Chapter 7. Getting started with managing user accounts
Red Hat Enterprise Linux is a multi-user operating system, which enables multiple users on different computers to access a single system installed on one machine. Every user operates under its own account, and managing user accounts thus represents a core element of Red Hat Enterprise Linux system administration.
The following are the different types of user accounts:
Normal user accounts:
Normal accounts are created for users of a particular system. Such accounts can be added, removed, and modified during normal system administration.
System user accounts:
System user accounts represent a particular applications identifier on a system. Such accounts are generally added or manipulated only at software installation time, and they are not modified later.
WarningSystem accounts are presumed to be available locally on a system. If these accounts are configured and provided remotely, such as in the instance of an LDAP configuration, system breakage and service start failures can occur.
For system accounts, user IDs below 1000 are reserved. For normal accounts, you can use IDs starting at 1000. However, the recommended practice is to assign IDs starting at 5000. For assigning IDs, see the
/etc/login.defsfile.Group:
A group is an entity which ties together multiple user accounts for a common purpose, such as granting access to particular files.
7.1. Managing accounts and groups using command line tools
This section describes basic command-line tools to manage user accounts and groups.
To display user and group IDs:
$ id uid=1000(example.user) gid=1000(example.user) groups=1000(example.user),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
To create a new user account:
# useradd example.userTo assign a new password to a user account belonging to example.user:
# passwd example.userTo add a user to a group:
# usermod -a -G example.group example.user
Additional resources
-
man useradd(8),man passwd(1), andman usermod(8)
7.2. System user accounts managed in the web console
With user accounts displayed in the RHEL web console you can:
- Authenticate users when accessing the system.
- Set the access rights to the system.
The RHEL web console displays all user accounts located in the system. Therefore, you can see at least one user account just after the first login to the web console.
After logging into the RHEL web console, you can perform the following operations:
- Create new users accounts.
- Change their parameters.
- Lock accounts.
- Terminate user sessions.
7.3. Adding new accounts using the web console
Use the following steps for adding user accounts to the system and setting administration rights to the accounts through the RHEL web console.
Prerequisites
- The RHEL web console must be installed and accessible. For details, see Installing and enabling the web console.
Procedure
- Log in to the RHEL web console.
- Click .
- Click .
In the Full Name field, enter the full name of the user.
The RHEL web console automatically suggests a user name from the full name and fills it in the User Name field. If you do not want to use the original naming convention consisting of the first letter of the first name and the whole surname, update the suggestion.
In the Password/Confirm fields, enter the password and retype it for verification that your password is correct.
The color bar placed below the fields shows you security level of the entered password, which does not allow you to create a user with a weak password.
- Click to save the settings and close the dialog box.
- Select the newly created account.
Select Server Administrator in the Roles item.
Now you can see the new account in the Accounts settings and you can use the credentials to connect to the system.