Although I have LDAP managed users and Kerberos authentication, occasionally I need to make local system accounts on my servers. With the deployment of Bcfg2 on RHEL 6 surely I could do this. Well, not without some searching.
I came across this:
That turned out to be a fantastic way to examine the local accounts and create them if needed. You’ll need a “passwd” Probe that’s not mentioned on the pastebin that does nothing more than “cat /etc/passwd”.
Looking closer, you’ll notice that its not using Red Hat style tools. Fortunately, it was easy to port. My version is here:
Mostly, I’ve corrected paths and some command options. I’m also using “–non-unique” which seems strange. However, I have over 100,000 accounts in LDAP and the LDAP servers limit queries to 500 responses. I don’t want useradd to attempt to iterate through all the LDAP accounts.