &lt;<VAR>cell&nbsp;name</VAR>>] [<B>-no</B>] [<B>-f</B>] [<B>-h</B>]
</PRE>
<P><STRONG>Description</STRONG>
<P>The <B>pts createuser</B> command creates an entry in the Protection
Database for each user or machine specified by the <B>-name</B>
argument. A user entry name becomes the user's AFS username (the
one to provide when authenticating with the AFS Authentication Server).
A machine entry's name is the machine's IP address or a wildcard
notation that represents a range of consecutive IP addresses (a group of
machines on the same network). It is not possible to authenticate as a
machine, but a group to which a machine entry belongs can appear on a
directory's access control list (ACL), thereby granting the indicated
permissions to any user logged on to the machine.
<P>AFS user IDs (AFS UIDs) are positive integers and by default the Protection
Server assigns an AFS UID that is one greater than the current value of the
<TT>max user id</TT> counter in the Protection Database, incrementing the
counter by one for each user. To assign a specific AFS UID, use the
<B>-id</B> argument. If any of the specified AFS UIDs is greater
than the current value of the <TT>max user id</TT> counter, the counter is
reset to that value. It is acceptable to specify an AFS UID smaller
than the current value of the counter, but the creation operation fails if an
existing user or machine entry already has it. To display or set the
value of the <TT>max user id</TT> counter, use the <B>pts listmax</B> or
<B>pts setmax</B> command, respectively.
<P>The issuer of the <B>pts createuser</B> command is recorded as the
entry's creator and the group <B>system:administrators</B> as
its owner.
<P><STRONG>Cautions</STRONG>
<P>The Protection Server reserves AFS UID 0 (zero) and returns an error if the
<B>-id</B> argument has that value.
<P><STRONG>Options</STRONG>
<DL>
<P><DT><B>-name
</B><DD>Specifies either a username for a user entry, or an IP address (complete
or wildcarded) for a machine entry:
<UL>
<P><LI>A username can include up to 63 numbers and lowercase letters, but it is
best to make it shorter than eight characters, because many application
programs cannot handle longer names. Also, it is best not to include
shell metacharacters or other punctuation marks. In particular, the
colon (<B>:</B>) and at-sign (<B>@</B>) characters are not
acceptable. The period is generally used only in special administrative
names, to separate the username and an <I>instance</I>, as in the example
<B>pat.admin</B>.
<P><LI>A machine identifier is its IP address in dotted decimal notation (for
example, 192.12.108.240), or a wildcard notation that
represents a set of IP addresses (a group of machines on the same
network). The following are acceptable wildcard formats. The
letters <B>W</B>, <B>X</B>, <B>Y</B> and <B>Z</B> each
represent an actual number from the range 1 through 255.
<UL>
<P><LI><B>W.X.Y.Z</B> represents a single machine, for
example <B>192.12.108.240</B>.
<P><LI><B>W.X.Y.0</B> matches all machines whose IP
addresses start with the first three numbers. For example,
<B>192.12.108.0</B> matches both
<B>192.12.108.119</B> and
<B>192.12.108.120</B>, but does not match
<B>192.12.105.144</B>.
<P><LI><B>W.X.0.0</B> matches all machines whose IP
addresses start with the first two numbers. For example, the address
<B>192.12.0.0</B> matches both
<B>192.12.106.23</B> and
<B>192.12.108.120</B>, but does not match
<B>192.5.30.95</B>.
<P><LI><B>W.0.0.0</B> matches all machines whose IP
addresses start with the first number in the specified address. For
example, the address <B>192.0.0.0</B> matches both
<B>192.5.30.95</B> and
<B>192.12.108.120</B>, but does not match
<B>138.255.63.52</B>.
</UL>
<P>Do not define a machine entry with the name
<B>0.0.0.0</B> to match every machine. The
<B>system:anyuser</B> group is equivalent.
</UL>
<P><DT><B>-id
</B><DD>Specifies an AFS UID for each user or machine entry, rather than allowing
the Protection Server to assign it. Provide a positive integer.
<P>If this argument is used and the <B>-name</B> argument names multiple
new entries, it is best to provide an equivalent number of AFS UIDs.
The first UID is assigned to the first entry, the second to the second entry,
and so on. If there are fewer UIDs than entries, the Protection Server
assigns UIDs to the unmatched entries based on the <TT>max user id</TT>
counter. If there are more UIDs than entries, the excess UIDs are
ignored. If any of the UIDs is greater than the current value of the
<TT>max user id</TT> counter, the counter is reset to that value.
<P><DT><B>-cell
</B><DD>Names the cell in which to run the command. For more details, see
the introductory <B>pts</B> reference page.
<P><DT><B>-noauth
</B><DD>Assigns the unprivileged identity <B>anonymous</B> to the
issuer. For more details, see the introductory <B>pts</B> reference
page.
<P><DT><B>-force
</B><DD>Enables the command to continue executing as far as possible when errors
or other problems occur, rather than halting execution at the first
error.
<P><DT><B>-help
</B><DD>Prints the online help for this command. All other valid options
are ignored.
</DL>
<P><STRONG>Output</STRONG>
<P>The command generates the following string to confirm creation of each
user:
<PRE> User <VAR>name</VAR> has id <VAR>id</VAR>
</PRE>
<P><STRONG>Examples</STRONG>
<P>The following example creates a Protection Database entry for the user
<B>johnson</B>.
<PRE> % <B>pts createuser -name johnson</B>
</PRE>
<P>The following example creates three wildcarded machine entries in the ABC
Corporation cell. The three entries encompass all of the machines on
the company's networks without including machines on other
networks:
<PRE> % <B>pts createuser -name 138.255.0.0 192.12.105.0 192.12.106.0</B>
</PRE>
<P><STRONG>Privilege Required</STRONG>
<P>The issuer must belong to the <B>system:administrators</B>
group.
<P><STRONG>Related Information</STRONG>
<P><A HREF="auarf210.htm#HDRPTS_INTRO">pts</A>
<P><A HREF="auarf220.htm#HDRPTS_LISTMAX">pts listmax</A>
<P><A HREF="auarf226.htm#HDRPTS_SETMAX">pts setmax</A>
<P>
<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf214.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Top_Of_Page"><IMG SRC="../top.gif" BORDER="0" ALT="[Top of Topic]"></A> <A HREF="auarf216.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
<!-- Begin Footer Records ========================================== -->
<P><HR><B>
<br>&#169; <A HREF="http://www.ibm.com/">IBM Corporation 2000.</A> All Rights Reserved
</B>
<!-- End Footer Records ============================================ -->
<A NAME="Bot_Of_Page"></A>
</BODY></HTML>
Reference in New Issue View Git Blame Copy Permalink