Here’s the command to create a Linux user with a specific user id and group id.
sudo groupadd -r -g 1234567 username sudo useradd -r -u 1234567 -g 1234567 -m -d /home/username -s /bin/bash nexus -c "my new account" |
cloud engineer
Here’s the command to create a Linux user with a specific user id and group id.
sudo groupadd -r -g 1234567 username sudo useradd -r -u 1234567 -g 1234567 -m -d /home/username -s /bin/bash nexus -c "my new account" |
sudo groupadd -r -g 1234567 username sudo useradd -r -u 1234567 -g 1234567 -m -d /home/username -s /bin/bash nexus -c "my new account"
Vintela is a utility for allowing AD users to login to Linux. Here are some basic troubleshooting tips.
#check version vastool -v # check status vastool status # start stop script /etc/init.d/vasd start/stop/restart # check user access vastool user checkaccess username # list users vastool list users # flush cache vastool flush # unjoin domain vastool unjoin -f -l # join domain vastool -u username@domain.com -w password join -f -c OU=Linux,OU=linux,OU=Servers,DC=domain.com,DC=net domain.com |
#check version vastool -v # check status vastool status # start stop script /etc/init.d/vasd start/stop/restart # check user access vastool user checkaccess username # list users vastool list users # flush cache vastool flush # unjoin domain vastool unjoin -f -l # join domain vastool -u username@domain.com -w password join -f -c OU=Linux,OU=linux,OU=Servers,DC=domain.com,DC=net domain.com
Important files.
/etc/opt/quest/vas/host.keytab Encrypted host key /etc/opt/quest/vas/group-override Maps accounts to groups /etc/opt/quest/vas/users.allow Lists groups that are granted access to the server /etc/opt/quest/vas/xjoin.keytab File used to join server to domain /etc/opt/quest/vas/vas.conf Primary VAS configuration file /etc/opt/quest/vas/user-override Allows you to override specific user settings |
/etc/opt/quest/vas/host.keytab Encrypted host key /etc/opt/quest/vas/group-override Maps accounts to groups /etc/opt/quest/vas/users.allow Lists groups that are granted access to the server /etc/opt/quest/vas/xjoin.keytab File used to join server to domain /etc/opt/quest/vas/vas.conf Primary VAS configuration file /etc/opt/quest/vas/user-override Allows you to override specific user settings
Here’s how to delete a Linux user.
userdel username |
userdel username
Delete user and the home directory.
userdel -f username |
userdel -f username
Here’s how to add an existing user to a user group in Linux.
usermod -a -G groupname username usermod -a -G www-data john |
usermod -a -G groupname username usermod -a -G www-data john
List all users belonging to a group.
lid -g www-data |
lid -g www-data
List all the groups the user belongs to.
groups john |
groups john
This is a very simple command to run. Login to MySQL first and run the following the command line.
ALTER USER username IDENTIFIED BY 'password'; |
ALTER USER username IDENTIFIED BY 'password';
Flush privileges for changes to take effect.
flush privileges; |
flush privileges;
Here’s how to create a WordPress site that’s read only. You will not be able to create, update and delete posts.
mariadb -u root -p use mysql; create user 'wpro'@'localhost' identified by 'yourpassword'; grant select on wordpress.* to 'wpro'@'localhost'; flush privileges; |
mariadb -u root -p use mysql; create user 'wpro'@'localhost' identified by 'yourpassword'; grant select on wordpress.* to 'wpro'@'localhost'; flush privileges;
In MySQL or MariaDB, you have to terminate all commands with a semicolon.
Now edit your WordPress wp-config.php file. vim /var/www/wordpress/wp-config.php.
/** MySQL database username */ define('DB_USER', 'wpro'); /** MySQL database password */ define('DB_PASSWORD', 'yourpassword'); |
/** MySQL database username */ define('DB_USER', 'wpro'); /** MySQL database password */ define('DB_PASSWORD', 'yourpassword');
After saving the wp-config.php file, everything should work just like before, except that you will not be able to save, publish or delete posts, pages, or add or delete media files to your WordPress site. It’s working as intended.
Here’s the command to check if instance is domain joined.
realm discover domain.com |
realm discover domain.com
To check if AD user is working.
id user@ad.example.com |
id user@ad.example.com
To check if AD group is working.
getent group ad-group |
getent group ad-group
Here’s how to list all the access keys in AWS via Python.
import logging import boto3 from botocore.exceptions import ClientError # set aws profile session = boto3.Session(profile_name="default") # get list of users iam = session.client('iam') users = iam.list_users() # display results print("{0:<20} {1:<25} {2:<15} {3:<10}".format('UserName', 'AccessKey', 'Status', 'CreateDate')) print("----------------------------------------------------------------------------------------") for a in users['Users']: user = a['UserName'] # get keys keys = iam.list_access_keys(UserName=user) for b in keys['AccessKeyMetadata']: username = b['UserName'] accesskeyid = b['AccessKeyId'] status = b['Status'] createdate = str(b['CreateDate']) print("{0:<20} {1:<25} {2:<15} {3:<10}".format(username, accesskeyid, status, createdate)) |
import logging import boto3 from botocore.exceptions import ClientError # set aws profile session = boto3.Session(profile_name="default") # get list of users iam = session.client('iam') users = iam.list_users() # display results print("{0:<20} {1:<25} {2:<15} {3:<10}".format('UserName', 'AccessKey', 'Status', 'CreateDate')) print("----------------------------------------------------------------------------------------") for a in users['Users']: user = a['UserName'] # get keys keys = iam.list_access_keys(UserName=user) for b in keys['AccessKeyMetadata']: username = b['UserName'] accesskeyid = b['AccessKeyId'] status = b['Status'] createdate = str(b['CreateDate']) print("{0:<20} {1:<25} {2:<15} {3:<10}".format(username, accesskeyid, status, createdate))