Tech Tutorial: 302.3 Active Directory User Management #
Introduction #
This tutorial is designed to help system administrators and IT professionals understand how to manage user and group accounts on standalone servers and within a Samba-based Active Directory environment. Managing user accounts and permissions is crucial for maintaining the security and efficiency of your IT infrastructure.
In this guide, we’ll cover the necessary steps and commands to efficiently handle user and group accounts using different utilities, with a focus on Samba for Active Directory integration.
Key Knowledge Areas: #
- User and group add/mod/del
- User on standalone server
- User in Samba Active Directory
- Group on standalone server
- Group in Samba Active Directory
Utilities: #
useradd
,usermod
,userdel
groupadd
,groupmod
,groupdel
samba-tool
Step-by-Step Guide #
Managing Users on a Standalone Server #
Adding a New User #
To add a new user in Linux, use the useradd
command. Here’s how to add a user named jdoe
:
sudo useradd jdoe
To set a password for the user, use the passwd
command:
sudo passwd jdoe
Modifying a User #
To modify an existing user, for example changing the login name from jdoe
to john_doe
, use usermod
:
sudo usermod -l john_doe jdoe
Deleting a User #
To delete a user, use the userdel
command. To remove john_doe
along with his home directory:
sudo userdel -r john_doe
Managing Groups on a Standalone Server #
Adding a New Group #
To add a new group named developers
:
sudo groupadd developers
Modifying a Group #
To modify a group, for example to change the name from developers
to dev_team
:
sudo groupmod -n dev_team developers
Deleting a Group #
To delete the group dev_team
:
sudo groupdel dev_team
Managing Users in Samba Active Directory #
Adding a New User #
To add a new user to the Samba AD, use samba-tool
:
sudo samba-tool user add jdoe --given-name=John --surname=Doe --random-password
Modifying a User #
To modify an existing user in Samba AD, for example to change the user’s surname:
sudo samba-tool user edit jdoe
This command opens an editor to allow detailed modifications in the user’s attributes.
Deleting a User #
To delete a user from Samba AD:
sudo samba-tool user delete jdoe
Managing Groups in Samba Active Directory #
Adding a New Group #
To add a new group in Samba AD:
sudo samba-tool group add developers
Modifying a Group #
To modify a group in Samba AD:
sudo samba-tool group edit developers
This opens an editor for detailed modifications.
Deleting a Group #
To delete a group from Samba AD:
sudo samba-tool group delete developers
Conclusion #
In this tutorial, we covered how to manage users and groups on both standalone Linux servers and in a Samba-based Active Directory environment. Using the commands and procedures outlined, you can effectively manage your IT infrastructure’s user accounts and permissions. Regular management of user and group accounts ensures security and operational efficiency in an organization.
Feel free to experiment with the commands and tailor the parameters to fit the specific needs of your environment. Always ensure you have proper backups and restoration processes in place before making significant changes to your user and group settings.