COURSE: Network Service Administrator

CODE BCN3043
TOPIC 1. User management (part 1)

LAB MODULE: 3 DURATION: 2 hours

INSTRUCTION:
1. Read and follow the simple notes given.
2. Do the tasks given
3. Used Centos 7 Server 2 with the password: 123456, root password: 123456

OBJECTIVE:
At the end of this lab section, students will be able to:
1. Add new admin into the system
2. Create password for each admin
3. Print out the specific output base on the command given

BACKGROUND:

1. Introduction
In managing network server, managing users such as adding and removing user is important.
When you create a new server, you are only given the root account by default. However, it is
dangerous to use this root account alone because - It will provide you a lot of power and
flexibility. For example, sometimes accidentally deleted the server’s entire important file system.

2. Why we need to add user?

a) It is almost always a better idea to add an additional, unprivileged user to do common tasks.
You should also create additional accounts for any other users that need access to your
server.
b) Moreover, we need to provide user accounts for our assistant that need to access our server.
If we have three assistants, therefore we need to add three users that have access to our
server.

Each user should have an additional account so that their activities can be monitored and
managed. You can still acquire administrative privileges, when needed, through a mechanism
called sudo.
This lab sheet covers how to create user accounts, assign sudo privileges, and delete users on a
CentOS 7 server.
3. Take control of Linux
if you have ever used Ubuntu, you know that the root account is disabled. This is because the
root password is not set in Ubuntu, you can assign one and use it as with every other Linux
distribution. That anyway is another story. On normal Ubuntu Linux computers you need to use
sudo to act as root. Before you want to add the new user, the file sudoers should be modified by
typing (you must be in root directory to edit sudoers):

su
to change into root directory

exit
to exit from root directory

To modified sudoers file

1.
vi /etc/sudoers
vi text editor has 2 mode :
insert mode : type i
command mode : press ESC
For more detail can refer to this link VI Text Editor with Commands:
https://www.guru99.com/the-vi-editor.html

2. Find where it says "root ALL=(ALL) ALL".

3. Type "o" to insert a new line below it.
4. Insert "xxxxx ALL=(ALL) ALL".

In above case, the xxxx refer to server:

"server ALL=(ALL) ALL".

5. Hit esc to exit insert-mode.

6. Type ":wq!" to save and exit.

4. Adding Users
If you are signed in as the root user, you can create a new user at any time by typing (Be sure to
replace username with the user that you want to create @ add):

adduser username

If you are signed in as a non-root user who has been given sudo privileges, as demonstrated in
the next section of this tutorial, you can add a new user by typing:

sudo adduser username

Then to make sure that the new user already added to the server, type this command:

tail -i /etc/passwd

note : the tail command will display the last I number of lines of a file
for example :
tail -2 /etc/passwd

Next, you’ll need to give your user a password so that they can log in. To do so, use the passwd
command:

passwd username

NOTE: REMEMBER TO ADD sudo AHEAD OF THE COMMAND IF YOU ARE SIGNED IN AS A NON-
ROOT USER WITH SUDO PRIVILEGES.

You will be prompted to type in the password twice to confirm it. Now your new user is set up
and ready for use! You can now log in as that user, using the password that you set up.

Note : password created must 8 character and above

When you log out, you will see that the new user already added to the server such as example
below:
Log in into new user account, it shows that the server name is admin1

5. Granting Sudo Privileges to a User

If your new user SHOULD have the ability to execute commands with root (administrative)
privileges, you will need to give the new user access to sudo.

We can do this by adding the user to the any group (which gives sudo access to all of its members
by default) through the gpasswd command. This is the safest and easiest way to
manage sudo user rights.

To add new group:

groupadd groupname

Then add user to a grouped that have been created by typing:

usermod -G groupname username

OR just simply type this command to create and add the username at the same time
gpasswd -a username groupname

you can check the username already add to the group by typing:
tail –i /etc/group

Now your new user is able to execute commands with administrative privileges. To do so, simply
type sudo ahead of the command that you want to execute as an administrator:

sudo some_command

You will be prompted to enter the password of the regular user account that you are signed in
as. Once the correct password has been submitted, the command you entered will be executed
with root privileges.

6. To delete user in a group

gpasswd –d username groupname

7. Managing Users with Sudo Privileges

While you can add and remove users from a group (such as wheel) with gpasswd, the command
doesn’t have a way to show which users are members of a group. In order to see which users are
part of that group (and thus have sudo privileges by default), you can use the lid function. lid is
normally used to show which groups a user belongs to, but with the -g flag, you can reverse it
and show which users belong in a group:

sudo lid -g groupname

The output will show you the usernames and UIDs that are associated with the group. This is a
good way of confirming that your previous commands were successful, and that the user has the
privileges that they need.

8. Deleting Users

If you have a user account that you no longer need, it’s best to delete the old account. You have
a couple of methods to do so, though the choice of which method to use depends on your own
situation.

If you want to delete the user without deleting any of their files, type this command as root:
userdel username

If you want to delete the user’s home directory along with the user account itself, type this
command as root:
userdel -r username
TASK (PRINT SCREEN ALL THE ANSWER)
1. Add three new users into the server according to these names
a. User1
b. User2
c. User3
Shows the prove that all the new users already created.

2. Set password for user1 with 1234, record what is happen and why it’s happen.

3. Set the password for all the users:

a. User1 : fkomump1
b. User2: fkomump2
c. User3: fkomump3

4. Login into these three new users using the password created and type command “who am I”
Screenshot the Answer

5. Grant sudo privileges of user1 and user2 into admin group. (add user1 and user2 inside admin
group)
Shows the prove that user1 and user2 are inside admin group

6. Delete user3. Shows the user3 already remove from the system

7. Print history and save it name <yourname>command. * print out the history command
together with your hardcopy