search

Account Provisioning

Even though we have integrated authentication for accounts, user provisioning still needs to occur in every system independently.

hashtag
Unix accounts

We have a script called create_user.sh that provisions all necessary accounts. It takes the username. first name. and last name as the arguments.

It:

  • Generates an LDIF

  • Export the LDIF

  • Adds the LDIF to openldap1

  • Creates an AFS home directory

  • and resets the Kerberos principal password to the default

hashtag
Manual Provisioning

circle-exclamation

Use of the manual steps is not recommended.

hashtag
Creating AFS User

First, you need to create an AFS user account. Make sure you are authenticated with your /admin principal.

pts createuser <username>

The command should give an output similar to:

If the user already has an AFS user account, run the following command in order to obtain an ID.

hashtag
Creating LDAP User

Next, you need to add the account to LDAP. First, generate an LDIF file using the guide at NSS LDAP Templatesarrow-up-right. Run the command below after you have created an LDIF file.

Below is an example LDIF file. Make sure you replace first name, last name, uidNumber, and graduation year!

hashtag
Adding AFS Volume

PreviousData RecoveryNexttjSTAR

Last updated