Re: [Freeipa-users] Ipa add-user non interactively specifying a password.
Thanks Alexander, I tried the help but there were only two choices. Specify a password interactively --password, or randomly generate one with --random. I agree with you the errors in the output are expected I was just hoping for some undocumented magic. Piping the output from cat into the password prompt is a great idea and does fix the issue I was having. It's not really intuitive but still makes me wonder why I didn't think of that. Anyhow I changed it up a bit with echo testpw | ipa user-add username --first=firstname --last=lastname --password --gidnumber= --noprivate --shell=/bin/bash And it totally works. Thank you again. -Chris On 09/01/2015 03:39 PM, Alexander Bokovoy wrote: On Tue, 01 Sep 2015, Chris Mohler wrote: Hi List, I'm trying to make a script to add users non interactively with ipa add-user and specify a password of testpw I tried: ipa user-add username --first=firstname --last=lastname --homedir=/home/username --password testpw --gidnumber= --noprivate --shell=/bin/bash #ipa: ERROR: command 'user_add' takes at most 1 argument and this: ipa user-add username --first=firstname --last=lastname --homedir=/home/username --password=testpw --gidnumber= --noprivate --shell=/bin/bash #ipa: error: --password option does not take a value No Luck. Any suggestions? Read the help :) $ ipa help user-add|grep -- --password --passwordPrompt to set the user password E.g. --password option does not take *any* parameter, it *prompts* to enter the password and expects standard input to provide the password. In the first example you added a parameter after --password and since --password does not consume anything, it was considered as another argument but 'ipa user-add' indeed takes a single argument, thus an error. In the second example you are explicitly forcing --password to take some parameter and is told that it does not accept anything, just like help is saying. What you want can be achieved like this: $ cat /my/password/file | ipa user-add username --first=firstname --last=lastname --password -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Ipa add-user non interactively specifying a password.
You could use --random instead of --password, which will force a nice 10 char random PW that can be captured and sent to your user. ~J On 9/1/15 12:54 PM, Chris Mohler wrote: Thanks Craig! That's quite a handy reply. It's actually a lot nicer than what I was planning to do. I appreciate this a lot. -Chris On 09/01/2015 03:33 PM, Craig White wrote: -Original Message- From: freeipa-users-boun...@redhat.com [mailto:freeipa-users-boun...@redhat.com] On Behalf Of Chris Mohler Sent: Tuesday, September 01, 2015 12:17 PM To: freeipa-users@redhat.com Subject: [Freeipa-users] Ipa add-user non interactively specifying a password. Hi List, I'm trying to make a script to add users non interactively with ipa add-user and specify a password of testpw I tried: ipa user-add username --first=firstname --last=lastname --homedir=/home/username --password testpw --gidnumber= --noprivate --shell=/bin/bash #ipa: ERROR: command 'user_add' takes at most 1 argument and this: ipa user-add username --first=firstname --last=lastname --homedir=/home/username --password=testpw --gidnumber= --noprivate --shell=/bin/bash #ipa: error: --password option does not take a value No Luck. Any suggestions? - I will take it a lot further - salt to taste (and watch the line wraps)... #!/bin/sh # # Script to automate adding users # # Updated 12/16/2014 # Craig White # CMD1='/usr/bin/ipa user-add' CMD2='/usr/bin/ipa group-add-member' TEE='/usr/bin/tee -a' LOG='/tmp/ipa_users_add.txt' MAIL='/bin/mailx' KERB=`klist -s; echo $?` $LOG [[ -n "$4" ]] || { echo "Usage: ipa_user_add.sh LOGIN FIRST_NAME LAST_NAME EMAIL GROUPS " && echo " REQUIRED > ^ ^ ^ ^" && echo "You can have many groups separated with just a space"; exit 0 ; } [[ $KERB == "0" ]] || { echo "Your kerberos ticket has expired - Please create a valid kerberos ticket by typing 'kinit'"; exit 0 ; } if [ -z "$EMAIL" ]; then echo "You need to add EMAIL to your environment variables - type 'export EMAIL=YOUR_EMAIL_ADDRESS' before running this command or better yet, add it to your .bash_profile" exit 0 fi $CMD1 $1 --first=$2 --last=$3 --random --email=$4 | $TEE $LOG echo " - - - -" | $TEE $LOG echo "You must login and change your password" | $TEE $LOG echo "SSH to some server you have access to" | $TEE $LOG echo "or" | $TEE $LOG echo "https://_IPA_SERVER_1_/ipa/ui OR https://_IPA_SERVER_2_/ipa/ui"; | $TEE $LOG echo " - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" | $TEE $LOG $CMD2 ipausers --users=$1 | $TEE $LOG if [ -n "$5" ]; then $CMD2 $5 --users=$1 | $TEE $LOG fi if [ -n "$6" ]; then $CMD2 $6 --users=$1 | $TEE $LOG fi if [ -n "$7" ]; then $CMD2 $7 --users=$1 | $TEE $LOG fi if [ -n "$8" ]; then $CMD2 $8 --users=$1 | $TEE $LOG fi if [ -n "$9" ]; then $CMD2 $9 --users=$1 | $TEE $LOG fi echo "See attachment for login information" | $MAIL -s 'New Account Information' -r $EMAIL -a $LOG $4 /bin/rm -f $LOG -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Ipa add-user non interactively specifying a password.
Thanks Craig! That's quite a handy reply. It's actually a lot nicer than what I was planning to do. I appreciate this a lot. -Chris On 09/01/2015 03:33 PM, Craig White wrote: -Original Message- From: freeipa-users-boun...@redhat.com [mailto:freeipa-users-boun...@redhat.com] On Behalf Of Chris Mohler Sent: Tuesday, September 01, 2015 12:17 PM To: freeipa-users@redhat.com Subject: [Freeipa-users] Ipa add-user non interactively specifying a password. Hi List, I'm trying to make a script to add users non interactively with ipa add-user and specify a password of testpw I tried: ipa user-add username --first=firstname --last=lastname --homedir=/home/username --password testpw --gidnumber= --noprivate --shell=/bin/bash #ipa: ERROR: command 'user_add' takes at most 1 argument and this: ipa user-add username --first=firstname --last=lastname --homedir=/home/username --password=testpw --gidnumber= --noprivate --shell=/bin/bash #ipa: error: --password option does not take a value No Luck. Any suggestions? - I will take it a lot further - salt to taste (and watch the line wraps)... #!/bin/sh # # Script to automate adding users # # Updated 12/16/2014 # Craig White # CMD1='/usr/bin/ipa user-add' CMD2='/usr/bin/ipa group-add-member' TEE='/usr/bin/tee -a' LOG='/tmp/ipa_users_add.txt' MAIL='/bin/mailx' KERB=`klist -s; echo $?` $LOG [[ -n "$4" ]] || { echo "Usage: ipa_user_add.sh LOGIN FIRST_NAME LAST_NAME EMAIL GROUPS " && echo " REQUIRED > ^ ^ ^ ^" && echo "You can have many groups separated with just a space"; exit 0 ; } [[ $KERB == "0" ]] || { echo "Your kerberos ticket has expired - Please create a valid kerberos ticket by typing 'kinit'"; exit 0 ; } if [ -z "$EMAIL" ]; then echo "You need to add EMAIL to your environment variables - type 'export EMAIL=YOUR_EMAIL_ADDRESS' before running this command or better yet, add it to your .bash_profile" exit 0 fi $CMD1 $1 --first=$2 --last=$3 --random --email=$4 | $TEE $LOG echo " - - - -" | $TEE $LOG echo "You must login and change your password" | $TEE $LOG echo "SSH to some server you have access to" | $TEE $LOG echo "or" | $TEE $LOG echo "https://_IPA_SERVER_1_/ipa/ui OR https://_IPA_SERVER_2_/ipa/ui"; | $TEE $LOG echo " - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" | $TEE $LOG $CMD2 ipausers --users=$1 | $TEE $LOG if [ -n "$5" ]; then $CMD2 $5 --users=$1 | $TEE $LOG fi if [ -n "$6" ]; then $CMD2 $6 --users=$1 | $TEE $LOG fi if [ -n "$7" ]; then $CMD2 $7 --users=$1 | $TEE $LOG fi if [ -n "$8" ]; then $CMD2 $8 --users=$1 | $TEE $LOG fi if [ -n "$9" ]; then $CMD2 $9 --users=$1 | $TEE $LOG fi echo "See attachment for login information" | $MAIL -s 'New Account Information' -r $EMAIL -a $LOG $4 /bin/rm -f $LOG -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Ipa add-user non interactively specifying a password.
On Tue, 01 Sep 2015, Chris Mohler wrote: Hi List, I'm trying to make a script to add users non interactively with ipa add-user and specify a password of testpw I tried: ipa user-add username --first=firstname --last=lastname --homedir=/home/username --password testpw --gidnumber= --noprivate --shell=/bin/bash #ipa: ERROR: command 'user_add' takes at most 1 argument and this: ipa user-add username --first=firstname --last=lastname --homedir=/home/username --password=testpw --gidnumber= --noprivate --shell=/bin/bash #ipa: error: --password option does not take a value No Luck. Any suggestions? Read the help :) $ ipa help user-add|grep -- --password --passwordPrompt to set the user password E.g. --password option does not take *any* parameter, it *prompts* to enter the password and expects standard input to provide the password. In the first example you added a parameter after --password and since --password does not consume anything, it was considered as another argument but 'ipa user-add' indeed takes a single argument, thus an error. In the second example you are explicitly forcing --password to take some parameter and is told that it does not accept anything, just like help is saying. What you want can be achieved like this: $ cat /my/password/file | ipa user-add username --first=firstname --last=lastname --password -- / Alexander Bokovoy -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
Re: [Freeipa-users] Ipa add-user non interactively specifying a password.
-Original Message- From: freeipa-users-boun...@redhat.com [mailto:freeipa-users-boun...@redhat.com] On Behalf Of Chris Mohler Sent: Tuesday, September 01, 2015 12:17 PM To: freeipa-users@redhat.com Subject: [Freeipa-users] Ipa add-user non interactively specifying a password. Hi List, I'm trying to make a script to add users non interactively with ipa add-user and specify a password of testpw I tried: ipa user-add username --first=firstname --last=lastname --homedir=/home/username --password testpw --gidnumber= --noprivate --shell=/bin/bash #ipa: ERROR: command 'user_add' takes at most 1 argument and this: ipa user-add username --first=firstname --last=lastname --homedir=/home/username --password=testpw --gidnumber= --noprivate --shell=/bin/bash #ipa: error: --password option does not take a value No Luck. Any suggestions? - I will take it a lot further - salt to taste (and watch the line wraps)... #!/bin/sh # # Script to automate adding users # # Updated 12/16/2014 # Craig White # CMD1='/usr/bin/ipa user-add' CMD2='/usr/bin/ipa group-add-member' TEE='/usr/bin/tee -a' LOG='/tmp/ipa_users_add.txt' MAIL='/bin/mailx' KERB=`klist -s; echo $?` > $LOG [[ -n "$4" ]] || { echo "Usage: ipa_user_add.sh LOGIN FIRST_NAME LAST_NAME EMAIL GROUPS " && echo " REQUIRED > ^ ^ ^ ^" && echo "You can have many groups separated with just a space"; exit 0 ; } [[ $KERB == "0" ]] || { echo "Your kerberos ticket has expired - Please create a valid kerberos ticket by typing 'kinit'"; exit 0 ; } if [ -z "$EMAIL" ]; then echo "You need to add EMAIL to your environment variables - type 'export EMAIL=YOUR_EMAIL_ADDRESS' before running this command or better yet, add it to your .bash_profile" exit 0 fi $CMD1 $1 --first=$2 --last=$3 --random --email=$4 | $TEE $LOG echo " - - - -" | $TEE $LOG echo "You must login and change your password" | $TEE $LOG echo "SSH to some server you have access to" | $TEE $LOG echo "or" | $TEE $LOG echo "https://_IPA_SERVER_1_/ipa/ui OR https://_IPA_SERVER_2_/ipa/ui"; | $TEE $LOG echo " - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -" | $TEE $LOG $CMD2 ipausers --users=$1 | $TEE $LOG if [ -n "$5" ]; then $CMD2 $5 --users=$1 | $TEE $LOG fi if [ -n "$6" ]; then $CMD2 $6 --users=$1 | $TEE $LOG fi if [ -n "$7" ]; then $CMD2 $7 --users=$1 | $TEE $LOG fi if [ -n "$8" ]; then $CMD2 $8 --users=$1 | $TEE $LOG fi if [ -n "$9" ]; then $CMD2 $9 --users=$1 | $TEE $LOG fi echo "See attachment for login information" | $MAIL -s 'New Account Information' -r $EMAIL -a $LOG $4 /bin/rm -f $LOG -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
[Freeipa-users] Ipa add-user non interactively specifying a password.
Hi List, I'm trying to make a script to add users non interactively with ipa add-user and specify a password of testpw I tried: ipa user-add username --first=firstname --last=lastname --homedir=/home/username --password testpw --gidnumber= --noprivate --shell=/bin/bash #ipa: ERROR: command 'user_add' takes at most 1 argument and this: ipa user-add username --first=firstname --last=lastname --homedir=/home/username --password=testpw --gidnumber= --noprivate --shell=/bin/bash #ipa: error: --password option does not take a value No Luck. Any suggestions? Thanks -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project