3 pts adduser - Adds a user or machine to a Protection Database group
7 B<pts adduser> B<-user> <I<user name>>+ B<-group> <I<group name>>+
8 [B<-cell> <I<cell name>>] [B<-noauth>] [B<-force>] [B<-help>]
10 B<pts ad> B<-u> <I<user name>>+ B<-g> <I<group name>>+
11 [B<-c> <I<cell name>>] [B<-n>] [B<-f>] [B<-h>]
15 The B<pts adduser> command adds each user or machine entry named by the
16 B<-user> argument as a member of each group named by the B<-group>
19 To remove members of a group, use the B<pts removeuser> command. To list
20 the groups to which a user or machine belongs, or the members of a
21 specified group, use the B<pts membership> command.
25 After being added as a group member, a currently authenticated user must
26 reauthenticate (for example, by issuing the B<klog> command) to obtain
27 permissions granted to the group on an access control list (ACL).
33 =item B<-user> <I<user name>>+
35 Specifies the name of each user or machine entry to add to each group
36 named by the B<-group> argument. The name of a machine entry resembles an
37 IP address and can use the wildcard notation described on the B<pts
38 createuser> reference page. The user or machine entry must already exist
39 in the Protection Database.
41 =item B<-group> <I<group name>>+
43 Specifies the complete name (including the owner prefix if applicable) of
44 each group to which to add members. The group entry must already exist in
45 the Protection Database.
47 =item B<-cell> <I<cell name>>
49 Names the cell in which to run the command. For more details, see
54 Assigns the unprivileged identity anonymous to the issuer. For more
55 details, see L<pts(1)>.
59 Enables the command to continue executing as far as possible when errors
60 or other problems occur, rather than halting execution at the first error.
64 Prints the online help for this command. All other valid options are
71 The following example adds user smith to the group system:administrators.
73 % pts adduser -user smith -group system:administrators
75 The following example adds users C<jones>, C<terry>, and B<pat> to the
76 smith:colleagues group.
78 % pts adduser -user jones terry pat -group smith:colleagues
80 The following example adds the machine entries in the ABC Corporation
81 subnet to the group C<bin-prot>. Because of the IP address range of the
82 ABC Corporation subnet, the system administrator was able to group the
83 machines into three machine entries (using the wildcard notation discussed
84 on the B<pts createuser> reference page).
86 % pts adduser -user 138.255.0.0 192.12.105.0 192.12.106.0 -group bin-prot
88 =head1 PRIVILEGE REQUIRED
90 The required privilege depends on the setting of the fourth privacy flag
91 in the Protection Database entry for each group named by the B<-group>
92 argument (use the B<pts examine> command to display the flags):
98 If it is the hyphen, only the group's owner and members of the
99 system:administrators group can add members.
103 If it is lowercase C<a>, current members of the group can add new members.
107 If it is uppercase C<A>, anyone who can access the cell's database server
108 machines can add new members.
115 L<pts_createuser(1)>,
117 L<pts_membership(1)>,
118 L<pts_removeuser(1)>,
123 IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
125 This documentation is covered by the IBM Public License Version 1.0. It was
126 converted from HTML to POD by software written by Chas Williams and Russ
127 Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.