The following may be helpful - if you have more to add
please post additional ones and I will summarize.
I am still working on this.
>From plante_at_camosun.bc.ca
From: Mike Plante <plante_at_camosun.bc.ca>
Subject: Re: automate multi-account adduser script
We do a similar thing here at our college. We do both class sets of
accounts, which I generate via a Korn shell script I wrote, and provide
an automated mechanism for all "student" accounts which are based on a
similar master file of student name and ID's. This set of tools is written
in C. It provides an instructor a means of generating student accounts
for his/her class simply by running this program and letting the students
answer questions and record their new login ID/passwords. The program
cycles until no more students need accounts and the parent process is
killed. We could run this program as a shell to a login with no password
to let any (registered) student generate an account anytime and anywhere.
There is also a utility to allow the instructor to change a student's
password. I'm still developing the auto-expiry phase of the system. If you
need more info I'd be happy to help. Our system is an Alpha Server running
DUX 4.0A with Enhanced Security enabled.
Mike
>From ahillber_at_radar.sc.whecn.edu
From: "Hillberry, Andy" <ahillber_at_radar.sc.whecn.edu>
Subject: RE: automate multi-account adduser script
We may have something that may be modified that you could use. It is
currently running on SCO Unix; however, it was the adduser script from
DEC Ultrix 4.3a. We have it on our home page and added a few cgi-bin
scripts to pre-process the info. It is set up for each student to
create their own account, instead of us creating mass students each
semester. We download the list of new students to an ascii file and
then they enter their own info. if they want an account. You could
probably, easily, modify it to create mass users if you still wanted to
do that.
If you are interested you could look at the form on our home-page and
then if you are still interested, let me know and I could try and gather
the scripts and send them. One of my technicians wrote it a couple of
years ago, so it will take a little digging to find them all. I'm not
sure how secure it really is but we haven't had any problems, at least,
that we know of.
Our home-page is
http://www.sc.whecn.edu/captain.html , then click on
the CREATE ... captain account ...
Andy Hillberry,
Director, Information Technologies
NWCCD - Sheridan College
Sheridan, WY 82801
(307) 674-6446 x6207
> ----------
From: Larry Olin Horn <hornlo_at_okra.millsaps.edu>
Well, it's on VMS, not Unix, and the database is a local concoction,
so I doubt the actual code would be of interest.
The only info I use from the database is
assigned username and UIC
full real name
The 1st letter of the username determines on which of five disks the
home directory will be set up; the real name is used in setting the
personal name in mail and a couple other packages; everything else is
a standard account setup that is constant for all student accounts
Basically, what happens is
ad hoc
resolve any conflicts in tentitive usernames, then make all
of them permanent
each night
for each record in database
if no permanent username assigned
generate a tentative username
generate member portion of UIC (VMS user id code: "[group,member]")
else
look up (syntactically valid) username in authorization
file [roughly the same as /etc/passwd] and set flags in
database record indicating status [exists, expired, ...]
[after this is done, there are other jobs that build distribution
lists, generate web page directories, etc., based on the account
status (exists, mail is not disabled, acct is not expired, etc.)]
on demand [i.e., when I'm ready to gen accounts]
select records for students
who are currently enrolled
and have permanent username assigned
and account flags indicate acct is not active or doesn't exist
for each record
if account exists
generate commands to reenable account and set new expiration date
else
generate commands to create account, directory tree,
send 'welcome' mail message, init profiles for various
commonly used packages, disk quota, ...
generate data record to be passed to "PC" manager
to generate or reactivate LAN Manager accounts and shares
[username, real name, password (if new)]
execute command files [scripts]
("generate" above means the commands are accumulated in a few
command files, not one command file per record; the command files
are submitted to batch after the database selection is processed)
-- Larry Olin Horn | Millsaps College | Computing and Telecommunications
-- mailto:hornlo_at_okra.millsaps.edu |
http://www.millsaps.edu/~hornlo/
---------------------------------------------------------------------
>From rioux_at_ip6480nl.ce.utexas.edu
From: Tom Rioux <rioux_at_ip6480nl.ce.utexas.edu>
The Civil Engineering Department did a web page based computer account
request form which ultimately added an account without human intervention;
it does authenticate the user using an text file of name and student ID.
The web page and master database are on a Windows NT server. carp is rubn
by a cron job looking in an NFS mounted directory for requests. All
communications are by e-mail.
You may want to look at the NIS utilities located at
ftp.ce.utexas.edu:/unix/nis_utils/nis_utils.tar
This tar file contains:
acc_dis_nis_a1
acc_dis_nis_at
acc_dis_nis_is
add_nis_alias
add_nis_class
add_nis_classu
add_nis_user
carp
carp_requests
ceal_nis_user
chdir_nis_user
com_nis_utils
dis_nis_user
ena_nis_user
fix_nis_mail
gen_passwd.c
grpad_nis_user
grprm_nis_user
mail_nis_user
makefile
mvdir_nis_user
paswd_nis_user
prt_nis_user
rcp_nis_utils
renew_nis_user
rhost_nis_user
rm_nis_class
rm_nis_user
tar_nis_utils
Received on Tue Aug 05 1997 - 05:27:24 NZST