Commit | Line | Data |
---|---|---|
805e021f CE |
1 | =head1 NAME |
2 | ||
3 | pts_adduser - Adds a user or machine to a Protection Database group | |
4 | ||
5 | =head1 SYNOPSIS | |
6 | ||
7 | =for html | |
8 | <div class="synopsis"> | |
9 | ||
10 | B<pts adduser> S<<< B<-user> <I<user name>>+ >>> S<<< B<-group> <I<group name>>+ >>> | |
11 | S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>] [B<-force>] [B<-help>] | |
12 | [B<-auth>] [B<-encrypt>] S<<< [B<-config> <I<config directory>>] >>> | |
13 | ||
14 | B<pts ad> S<<< B<-u> <I<user name>>+ >>> S<<< B<-g> <I<group name>>+ >>> | |
15 | S<<< [B<-c> <I<cell name>>] >>> [B<-n>] [B<-l>] [B<-f>] [B<-h>] | |
16 | [B<-a>] [B<-e>] S<<< [B<-co> <I<config directory>>] >>> | |
17 | ||
18 | =for html | |
19 | </div> | |
20 | ||
21 | =head1 DESCRIPTION | |
22 | ||
23 | The B<pts adduser> command adds each user or machine entry named by the | |
24 | B<-user> argument as a member of each group named by the B<-group> | |
25 | argument. | |
26 | ||
27 | To remove members of a group, use the B<pts removeuser> command. To list | |
28 | the groups to which a user or machine belongs, or the members of a | |
29 | specified group, use the B<pts membership> command. | |
30 | ||
31 | =head1 CAUTIONS | |
32 | ||
33 | After being added as a group member, a currently authenticated user must | |
34 | reauthenticate (for example, by issuing the B<aklog> or B<klog.krb5> commands) | |
35 | to obtain permissions granted to the group on an access control list (ACL). | |
36 | ||
37 | =head1 OPTIONS | |
38 | ||
39 | =over 4 | |
40 | ||
41 | =item B<-user> <I<user name>>+ | |
42 | ||
43 | Specifies the name of each user or machine entry to add to each group | |
44 | named by the B<-group> argument. The name of a machine entry resembles an | |
45 | IP address and can use the wildcard notation described on the B<pts | |
46 | createuser> reference page. The user or machine entry must already exist | |
47 | in the Protection Database. | |
48 | ||
49 | =item B<-group> <I<group name>>+ | |
50 | ||
51 | Specifies the complete name (including the owner prefix if applicable) of | |
52 | each group to which to add members. The group entry must already exist in | |
53 | the Protection Database. | |
54 | ||
55 | =include fragments/pts-common.pod | |
56 | ||
57 | =back | |
58 | ||
59 | =head1 EXAMPLES | |
60 | ||
61 | The following example adds user smith to the group system:administrators. | |
62 | ||
63 | % pts adduser -user smith -group system:administrators | |
64 | ||
65 | The following example adds users C<jones>, C<terry>, and B<pat> to the | |
66 | smith:colleagues group. | |
67 | ||
68 | % pts adduser -user jones terry pat -group smith:colleagues | |
69 | ||
70 | The following example adds the machine entries in the Example Corporation | |
71 | subnet to the group C<bin-prot>. Because of the IP address range of the | |
72 | Example Corporation subnet, the system administrator was able to group the | |
73 | machines into three machine entries (using the wildcard notation discussed | |
74 | on the B<pts createuser> reference page). | |
75 | ||
76 | % pts adduser -user 138.255.0.0 192.12.105.0 192.12.106.0 -group bin-prot | |
77 | ||
78 | =head1 PRIVILEGE REQUIRED | |
79 | ||
80 | The required privilege depends on the setting of the fourth privacy flag | |
81 | in the Protection Database entry for each group named by the B<-group> | |
82 | argument (use the B<pts examine> command to display the flags): | |
83 | ||
84 | =over 4 | |
85 | ||
86 | =item * | |
87 | ||
88 | If it is the hyphen, only the group's owner and members of the | |
89 | system:administrators group can add members. | |
90 | ||
91 | =item * | |
92 | ||
93 | If it is lowercase C<a>, current members of the group can add new members. | |
94 | ||
95 | =item * | |
96 | ||
97 | If it is uppercase C<A>, anyone who can access the cell's database server | |
98 | machines can add new members. | |
99 | ||
100 | =back | |
101 | ||
102 | =head1 SEE ALSO | |
103 | ||
104 | L<pts(1)>, | |
105 | L<pts_createuser(1)>, | |
106 | L<pts_examine(1)>, | |
107 | L<pts_membership(1)>, | |
108 | L<pts_removeuser(1)>, | |
109 | L<pts_setfields(1)> | |
110 | ||
111 | =head1 COPYRIGHT | |
112 | ||
113 | IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved. | |
114 | ||
115 | This documentation is covered by the IBM Public License Version 1.0. It was | |
116 | converted from HTML to POD by software written by Chas Williams and Russ | |
117 | Allbery, based on work by Alf Wachsmann and Elizabeth Cassell. |