--- /dev/null
+<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 4//EN">
+<HTML><HEAD>
+<TITLE>Administration Reference</TITLE>
+<!-- Begin Header Records ========================================== -->
+<!-- /tmp/idwt3672/auarf000.scr converted by idb2h R4.2 (359) ID -->
+<!-- Workbench Version (AIX) on 3 Oct 2000 at 16:18:30 -->
+<META HTTP-EQUIV="updated" CONTENT="Tue, 03 Oct 2000 16:18:29">
+<META HTTP-EQUIV="review" CONTENT="Wed, 03 Oct 2001 16:18:29">
+<META HTTP-EQUIV="expires" CONTENT="Thu, 03 Oct 2002 16:18:29">
+</HEAD><BODY>
+<!-- (C) IBM Corporation 2000. All Rights Reserved -->
+<BODY bgcolor="ffffff">
+<!-- End Header Records ============================================ -->
+<A NAME="Top_Of_Page"></A>
+<H1>Administration Reference</H1>
+<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf214.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Bot_Of_Page"><IMG SRC="../bot.gif" BORDER="0" ALT="[Bottom of Topic]"></A> <A HREF="auarf216.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
+<P>
+<H2><A NAME="HDRPTS_CREATEUSER" HREF="auarf002.htm#ToC_229">pts createuser</A></H2>
+<A NAME="IDX5274"></A>
+<A NAME="IDX5275"></A>
+<A NAME="IDX5276"></A>
+<A NAME="IDX5277"></A>
+<A NAME="IDX5278"></A>
+<A NAME="IDX5279"></A>
+<A NAME="IDX5280"></A>
+<A NAME="IDX5281"></A>
+<A NAME="IDX5282"></A>
+<A NAME="IDX5283"></A>
+<A NAME="IDX5284"></A>
+<A NAME="IDX5285"></A>
+<A NAME="IDX5286"></A>
+<A NAME="IDX5287"></A>
+<A NAME="IDX5288"></A>
+<A NAME="IDX5289"></A>
+<A NAME="IDX5290"></A>
+<A NAME="IDX5291"></A>
+<A NAME="IDX5292"></A>
+<P><STRONG>Purpose</STRONG>
+<P>Creates a user or machine entry in the Protection Database
+<P><STRONG>Synopsis</STRONG>
+<PRE><B>pts createuser -name</B> <<VAR>user name</VAR>><SUP>+</SUP> [<B>-id</B> <<VAR>user id</VAR>><SUP>+</SUP>] [<B>-cell</B> <<VAR>cell name</VAR>>]
+ [<B>-noauth</B>] [<B>-force</B>] [<B>-help</B>]
+
+<B>pts createu -na</B> <<VAR>user name</VAR>><SUP>+</SUP> [<B>-i</B> <<VAR>user id</VAR>><SUP>+</SUP>] [<B>-c</B> <<VAR>cell name</VAR>>]
+ [<B>-no</B>] [<B>-f</B>] [<B>-h</B>]
+
+<B>pts cu -na</B> <<VAR>user name</VAR>><SUP>+</SUP> [<B>-i</B> <<VAR>user id</VAR>><SUP>+</SUP>] [<B>-c</B> <<VAR>cell name</VAR>>] [<B>-no</B>] [<B>-f</B>] [<B>-h</B>]
+</PRE>
+<P><STRONG>Description</STRONG>
+<P>The <B>pts createuser</B> command creates an entry in the Protection
+Database for each user or machine specified by the <B>-name</B>
+argument. A user entry name becomes the user's AFS username (the
+one to provide when authenticating with the AFS Authentication Server).
+A machine entry's name is the machine's IP address or a wildcard
+notation that represents a range of consecutive IP addresses (a group of
+machines on the same network). It is not possible to authenticate as a
+machine, but a group to which a machine entry belongs can appear on a
+directory's access control list (ACL), thereby granting the indicated
+permissions to any user logged on to the machine.
+<P>AFS user IDs (AFS UIDs) are positive integers and by default the Protection
+Server assigns an AFS UID that is one greater than the current value of the
+<TT>max user id</TT> counter in the Protection Database, incrementing the
+counter by one for each user. To assign a specific AFS UID, use the
+<B>-id</B> argument. If any of the specified AFS UIDs is greater
+than the current value of the <TT>max user id</TT> counter, the counter is
+reset to that value. It is acceptable to specify an AFS UID smaller
+than the current value of the counter, but the creation operation fails if an
+existing user or machine entry already has it. To display or set the
+value of the <TT>max user id</TT> counter, use the <B>pts listmax</B> or
+<B>pts setmax</B> command, respectively.
+<P>The issuer of the <B>pts createuser</B> command is recorded as the
+entry's creator and the group <B>system:administrators</B> as
+its owner.
+<P><STRONG>Cautions</STRONG>
+<P>The Protection Server reserves AFS UID 0 (zero) and returns an error if the
+<B>-id</B> argument has that value.
+<P><STRONG>Options</STRONG>
+<DL>
+<P><DT><B>-name
+</B><DD>Specifies either a username for a user entry, or an IP address (complete
+or wildcarded) for a machine entry:
+<UL>
+<P><LI>A username can include up to 63 numbers and lowercase letters, but it is
+best to make it shorter than eight characters, because many application
+programs cannot handle longer names. Also, it is best not to include
+shell metacharacters or other punctuation marks. In particular, the
+colon (<B>:</B>) and at-sign (<B>@</B>) characters are not
+acceptable. The period is generally used only in special administrative
+names, to separate the username and an <I>instance</I>, as in the example
+<B>pat.admin</B>.
+<P><LI>A machine identifier is its IP address in dotted decimal notation (for
+example, 192.12.108.240), or a wildcard notation that
+represents a set of IP addresses (a group of machines on the same
+network). The following are acceptable wildcard formats. The
+letters <B>W</B>, <B>X</B>, <B>Y</B> and <B>Z</B> each
+represent an actual number from the range 1 through 255.
+<UL>
+<P><LI><B>W.X.Y.Z</B> represents a single machine, for
+example <B>192.12.108.240</B>.
+<P><LI><B>W.X.Y.0</B> matches all machines whose IP
+addresses start with the first three numbers. For example,
+<B>192.12.108.0</B> matches both
+<B>192.12.108.119</B> and
+<B>192.12.108.120</B>, but does not match
+<B>192.12.105.144</B>.
+<P><LI><B>W.X.0.0</B> matches all machines whose IP
+addresses start with the first two numbers. For example, the address
+<B>192.12.0.0</B> matches both
+<B>192.12.106.23</B> and
+<B>192.12.108.120</B>, but does not match
+<B>192.5.30.95</B>.
+<P><LI><B>W.0.0.0</B> matches all machines whose IP
+addresses start with the first number in the specified address. For
+example, the address <B>192.0.0.0</B> matches both
+<B>192.5.30.95</B> and
+<B>192.12.108.120</B>, but does not match
+<B>138.255.63.52</B>.
+</UL>
+<P>Do not define a machine entry with the name
+<B>0.0.0.0</B> to match every machine. The
+<B>system:anyuser</B> group is equivalent.
+</UL>
+<P><DT><B>-id
+</B><DD>Specifies an AFS UID for each user or machine entry, rather than allowing
+the Protection Server to assign it. Provide a positive integer.
+<P>If this argument is used and the <B>-name</B> argument names multiple
+new entries, it is best to provide an equivalent number of AFS UIDs.
+The first UID is assigned to the first entry, the second to the second entry,
+and so on. If there are fewer UIDs than entries, the Protection Server
+assigns UIDs to the unmatched entries based on the <TT>max user id</TT>
+counter. If there are more UIDs than entries, the excess UIDs are
+ignored. If any of the UIDs is greater than the current value of the
+<TT>max user id</TT> counter, the counter is reset to that value.
+<P><DT><B>-cell
+</B><DD>Names the cell in which to run the command. For more details, see
+the introductory <B>pts</B> reference page.
+<P><DT><B>-noauth
+</B><DD>Assigns the unprivileged identity <B>anonymous</B> to the
+issuer. For more details, see the introductory <B>pts</B> reference
+page.
+<P><DT><B>-force
+</B><DD>Enables the command to continue executing as far as possible when errors
+or other problems occur, rather than halting execution at the first
+error.
+<P><DT><B>-help
+</B><DD>Prints the online help for this command. All other valid options
+are ignored.
+</DL>
+<P><STRONG>Output</STRONG>
+<P>The command generates the following string to confirm creation of each
+user:
+<PRE> User <VAR>name</VAR> has id <VAR>id</VAR>
+
+</PRE>
+<P><STRONG>Examples</STRONG>
+<P>The following example creates a Protection Database entry for the user
+<B>johnson</B>.
+<PRE> % <B>pts createuser -name johnson</B>
+
+</PRE>
+<P>The following example creates three wildcarded machine entries in the ABC
+Corporation cell. The three entries encompass all of the machines on
+the company's networks without including machines on other
+networks:
+<PRE> % <B>pts createuser -name 138.255.0.0 192.12.105.0 192.12.106.0</B>
+
+</PRE>
+<P><STRONG>Privilege Required</STRONG>
+<P>The issuer must belong to the <B>system:administrators</B>
+group.
+<P><STRONG>Related Information</STRONG>
+<P><A HREF="auarf210.htm#HDRPTS_INTRO">pts</A>
+<P><A HREF="auarf220.htm#HDRPTS_LISTMAX">pts listmax</A>
+<P><A HREF="auarf226.htm#HDRPTS_SETMAX">pts setmax</A>
+<P>
+<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf214.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Top_Of_Page"><IMG SRC="../top.gif" BORDER="0" ALT="[Top of Topic]"></A> <A HREF="auarf216.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P>
+<!-- Begin Footer Records ========================================== -->
+<P><HR><B>
+<br>© <A HREF="http://www.ibm.com/">IBM Corporation 2000.</A> All Rights Reserved
+</B>
+<!-- End Footer Records ============================================ -->
+<A NAME="Bot_Of_Page"></A>
+</BODY></HTML>
git://git.openafs.org / openafs.git / blobdiff