Chapter�12.�Administering User Accounts

Table of Contents

Summary of Instructions
The Components of an AFS User Account
Creating Local Password File Entries
Assigning AFS and UNIX UIDs that Match
Specifying Passwords in the Local Password File
Converting Existing UNIX Accounts
Making UNIX and AFS UIDs Match
Setting the Password Field Appropriately
Moving Local Files into AFS
Creating AFS User Accounts
To create one user account with individual commands
Improving Password and Authentication Security
To limit the number of consecutive failed authentication attempts
To unlock a locked user account
To set password lifetime
To prohibit reuse of passwords
Changing AFS Passwords
To change an AFS password
Displaying and Setting the Quota on User Volumes
Changing Usernames
To change a username
Removing a User Account
To remove a user account

This chapter explains how to create and maintain user accounts in your cell.

The preferred method for creating user accounts is the uss program, which enables you to create multiple accounts with a single command. See Creating and Deleting User Accounts with the uss Command Suite. If you prefer to create each account component individually, follow the instructions in Creating AFS User Accounts.

Summary of Instructions

This chapter explains how to perform the following tasks by using the indicated commands:

Create Protection Database entrypts createuser
Create Authentication Database entrykas create
Create volumevos create
Mount volumefs mkmount
Create entry on ACLfs setacl
Examine Protection Database entrypts examine
Change directory ownership/etc/chown
Limit failed authentication attemptskas setfields with -attempts and -locktime
Unlock Authentication Database entrykas unlock
Set password lifetimekas setfields with -pwexpires
Prohibit password reusekas setfields with -reuse
Change AFS passwordkas setpassword
List groups owned by userpts listowned
Rename Protection Database entrypts rename
Delete Authentication Database entrykas delete
Rename volumevos rename
Remove mount pointfs rmmount
Delete Protection Database entrypts delete
List volume locationvos listvldb
Remove volumevos remove