1useradd(1M)             System Administration Commands             useradd(1M)
2
3
4

NAME

6       useradd - administer a new user login on the system
7

SYNOPSIS

9       useradd [-A authorization [,authorization...]]
10            [-b base_dir] [-c comment] [-d dir] [-e expire]
11            [-f inactive] [-g group] [-G group [,group]...]
12            [-K key=value] [-m [-k skel_dir]] [-p projname]
13            [-P profile [,profile...]] [-R role [,role...]]
14            [-s shell] [-u uid [-o]] login
15
16
17       useradd -D [-A authorization [,authorization...]]
18            [-b base_dir] [-s shell [-k skel_dir]] [-e expire]
19            [-f inactive] [-g group] [-K key=value] [-p projname]
20            [-P profile [,profile...]] [-R role [,role...]]
21
22

DESCRIPTION

24       useradd  adds  a  new  user  to  the  /etc/passwd  and  /etc/shadow and
25       /etc/user_attr files. The -A and -P options respectively assign  autho‐
26       rizations  and  profiles  to the user. The -R option assigns roles to a
27       user. The -p option associates a project with a  user.  The  -K  option
28       adds  a  key=value  pair  to  /etc/user_attr  for  the  user.  Multiple
29       key=value pairs may be added with multiple -K options.
30
31
32       useradd also creates supplementary group memberships for the  user  (-G
33       option)  and  creates  the  home  directory (-m option) for the user if
34       requested. The new login remains locked until the passwd(1) command  is
35       executed.
36
37
38       Specifying  useradd  -D with the -s, -k,-g, -b, -f, -e, -A, -P, -p, -R,
39       or -K option (or any combination of these  options)  sets  the  default
40       values  for the respective fields. See the -D option, below. Subsequent
41       useradd commands without the -D option use these arguments.
42
43
44       The system file entries created with this command have a limit of  2048
45       characters  per  line. Specifying long arguments to several options can
46       exceed this limit.
47
48
49       useradd  requires  that  usernames  be  in  the  format  described   in
50       passwd(4). A warning message is displayed if these restrictions are not
51       met. See passwd(4) for the requirements for usernames.
52

OPTIONS

54       The following options are supported:
55
56       -A authorization
57
58           One or more comma separated authorizations defined in auth_attr(4).
59           Only  a  user or role who has grant rights to the authorization can
60           assign it to an account.
61
62
63       -b base_dir
64
65           The base directory for new  login  home  directories  (see  the  -d
66           option  below.  When  a new user account is being created, base_dir
67           must already exist unless the -m option or the -d  option  is  also
68           specified.
69
70
71       -c comment
72
73           Any  text string. It is generally a short description of the login,
74           and is currently used as the field for the user's full  name.  This
75           information is stored in the user's /etc/passwd entry.
76
77
78       -d dir
79
80           The   home   directory   of   the   new   user.   It   defaults  to
81           base_dir/account_name, where base_dir is the base directory for new
82           login home directories and account_name is the new login name.
83
84
85       -D
86
87           Display  the  default  values for group, base_dir, skel_dir, shell,
88           inactive, expire, proj, projname and  key=value  pairs.  When  used
89           with  the  -g,  -b,  -f,  -e, -A, -P, -p, -R, or -K options, the -D
90           option sets the  default  values  for  the  specified  fields.  The
91           default values are:
92
93           group
94
95               other (GID of 1)
96
97
98           base_dir
99
100               /home
101
102
103           skel_dir
104
105               /etc/skel
106
107
108           shell
109
110               /bin/sh
111
112
113           inactive
114
115               0
116
117
118           expire
119
120               null
121
122
123           auths
124
125               null
126
127
128           profiles
129
130               null
131
132
133           proj
134
135               3
136
137
138           projname
139
140               default
141
142
143           key=value (pairs defined in user_attr(4)
144
145               not present
146
147
148           roles
149
150               null
151
152
153
154       -e expire
155
156           Specify  the  expiration date for a login. After this date, no user
157           will be able to access this login. The expire option argument is  a
158           date entered using one of the date formats included in the template
159           file /etc/datemsk. See getdate(3C).
160
161           If the date format that you choose  includes  spaces,  it  must  be
162           quoted.  For  example,  you can enter 10/6/90 or October 6, 1990. A
163           null value (" ") defeats the  status  of  the  expired  date.  This
164           option is useful for creating temporary logins.
165
166
167       -f inactive
168
169           The  maximum  number  of  days  allowed  between uses of a login ID
170           before that ID is declared  invalid.  Normal  values  are  positive
171           integers. A value of 0 defeats the status.
172
173
174       -g group
175
176           An  existing  group's  integer ID or character-string name. Without
177           the -D option, it defines the new user's primary  group  membership
178           and defaults to the default group. You can reset this default value
179           by invoking useradd -D -g group. GIDs 0-99 are reserved for alloca‐
180           tion by the Solaris Operating System.
181
182
183       -G group
184
185           An existing group's integer ID or character-string name. It defines
186           the new user's supplementary group membership.  Duplicates  between
187           group  with  the  -g  and  -G  options  are  ignored.  No more than
188           NGROUPS_MAX groups can be specified. GIDs  0-99  are  reserved  for
189           allocation by the Solaris Operating System.
190
191
192       -K key=value
193
194           A  key=value  pair  to  add  to  the user's attributes. Multiple -K
195           options may be used to add multiple key=value pairs. The generic -K
196           option with the appropriate key may be used instead of the specific
197           implied key options (-A, -P, -R, -p). See user_attr(4) for  a  list
198           of  valid  key=value  pairs.  The "type" key is not a valid key for
199           this option. Keys may not be repeated.
200
201
202       -k skel_dir
203
204           A directory that contains skeleton information (such  as  .profile)
205           that can be copied into a new user's home directory. This directory
206           must already exist. The system  provides  the  /etc/skel  directory
207           that can be used for this purpose.
208
209
210       -m
211
212           Create  the new user's home directory if it does not already exist.
213           If the directory already exists, it must have read, write, and exe‐
214           cute permissions by group, where group is the user's primary group.
215
216
217       -o
218
219           This option allows a UID to be duplicated (non-unique).
220
221
222       -P profile
223
224           One   or   more   comma-separated  execution  profiles  defined  in
225           prof_attr(4).
226
227
228       -p projname
229
230           Name of the project with which the added user  is  associated.  See
231           the projname field as defined in project(4).
232
233
234       -R role
235
236           One   or   more   comma-separated  execution  profiles  defined  in
237           user_attr(4). Roles cannot be assigned to other roles.
238
239
240       -s shell
241
242           Full pathname of the program used as the user's shell on login.  It
243           defaults to an empty field causing the system to use /bin/sh as the
244           default. The value of shell must be a valid executable file.
245
246
247       -u uid
248
249           The UID of the new user. This UID must be  a  non-negative  decimal
250           integer  below MAXUID as defined in <sys/param.h>. The UID defaults
251           to the next available (unique) number above the highest number cur‐
252           rently  assigned.  For  example,  if  UIDs  100,  105,  and 200 are
253           assigned, the next default UID number will be 201.  UIDs  0-99  are
254           reserved for allocation by the Solaris Operating System.
255
256

FILES

258       /etc/datemsk
259
260
261       /etc/passwd
262
263
264       /etc/shadow
265
266
267       /etc/group
268
269
270       /etc/skel
271
272
273       /usr/include/limits.h
274
275
276       /etc/user_attr
277

ATTRIBUTES

279       See attributes(5) for descriptions of the following attributes:
280
281
282
283
284       ┌─────────────────────────────┬─────────────────────────────┐
285       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
286       ├─────────────────────────────┼─────────────────────────────┤
287       │Availability                 │SUNWcsu                      │
288       ├─────────────────────────────┼─────────────────────────────┤
289       │Interface Stability          │Committed                    │
290       └─────────────────────────────┴─────────────────────────────┘
291

SEE ALSO

293       passwd(1),     profiles(1),    roles(1),    users(1B),    groupadd(1M),
294       groupdel(1M),   groupmod(1M),    grpck(1M),    logins(1M),    pwck(1M),
295       userdel(1M),   usermod(1M),   getdate(3C),   auth_attr(4),   passwd(4),
296       prof_attr(4), project(4), user_attr(4), attributes(5)
297

DIAGNOSTICS

299       In case of an error, useradd prints an error message and exits  with  a
300       non-zero status.
301
302
303       The following indicates that login specified is already in use:
304
305         UX: useradd: ERROR: login is already in use. Choose another.
306
307
308
309
310       The  following  indicates  that the uid specified with the -u option is
311       not unique:
312
313         UX: useradd: ERROR: uid uid is already in use. Choose another.
314
315
316
317
318       The following indicates that the group specified with the -g option  is
319       already in use:
320
321         UX: useradd: ERROR: group group does not exist. Choose another.
322
323
324
325
326       The following indicates that the uid specified with the -u option is in
327       the range of reserved UIDs (from 0-99):
328
329         UX: useradd: WARNING: uid uid is reserved.
330
331
332
333
334       The following indicates that the  uid  specified  with  the  -u  option
335       exceeds MAXUID as defined in <sys/param.h>:
336
337         UX: useradd: ERROR: uid uid is too big. Choose another.
338
339
340
341
342       The  following  indicates  that the /etc/passwd or /etc/shadow files do
343       not exist:
344
345         UX: useradd: ERROR: Cannot update system files - login cannot be created.
346
347
348

NOTES

350       The useradd utility adds definitions  to  only  the  local  /etc/group,
351       etc/passwd,  /etc/passwd, /etc/shadow, /etc/project, and /etc/user_attr
352       files. If a network name service such as NIS or NIS+ is being  used  to
353       supplement  the local /etc/passwd file with additional entries, useradd
354       cannot change information supplied by the network name service. However
355       useradd  will verify the uniqueness of the user name (or role) and user
356       id and the existence of any group names specified against the  external
357       name service.
358
359
360
361SunOS 5.11                        19 Feb 2008                      useradd(1M)
Impressum