Example:
Jump server : [root@inddcpjmp01 solaris]#
./create_users_solaris_full.sh <servername> <users.csv>
1. Input cvs file users.csv example:
[root@inddcpjmp01 solaris]# cat users.csv
username,uid,gid,groups...,fullname,homedir,password
user1,1001,1001,unixadm;staff,John Doe,/export/home/user1,Welcome@123
user2,1002,1002,sysadmin;staff;apps,Jane Smith,/export/home/user2,Welcome@123
[root@inddcpjmp01 solaris]#
2. Create multiple Solaris users remotely via jump server (create_users_solaris_full.sh)
#!/bin/bash
# ---------------------------------------------------------------------
# Script: create_users_solaris_full.sh
# Purpose: Create multiple Solaris users remotely via jump server.
# Author: Tasleem A Khan
# Usage: ./create_users_solaris_full.sh <servername> <users.csv>
# ---------------------------------------------------------------------
REMOTE_HOST="$1"
INPUT_FILE="$2"
if [ -z "$REMOTE_HOST" ] || [ -z "$INPUT_FILE" ]; then
echo "Usage: $0 <servername> <csv_file>"
exit 1
fi
if [ ! -f "$INPUT_FILE" ]; then
echo "Error: File '$INPUT_FILE' not found."
exit 1
fi
if [ "$(id -u)" -ne 0 ]; then
echo "Error: Must run as root on jump server."
exit 1
fi
REMOTE_TMP_DIR="/tmp/user_create_$$"
REMOTE_SCRIPT="${REMOTE_TMP_DIR}/remote_create_users.sh"
REMOTE_CSV="${REMOTE_TMP_DIR}/users.csv"
REMOTE_LOG="${REMOTE_TMP_DIR}/create_users.log"
echo "--------------------------------------------------"
echo " Running user creation on remote host: $REMOTE_HOST"
echo "--------------------------------------------------"
# --- Create temporary directory on remote host ---
ssh -o BatchMode=yes -o ConnectTimeout=10 "$REMOTE_HOST" "mkdir -p $REMOTE_TMP_DIR" || {
echo "Error: Unable to connect to $REMOTE_HOST or create remote directory."
exit 1
}
# --- Copy CSV to remote host ---
scp -q "$INPUT_FILE" "$REMOTE_HOST:$REMOTE_CSV" || {
echo "Error: Failed to copy $INPUT_FILE to $REMOTE_HOST:$REMOTE_CSV"
exit 1
}
# --- Create remote script dynamically ---
cat > /tmp/remote_create_users.sh <<'EOF'
#!/bin/bash
INPUT_FILE="$1"
LOG_FILE="$2"
if [ "$(id -u)" -ne 0 ]; then
echo "Error: Must run as root." | tee -a "$LOG_FILE"
exit 1
fi
echo "Starting user creation..." | tee -a "$LOG_FILE"
create_group_if_missing() {
local groupname="$1"
local gid="$2"
if ! grep -q "^${groupname}:" /etc/group; then
echo "Creating group $groupname (GID=${gid})" | tee -a "$LOG_FILE"
if [ -n "$gid" ]; then
/usr/sbin/groupadd -g "$gid" "$groupname"
else
/usr/sbin/groupadd "$groupname"
fi
fi
}
# --- Process CSV line by line (skip header) ---
sed '1d' "$INPUT_FILE" | while IFS=',' read -r username uid gid rest
do
username=$(echo "$username" | xargs)
uid=$(echo "$uid" | xargs)
gid=$(echo "$gid" | xargs)
rest=$(echo "$rest" | xargs)
# Skip invalid lines
[ -z "$username" ] && continue
[ -z "$uid" ] && continue
[ -z "$gid" ] && continue
# --- Parse remaining fields: secondary groups, fullname, homedir, password ---
OLDIFS="$IFS"
IFS=','
arr=()
for f in $rest; do
arr+=("$f")
done
IFS="$OLDIFS"
# Determine fullname as first field with a space
sec_groups=""
fullname=""
homedir=""
password=""
for ((i=0;i<${#arr[@]};i++)); do
if [[ "${arr[$i]}" =~ \ ]]; then
fullname="${arr[$i]}"
homedir="${arr[$((i+1))]}"
password="${arr[$((i+2))]}"
break
else
sec_groups+="${arr[$i]};"
fi
done
# Cleanup trailing semicolon
sec_groups=$(echo "$sec_groups" | sed 's/;$//')
echo "--------------------------------------------------" | tee -a "$LOG_FILE"
echo "Processing user: $username" | tee -a "$LOG_FILE"
echo " UID: $uid" | tee -a "$LOG_FILE"
echo " GID: $gid (primary group: $username)" | tee -a "$LOG_FILE"
echo " Secondary groups: $sec_groups" | tee -a "$LOG_FILE"
echo " Full name: $fullname" | tee -a "$LOG_FILE"
echo " Home dir: $homedir" | tee -a "$LOG_FILE"
echo "--------------------------------------------------" | tee -a "$LOG_FILE"
# --- Primary group ---
create_group_if_missing "$username" "$gid"
# --- Secondary groups ---
sec_group_option=""
if [ -n "$sec_groups" ]; then
# Convert semicolon to comma for Solaris useradd
sec_group_csv=$(echo "$sec_groups" | tr ';' ',')
# Ensure each group exists
OLDIFS="$IFS"
IFS=','
for g in $sec_group_csv; do
g=$(echo "$g" | xargs)
create_group_if_missing "$g"
done
IFS="$OLDIFS"
sec_group_option="-G $sec_group_csv"
fi
# --- Create user ---
if id "$username" >/dev/null 2>&1; then
echo "User $username already exists, skipping..." | tee -a "$LOG_FILE"
continue
fi
/usr/sbin/useradd -u "$uid" -g "$username" $sec_group_option -d "$homedir" -m -c "$fullname" "$username"
if [ $? -eq 0 ]; then
# --- Set password using expect ---
if command -v expect >/dev/null 2>&1; then
/usr/bin/expect <<EOPASS >/dev/null
spawn passwd "$username"
expect "New Password:"
send "$password\r"
expect "Re-enter New Password:"
send "$password\r"
expect eof
EOPASS
echo "User $username created successfully with password from CSV." | tee -a "$LOG_FILE"
else
# If expect not installed, force password change
passwd -f "$username" 2>/dev/null
echo "Password for $username must be changed at first login (expect not installed)." | tee -a "$LOG_FILE"
fi
else
echo "Failed to create user $username" | tee -a "$LOG_FILE"
fi
done
echo "All users processed." | tee -a "$LOG_FILE"
EOF
# --- Copy and run remotely ---
scp -q /tmp/remote_create_users.sh "$REMOTE_HOST:$REMOTE_SCRIPT" || {
echo "Error: Failed to copy remote script."
exit 1
}
ssh -tt "$REMOTE_HOST" "bash $REMOTE_SCRIPT $REMOTE_CSV $REMOTE_LOG"
# --- Fetch log ---
scp -q "$REMOTE_HOST:$REMOTE_LOG" "./create_users_${REMOTE_HOST}.log" && \
echo "Log saved as create_users_${REMOTE_HOST}.log"
# --- Cleanup ---
ssh "$REMOTE_HOST" "rm -rf $REMOTE_TMP_DIR"
rm -f /tmp/remote_create_users.sh
echo "--------------------------------------------------"
echo " Completed user creation on $REMOTE_HOST"
echo " Log: create_users_${REMOTE_HOST}.log"
echo "--------------------------------------------------"
[root@inddcpjmp01 solaris]#
Script Output:
[root@inddcpjmp01 solaris]# ./create_users_solaris_full.sh indsuntst01 users.csv
--------------------------------------------------
Running user creation on remote host: indsuntst01
--------------------------------------------------
Starting user creation...
--------------------------------------------------
Processing user: user1
UID: 1001
GID: 1001 (primary group: user1)
Secondary groups: unixadm;staff
Full name: John Doe
Home dir: /export/home/user1
--------------------------------------------------
Creating group user1 (GID=1001)
80 blocks
User user1 created successfully with password from CSV.
--------------------------------------------------
Processing user: user2
UID: 1002
GID: 1002 (primary group: user2)
Secondary groups: sysadmin;staff;apps
Full name: Jane Smith
Home dir: /export/home/user2
--------------------------------------------------
Creating group user2 (GID=1002)
80 blocks
User user2 created successfully with password from CSV.
All users processed.
Connection to indsuntst01 closed.
Log saved as create_users_indsuntst01.log
--------------------------------------------------
Completed user creation on indsuntst01
Log: create_users_indsuntst01.log
--------------------------------------------------
[root@inddcpjmp01 solaris]#
Solaris Server output:
login as: user1
Keyboard-interactive authentication prompts from server:
| Password:
End of keyboard-interactive prompts from server
Last login: Mon Oct 27 01:21:44 2025 from 192.168.10.252
Oracle Corporation SunOS 5.11 11.4 Aug 2018
user1@indsuntst01:~$ sudo su -
Oracle Corporation SunOS 5.11 11.4 Aug 2018
You have new mail.
root@indsuntst01:~#
root@indsuntst01:~# cat /etc/passwd | egrep "user1|user2"
user1:x:1001:1001:John Doe:/export/home/user1:/usr/bin/bash
user2:x:1002:1002:Jane Smith:/export/home/user2:/usr/bin/bash
root@indsuntst01:~# cat /etc/group | egrep "user1|user2"
staff::10:sunadm,unixadm,user1,user2
sysadmin::14:user2
unixadm::100:user1
apps::102:user2
user1::1001:
user2::1002:
root@indsuntst01:~#
No comments:
Post a Comment