[hcoop/debian/openafs.git] / doc / man-pages / pod1 / pts_adduser.pod.in

=head1 NAME

pts_adduser - Adds a user or machine to a Protection Database group

=head1 SYNOPSIS

=for html
<div class="synopsis">

B<pts adduser> S<<< B<-user> <I<user name>>+ >>> S<<< B<-group> <I<group name>>+ >>>
    S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>] [B<-force>] [B<-help>]
    [B<-auth>] [B<-encrypt>] S<<< [B<-config> <I<config directory>>] >>>

B<pts ad> S<<< B<-u> <I<user name>>+ >>> S<<< B<-g> <I<group name>>+ >>>
    S<<< [B<-c> <I<cell name>>] >>> [B<-n>] [B<-l>] [B<-f>] [B<-h>]
    [B<-a>] [B<-e>] S<<< [B<-co> <I<config directory>>] >>>

=for html
</div>

=head1 DESCRIPTION

The B<pts adduser> command adds each user or machine entry named by the
B<-user> argument as a member of each group named by the B<-group>
argument.

To remove members of a group, use the B<pts removeuser> command. To list
the groups to which a user or machine belongs, or the members of a
specified group, use the B<pts membership> command.

=head1 CAUTIONS

After being added as a group member, a currently authenticated user must
reauthenticate (for example, by issuing the B<aklog> or B<klog.krb5> commands)
to obtain permissions granted to the group on an access control list (ACL).

=head1 OPTIONS

=over 4

=item B<-user> <I<user name>>+

Specifies the name of each user or machine entry to add to each group
named by the B<-group> argument. The name of a machine entry resembles an
IP address and can use the wildcard notation described on the B<pts
createuser> reference page. The user or machine entry must already exist
in the Protection Database.

=item B<-group> <I<group name>>+

Specifies the complete name (including the owner prefix if applicable) of
each group to which to add members. The group entry must already exist in
the Protection Database.

=include fragments/pts-common.pod

=back

=head1 EXAMPLES

The following example adds user smith to the group system:administrators.

   % pts adduser -user smith -group system:administrators

The following example adds users C<jones>, C<terry>, and B<pat> to the
smith:colleagues group.

   % pts adduser -user jones terry pat -group smith:colleagues

The following example adds the machine entries in the Example Corporation
subnet to the group C<bin-prot>. Because of the IP address range of the
Example Corporation subnet, the system administrator was able to group the
machines into three machine entries (using the wildcard notation discussed
on the B<pts createuser> reference page).

   % pts adduser -user 138.255.0.0 192.12.105.0 192.12.106.0 -group bin-prot

=head1 PRIVILEGE REQUIRED

The required privilege depends on the setting of the fourth privacy flag
in the Protection Database entry for each group named by the B<-group>
argument (use the B<pts examine> command to display the flags):

=over 4

=item *

If it is the hyphen, only the group's owner and members of the
system:administrators group can add members.

=item *

If it is lowercase C<a>, current members of the group can add new members.

=item *

If it is uppercase C<A>, anyone who can access the cell's database server
machines can add new members.

=back

=head1 SEE ALSO

L<pts(1)>,
L<pts_createuser(1)>,
L<pts_examine(1)>,
L<pts_membership(1)>,
L<pts_removeuser(1)>,
L<pts_setfields(1)>

=head1 COPYRIGHT

IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

This documentation is covered by the IBM Public License Version 1.0.  It was
converted from HTML to POD by software written by Chas Williams and Russ
Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
Commit	Line	Data
805e021f CE	1	=head1 NAME
	2
	3	pts_adduser - Adds a user or machine to a Protection Database group
	4
	5	=head1 SYNOPSIS
	6
	7	=for html
	8	<div class="synopsis">
	9
	10	B<pts adduser> S<<< B<-user> <I<user name>>+ >>> S<<< B<-group> <I<group name>>+ >>>
	11	S<<< [B<-cell> <I<cell name>>] >>> [B<-noauth>] [B<-localauth>] [B<-force>] [B<-help>]
	12	[B<-auth>] [B<-encrypt>] S<<< [B<-config> <I<config directory>>] >>>
	13
	14	B<pts ad> S<<< B<-u> <I<user name>>+ >>> S<<< B<-g> <I<group name>>+ >>>
	15	S<<< [B<-c> <I<cell name>>] >>> [B<-n>] [B<-l>] [B<-f>] [B<-h>]
	16	[B<-a>] [B<-e>] S<<< [B<-co> <I<config directory>>] >>>
	17
	18	=for html
	19	</div>
	20
	21	=head1 DESCRIPTION
	22
	23	The B<pts adduser> command adds each user or machine entry named by the
	24	B<-user> argument as a member of each group named by the B<-group>
	25	argument.
	26
	27	To remove members of a group, use the B<pts removeuser> command. To list
	28	the groups to which a user or machine belongs, or the members of a
	29	specified group, use the B<pts membership> command.
	30
	31	=head1 CAUTIONS
	32
	33	After being added as a group member, a currently authenticated user must
	34	reauthenticate (for example, by issuing the B<aklog> or B<klog.krb5> commands)
	35	to obtain permissions granted to the group on an access control list (ACL).
	36
	37	=head1 OPTIONS
	38
	39	=over 4
	40
	41	=item B<-user> <I<user name>>+
	42
	43	Specifies the name of each user or machine entry to add to each group
	44	named by the B<-group> argument. The name of a machine entry resembles an
	45	IP address and can use the wildcard notation described on the B<pts
	46	createuser> reference page. The user or machine entry must already exist
	47	in the Protection Database.
	48
	49	=item B<-group> <I<group name>>+
	50
	51	Specifies the complete name (including the owner prefix if applicable) of
	52	each group to which to add members. The group entry must already exist in
	53	the Protection Database.
	54
	55	=include fragments/pts-common.pod
	56
	57	=back
	58
	59	=head1 EXAMPLES
	60
	61	The following example adds user smith to the group system:administrators.
	62
	63	% pts adduser -user smith -group system:administrators
	64
65	The following example adds users C<jones>, C<terry>, and B<pat> to the
66	smith:colleagues group.
67
68	% pts adduser -user jones terry pat -group smith:colleagues
69
70	The following example adds the machine entries in the Example Corporation
71	subnet to the group C<bin-prot>. Because of the IP address range of the
72	Example Corporation subnet, the system administrator was able to group the
73	machines into three machine entries (using the wildcard notation discussed
74	on the B<pts createuser> reference page).
75
76	% pts adduser -user 138.255.0.0 192.12.105.0 192.12.106.0 -group bin-prot
77
78	=head1 PRIVILEGE REQUIRED
79
80	The required privilege depends on the setting of the fourth privacy flag
81	in the Protection Database entry for each group named by the B<-group>
82	argument (use the B<pts examine> command to display the flags):
83
84	=over 4
85
86	=item *
87
88	If it is the hyphen, only the group's owner and members of the
89	system:administrators group can add members.
90
91	=item *
92
93	If it is lowercase C<a>, current members of the group can add new members.
94
95	=item *
96
97	If it is uppercase C<A>, anyone who can access the cell's database server
98	machines can add new members.
99
100	=back
101
102	=head1 SEE ALSO
103
104	L<pts(1)>,
105	L<pts_createuser(1)>,
106	L<pts_examine(1)>,
107	L<pts_membership(1)>,
108	L<pts_removeuser(1)>,
109	L<pts_setfields(1)>
110
111	=head1 COPYRIGHT
112
113	IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.
114
115	This documentation is covered by the IBM Public License Version 1.0. It was
116	converted from HTML to POD by software written by Chas Williams and Russ
117	Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.