This solution is ideal for system administrators who want a simple, SSH-based alternative to heavier tools while still maintaining consistency and control.
Overview
The script:
- Reads user details from a CSV file
- Creates primary groups with specific GIDs
- Adds users to up to three secondary groups
- Creates users only if they do not already exist
- Executes the process on multiple remote servers passed as arguments
The script expects the following CSV structure:
user_id,
user_pri_group,
user_pri_group_id,
user_sec_group1,
user_sec_group2,
user_sec_group3,
user_home_dir,
user_shell,
user_password,
user_gecos_info
Sample CSV Input
# user_id,user_pri_group,user_pri_group_id,user_sec_group1,user_sec_group2,user_sec_group3,user_home_dir,user_shell,user_password,user_gecos_info
tasleem,tasleem,1005,apps,dba,sysadm,/home/tasleem,/bin/bash,root123,Tasleem Ahmed Khan
hamzah,hamzah,1006,apps,dba,sysadm,/home/hamzah,/bin/bash,root123,Hamzah Ali Khan
Primary Group Enforcement
The primary group name and GID must be present. If missing, user creation is skipped.
Secondary Group Handling
Up to three secondary groups are supported.
If a group does not exist, it is created automatically.
Idempotent Execution
If a user already exists, the script safely skips creation.
Multi-Server Support
The same CSV file is applied to all servers passed on the command line.
Bash Script
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
#!/bin/bash
#
# Author : adminCtrlX
# Description : Automating User Creation on Multiple Linux Servers Using Bash and CSV
# Usage : ./create_users_remote.sh host1 host2 host3
#
The primary group name and GID must be present. If missing, user creation is skipped.
Secondary Group Handling
Up to three secondary groups are supported.
If a group does not exist, it is created automatically.
Idempotent Execution
If a user already exists, the script safely skips creation.
Multi-Server Support
The same CSV file is applied to all servers passed on the command line.
Bash Script
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
#!/bin/bash
#
# Author : adminCtrlX
# Description : Automating User Creation on Multiple Linux Servers Using Bash and CSV
# Usage : ./create_users_remote.sh host1 host2 host3
#
CSV_FILE="/tmp/scripts/users.csv"
if [ $# -lt 1 ]; then
echo "Usage: $0 host1 host2 ... hostN"
exit 1
fi
HOSTS="$@"
tail -n +2 "$CSV_FILE" | while IFS=',' read -r \
user_id pri_group pri_gid sec_grp1 sec_grp2 sec_grp3 home_dir shell password gecos
do
for server in $HOSTS; do
echo "Processing user $user_id on $server..."
ssh "$server" sudo bash <<EOF
if [ -z "$pri_group" ] || [ -z "$pri_gid" ]; then
echo "Primary group or GID missing for $user_id. Skipping."
exit 0
fi
if ! getent group "$pri_group" >/dev/null; then
groupadd -g "$pri_gid" "$pri_group"
fi
SEC_GROUPS=""
for grp in "$sec_grp1" "$sec_grp2" "$sec_grp3"; do
if [ -n "\$grp" ]; then
getent group "\$grp" >/dev/null || groupadd "\$grp"
SEC_GROUPS="\$SEC_GROUPS,\$grp"
fi
done
SEC_GROUPS="\${SEC_GROUPS#,}"
if ! id "$user_id" >/dev/null 2>&1; then
useradd \
-g "$pri_group" \
\${SEC_GROUPS:+-G "\$SEC_GROUPS"} \
-d "$home_dir" \
-s "$shell" \
-c "$gecos" \
-m "$user_id"
echo "$user_id:$password" | chpasswd
echo "User $user_id created successfully on $server"
else
echo "User $user_id already exists on $server"
fi
EOF
done
done
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
How to Run the Script
1. Make the script executable:
# chmod +x create_users_remote.sh
2. Execute it by passing the target servers:
# ./create_users_remote.sh server1 server2 server3
Security Considerations
Storing plain-text passwords in CSV files is not recommended for production environments. Consider:
- Using hashed passwords
- Forcing password change on first login
- Using SSH keys instead of passwords
This Bash-based approach provides a lightweight yet effective way to manage users across multiple Linux servers. It is easy to understand, easy to modify, and suitable for small to medium-scale environments where full configuration management tools may not be required.
No comments:
Post a Comment