Hi all,
I'm in the process of creating a scripted build for ESX 3.5 U2.. as part of my script i want to create an additional SC account, currenlty i create the account with plaintext password and then re-enable the account like so:
useradd newaccount -p "plaintextpassword"
passwd newaccount -u
i am able to get an encrypted password string using /sbin/grub-md5-crypt but i'm not sure how to put this into the script... if i do this it doesnt work
useradd newaccount -p '$1233445878900ETCETC'
Any ideas?
Thanks
Emma
Hi Emma,
Because you are running the command in a script (as opposed to interactively) - then the $ characters in the encrypted password will be interpreted wrongly.
So to get:
useradd -p '$1$9kldl$wOXyCckxGWBHb5lImhQj50' vAdmin01
you would need to put:
useradd -p '\$1$9kldl\$wOXyCckxGWBHb5lImhQj50' vAdmin01
i.e. precede all the dollars with a back slash.
(and similarly for any other strange characters in the encrypted password string)
I do the same thing in my build scripts (I use double qotes rather than single around the encrpted password - Ihave no idea if that makes a difference too - but if yours still fails with the backslashes, then try the double quotes too)
i.e. useradd -p "\$1$9kldl\$wOXyCckxGWBHb5lImhQj50" vAdmin01
Cheers
Dinny
Hi,
This should work... the -p option only accept encrypted passwords.
Take a look here http://communities.vmware.com/message/812568 and here http://communities.vmware.com/message/864062#864062
Hi Demz,
Do I or dont I need the ' ' around the encrypted password?
Emma
Just tried what you did and it works for me. It seems that your encrypted PW is the issue.
My grub-md5-crypt always returns 31 character encrypted PWs. The super secure password 'password' gives me '$1$Y9oel$GGvxxEP68y2bRmYklXCD5.' for example.
Hello,
Here is the command I use to create additional users with encrypted passwords:
/usr/sbin/useradd -m -p '$6$QJFf7ps1%bp4n7XsubwjDtAydlvy3z3' -c SecondAdmin -g users -G users -d /home/SecondAdmin -s /bin/bash SecondAdmin
This of course is not a valid password, but the syntax is correct. I created the encrypted password just as you described then cut/paste in to my post install script.
Hope this helps!
You do need the ' ... with useradd/usermod.
that encrypted password was just a rubbish string i'd chuck in for this post as i couldn't be bothered to type it out!
i know the encrypted string works as i'm currently using the same one for the --rootpw variable
whats not working then?
Thanks all,
The only diff i can see is in the ordering of my useradd cmd i.e i state the useraccount before the password - will change this and have another go.
My post is right out of my post installation script, that I just used last week. You can also verify it's integrity by simply copying and pasting into a Service Console, I test most of my scripted commands that way. If it works via the Service Console then it will work in a script.
That will normally not bring any changes...
It's still not working ?
cool stuff,
Duncan
Blogging: http://www.yellow-bricks.com
If you find this information useful, please award points for "correct" or "helpful".
Still not working...here's an exact copy of my script - it's a bit messy at the moment!
#Create local user account and add to root group
grep ^admins: /etc/group > /dev/null || groupadd admins
grep ^%admins /etc/sudoers > /dev/null || echo %admins ALL = NOPASSWD: ALL >> /etc/sudoers
useradd -p '$1$9kldl$wOXyCckxGWBHb5lImhQj50' vAdmin01
#echo password | passwd --stdin vAdmin01
usermod -G admins vAdmin01
usermod -G root vAdmin01
#passwd vAdmin01 -u
can anyone see anything wrong with this
Emma,
If you bypass the script and simply do a useradd -p '$1$9kldl$wOXyCckxGWBHb5lImhQj50' vAdmin01, can you login with this account ?
yes i can.... something wrong with my script :_|
and after the usermod commands ?
Hi Emma,
Because you are running the command in a script (as opposed to interactively) - then the $ characters in the encrypted password will be interpreted wrongly.
So to get:
useradd -p '$1$9kldl$wOXyCckxGWBHb5lImhQj50' vAdmin01
you would need to put:
useradd -p '\$1$9kldl\$wOXyCckxGWBHb5lImhQj50' vAdmin01
i.e. precede all the dollars with a back slash.
(and similarly for any other strange characters in the encrypted password string)
I do the same thing in my build scripts (I use double qotes rather than single around the encrpted password - Ihave no idea if that makes a difference too - but if yours still fails with the backslashes, then try the double quotes too)
i.e. useradd -p "\$1$9kldl\$wOXyCckxGWBHb5lImhQj50" vAdmin01
Cheers
Dinny
Thanks Dinny - that was it the / were needed for the dollar signs.
Thanks to all
Emma
Dammit I didn't seen it !
Shame on me, sorry Emma
no worries! Thanks for you help.