1 USERADD(1M)                  Maintenance Commands                  USERADD(1M)
   2 
   3 
   4 
   5 NAME
   6        useradd - administer a new user login on the system
   7 
   8 SYNOPSIS
   9        useradd [-A authorization [,authorization...]]
  10             [-b base_dir] [-c comment] [-d dir] [-e expire]
  11             [-f inactive] [-g group] [-G group [,group]...]
  12             [-K key=value] [-m [-z|-Z] [-k skel_dir]] [-p projname]
  13             [-P profile [,profile...]] [-R role [,role...]]
  14             [-s shell] [-u uid [-o]] login
  15 
  16 
  17        useradd -D [-A authorization [,authorization...]]
  18             [-b base_dir] [-s shell [-k skel_dir]] [-e expire]
  19             [-f inactive] [-g group] [-K key=value] [-p projname]
  20             [-P profile [,profile...]] [-R role [,role...]]
  21 
  22 
  23 DESCRIPTION
  24        useradd adds a new user to the /etc/passwd and /etc/shadow and
  25        /etc/user_attr files. The -A and -P options respectively assign
  26        authorizations and profiles to the user. The -R option assigns roles to
  27        a user. The -p option associates a project with a user. The -K option
  28        adds a key=value pair to /etc/user_attr for the user. Multiple
  29        key=value pairs may be added with multiple -K options.
  30 
  31 
  32        useradd also creates supplementary group memberships for the user (-G
  33        option) and creates the home directory (-m option) for the user if
  34        requested. The new login remains locked until the passwd(1) command is
  35        executed.
  36 
  37 
  38        Specifying useradd -D with the -s, -k,-g, -b, -f, -e, -A, -P, -p, -R,
  39        or -K option (or any combination of these options) sets the default
  40        values for the respective fields. See the -D option, below. Subsequent
  41        useradd commands without the -D option use these arguments.
  42 
  43 
  44        The system file entries created with this command have a limit of 2048
  45        characters per line. Specifying long arguments to several options can
  46        exceed this limit.
  47 
  48 
  49        useradd requires that usernames be in the format described in
  50        passwd(4). A warning message is displayed if these restrictions are not
  51        met. See passwd(4) for the requirements for usernames.
  52 
  53        To change the action of useradd when the traditional login name length
  54        limit of eight characters is exceeded, edit the file
  55        /etc/default/useradd by removing the # (pound sign) before the
  56        appropriate EXCEED_TRAD= entry, and adding it before the others.
  57 
  58 OPTIONS
  59        The following options are supported:
  60 
  61        -A authorization
  62 
  63            One or more comma separated authorizations defined in auth_attr(4).
  64            Only a user or role who has grant rights to the authorization can
  65            assign it to an account.
  66 
  67 
  68        -b base_dir
  69 
  70            The base directory for new login home directories (see the -d
  71            option below. When a new user account is being created, base_dir
  72            must already exist unless the -m option or the -d option is also
  73            specified.
  74 
  75 
  76        -c comment
  77 
  78            Any text string. It is generally a short description of the login,
  79            and is currently used as the field for the user's full name. This
  80            information is stored in the user's /etc/passwd entry.
  81 
  82 
  83        -d dir
  84 
  85            The home directory of the new user. It defaults to
  86            base_dir/account_name, where base_dir is the base directory for new
  87            login home directories and account_name is the new login name.
  88 
  89 
  90        -D
  91 
  92            Display the default values for group, base_dir, skel_dir, shell,
  93            inactive, expire, proj, projname and key=value pairs. When used
  94            with the -g, -b, -f, -e, -A, -P, -p, -R, or -K options, the -D
  95            option sets the default values for the specified fields. The
  96            default values are:
  97 
  98            group
  99 
 100                other (GID of 1)
 101 
 102 
 103            base_dir
 104 
 105                /home (can be overwritten in /etc/default/useradd file)
 106 
 107 
 108            skel_dir
 109 
 110                /etc/skel
 111 
 112 
 113            shell
 114 
 115                /bin/sh
 116 
 117 
 118            inactive
 119 
 120                0
 121 
 122 
 123            expire
 124 
 125                null
 126 
 127 
 128            auths
 129 
 130                null
 131 
 132 
 133            profiles
 134 
 135                null
 136 
 137 
 138            proj
 139 
 140                3
 141 
 142 
 143            projname
 144 
 145                default
 146 
 147 
 148            key=value (pairs defined in user_attr(4)
 149 
 150                not present
 151 
 152 
 153            roles
 154 
 155                null
 156 
 157            If /usr/sadm/defadduser file does not exist or doesn't set basedir
 158            (for example, on first useradd -D invocation), default value for
 159            base_dir is determined by HOME_PARENT parameter in
 160            /etc/default/useradd file.
 161 
 162 
 163        -e expire
 164 
 165            Specify the expiration date for a login. After this date, no user
 166            will be able to access this login. The expire option argument is a
 167            date entered using one of the date formats included in the template
 168            file /etc/datemsk. See getdate(3C).
 169 
 170            If the date format that you choose includes spaces, it must be
 171            quoted. For example, you can enter 10/6/90 or October 6, 1990. A
 172            null value (" ") defeats the status of the expired date. This
 173            option is useful for creating temporary logins.
 174 
 175 
 176        -f inactive
 177 
 178            The maximum number of days allowed between uses of a login ID
 179            before that ID is declared invalid. Normal values are positive
 180            integers. A value of 0 defeats the status.
 181 
 182 
 183        -g group
 184 
 185            An existing group's integer ID or character-string name. Without
 186            the -D option, it defines the new user's primary group membership
 187            and defaults to the default group. You can reset this default value
 188            by invoking useradd -D -g group. GIDs 0-99 are reserved for
 189            allocation by the Solaris Operating System.
 190 
 191 
 192        -G group
 193 
 194            An existing group's integer ID or character-string name. It defines
 195            the new user's supplementary group membership. Duplicates between
 196            group with the -g and -G options are ignored. No more than
 197            NGROUPS_MAX groups can be specified. GIDs 0-99 are reserved for
 198            allocation by the Solaris Operating System.
 199 
 200 
 201        -K key=value
 202 
 203            A key=value pair to add to the user's attributes. Multiple -K
 204            options may be used to add multiple key=value pairs. The generic -K
 205            option with the appropriate key may be used instead of the specific
 206            implied key options (-A, -P, -R, -p). See user_attr(4) for a list
 207            of valid key=value pairs. The "type" key is not a valid key for
 208            this option. Keys may not be repeated.
 209 
 210 
 211        -k skel_dir
 212 
 213            A directory that contains skeleton information (such as .profile)
 214            that can be copied into a new user's home directory. This directory
 215            must already exist. The system provides the /etc/skel directory
 216            that can be used for this purpose.
 217 
 218 
 219        -m [-z|-Z]
 220 
 221            Create the new user's home directory if it does not already exist.
 222            If the directory already exists, it must have read, write, and
 223            execute permissions by group, where group is the user's primary
 224            group.
 225 
 226            If the parent directory of the user's home directory is located on
 227            a separate ZFS file system and the /etc/default/useradd file
 228            contains the parameter MANAGE_ZFS set to the value YES, a new ZFS
 229            file system will be created for the user.
 230 
 231            If the -z option is specified, useradd will always try to create a
 232            new file system for the home directory.
 233 
 234            If the -Z option is specified, a new file system will never be
 235            created.
 236 
 237 
 238        -o
 239 
 240            This option allows a UID to be duplicated (non-unique).
 241 
 242 
 243        -P profile
 244 
 245            One or more comma-separated execution profiles defined in
 246            prof_attr(4).
 247 
 248 
 249        -p projname
 250 
 251            Name of the project with which the added user is associated. See
 252            the projname field as defined in project(4).
 253 
 254 
 255        -R role
 256 
 257            One or more comma-separated execution profiles defined in
 258            user_attr(4).  Roles cannot be assigned to other roles.
 259 
 260 
 261        -s shell
 262 
 263            Full pathname of the program used as the user's shell on login. It
 264            defaults to an empty field causing the system to use /bin/sh as the
 265            default. The value of shell must be a valid executable file.
 266 
 267 
 268        -u uid
 269 
 270            The UID of the new user. This UID must be a non-negative decimal
 271            integer below MAXUID as defined in <sys/param.h>. The UID defaults
 272            to the next available (unique) number above the highest number
 273            currently assigned. For example, if UIDs 100, 105, and 200 are
 274            assigned, the next default UID number will be 201. UIDs 0-99 are
 275            reserved for allocation by the Solaris Operating System.
 276 
 277 
 278 FILES
 279        /etc/default/useradd
 280 
 281 
 282        /etc/datemsk
 283 
 284 
 285        /etc/passwd
 286 
 287 
 288        /etc/shadow
 289 
 290 
 291        /etc/group
 292 
 293 
 294        /etc/skel
 295 
 296 
 297        /etc/user_attr
 298 
 299 
 300        /usr/include/limits.h
 301 
 302 
 303        /usr/sadm/defadduser
 304 
 305 ATTRIBUTES
 306        See attributes(5) for descriptions of the following attributes:
 307 
 308 
 309 
 310 
 311        +--------------------+-----------------+
 312        |  ATTRIBUTE TYPE    | ATTRIBUTE VALUE |
 313        +--------------------+-----------------+
 314        |Interface Stability | Committed       |
 315        +--------------------+-----------------+
 316 
 317 SEE ALSO
 318        passwd(1), profiles(1), roles(1), users(1B), groupadd(1M),
 319        groupdel(1M), groupmod(1M), grpck(1M), logins(1M), pwck(1M),
 320        userdel(1M), usermod(1M), getdate(3C), auth_attr(4), passwd(4),
 321        prof_attr(4), project(4), user_attr(4), attributes(5), zfs(1M)
 322 
 323 DIAGNOSTICS
 324        In case of an error, useradd prints an error message and exits with a
 325        non-zero status.
 326 
 327 
 328        The following indicates that login specified is already in use:
 329 
 330          UX: useradd: ERROR: login is already in use. Choose another.
 331 
 332 
 333 
 334 
 335        The following indicates that the uid specified with the -u option is
 336        not unique:
 337 
 338          UX: useradd: ERROR: uid uid is already in use. Choose another.
 339 
 340 
 341 
 342 
 343        The following indicates that the group specified with the -g option is
 344        already in use:
 345 
 346          UX: useradd: ERROR: group group does not exist. Choose another.
 347 
 348 
 349 
 350 
 351        The following indicates that the uid specified with the -u option is in
 352        the range of reserved UIDs (from 0-99):
 353 
 354          UX: useradd: WARNING: uid uid is reserved.
 355 
 356 
 357 
 358 
 359        The following indicates that the uid specified with the -u option
 360        exceeds MAXUID as defined in <sys/param.h>:
 361 
 362          UX: useradd: ERROR: uid uid is too big. Choose another.
 363 
 364 
 365 
 366 
 367        The following indicates that the /etc/passwd or /etc/shadow files do
 368        not exist:
 369 
 370          UX: useradd: ERROR: Cannot update system files - login cannot be created.
 371 
 372 
 373 
 374 NOTES
 375        The useradd utility adds definitions to only the local /etc/group,
 376        etc/passwd, /etc/passwd, /etc/shadow, /etc/project, and /etc/user_attr
 377        files. If a network name service such as NIS or NIS+ is being used to
 378        supplement the local /etc/passwd file with additional entries, useradd
 379        cannot change information supplied by the network name service. However
 380        useradd will verify the uniqueness of the user name (or role) and user
 381        id and the existence of any group names specified against the external
 382        name service.
 383 
 384 
 385 
 386                                December 5, 2016                    USERADD(1M)