Commit | Line | Data |
---|---|---|
805e021f CE |
1 | =head1 NAME |
2 | ||
3 | uss - Introduction to the uss command suite (deprecated) | |
4 | ||
5 | =head1 CAUTIONS | |
6 | ||
7 | The B<uss> command suite is currently designed for cells using the | |
8 | obsolete Authentication Server, and therefore is primarily useful for | |
9 | sites that have not yet migrated to a Kerberos version 5 KDC. The | |
10 | Authentication Server and supporting commands will be removed in a future | |
11 | version of OpenAFS, which may include B<uss> unless someone who finds it | |
12 | useful converts it to work with a Kerberos version 5 KDC. | |
13 | ||
14 | =head1 DESCRIPTION | |
15 | ||
16 | The commands in the B<uss> command suite help administrators to create AFS | |
17 | user accounts more easily and efficiently for cells using the obsolete | |
18 | Authentication Server. If B<uss> commands are not used, creating an | |
19 | account requires issuing at least six separate commands to five different | |
20 | AFS servers. | |
21 | ||
22 | There are three main commands in the suite: | |
23 | ||
24 | =over 4 | |
25 | ||
26 | =item * | |
27 | ||
28 | The B<uss add> command creates a single complete user account, based on | |
29 | command line arguments and instructions in a template file. | |
30 | ||
31 | =item * | |
32 | ||
33 | The B<uss bulk> command creates multiple complete accounts at once, based | |
34 | on command line arguments, instructions in a template file and a bulk | |
35 | input file. | |
36 | ||
37 | =item * | |
38 | ||
39 | The B<uss delete> command removes most parts of a user account. | |
40 | ||
41 | =back | |
42 | ||
43 | To obtain help, issue the B<uss apropos> and B<uss help> commands. | |
44 | ||
45 | =head1 OPTIONS | |
46 | ||
47 | The following arguments and flags are available on many commands in the | |
48 | B<uss> suite. The reference page for each command also lists them, but | |
49 | they are described here in greater detail. | |
50 | ||
51 | =over 4 | |
52 | ||
53 | =item B<-admin> <I<administrator to authenticate>> | |
54 | ||
55 | Specifies the AFS user name under which to establish a connection to the | |
56 | AFS server processes that administer the various parts of a user | |
57 | account. If it is omitted, the connection is established under the | |
58 | issuer's effective user ID (his or her identity in the local file | |
59 | system). Even when this argument is included, UNIX commands that run | |
60 | during the B<uss> operation (for instance, the UNIX F</etc/chown> command) | |
61 | run under the effective user ID. | |
62 | ||
63 | =item B<-cell> <I<cell name>> | |
64 | ||
65 | Names the cell in which to run the command. It is acceptable to abbreviate | |
66 | the cell name to the shortest form that distinguishes it from the other | |
67 | entries in the F</usr/vice/etc/CellServDB> file on the local machine. If | |
68 | the B<-cell> argument is omitted, the command interpreter determines the | |
69 | name of the local cell by reading the following in order: | |
70 | ||
71 | =over 4 | |
72 | ||
73 | =item * | |
74 | ||
75 | The value of the AFSCELL environment variable. | |
76 | ||
77 | =item * | |
78 | ||
79 | The local F</usr/vice/etc/ThisCell> file. | |
80 | ||
81 | =back | |
82 | ||
83 | =item B<-dryrun> | |
84 | ||
85 | Reports actions that the command interpreter needs to perform when | |
86 | executing the B<uss> operation, without actually performing them. Include | |
87 | this flag to verify that the command produces the desired account | |
88 | configuration. Combine it with the B<-verbose> flag to yield even more | |
89 | detailed information. Note that the output does not necessarily reveal all | |
90 | possible problems that can prevent successful execution of the command, | |
91 | especially those that result from transient server or network outages. | |
92 | ||
93 | =item B<-help> | |
94 | ||
95 | Prints a command's online help message on the standard output stream. Do | |
96 | not combine this flag with any of the command's other options; when it is | |
97 | provided, the command interpreter ignores all other options, and only | |
98 | prints the help message. | |
99 | ||
100 | =item B<-skipauth> | |
101 | ||
102 | Bypasses mutual authentication with the AFS Authentication Server, allowing | |
103 | a site that uses Kerberos instead of the AFS Authentication Server to | |
104 | substitute that form of authentication. If this option is given, B<uss> does | |
105 | not create or manipulate Kerberos principals. A Kerberos principal must be | |
106 | created separately from the B<uss add> command. | |
107 | ||
108 | =back | |
109 | ||
110 | =head1 PRIVILEGE REQUIRED | |
111 | ||
112 | The issuer of a B<uss> command must have all the rights required for | |
113 | performing the equivalent actions individually. See each B<uss> command's | |
114 | reference page. | |
115 | ||
116 | =head1 SEE ALSO | |
117 | ||
118 | L<uss(5)>, | |
119 | L<uss_bulk(5)>, | |
120 | L<uss_add(8)>, | |
121 | L<uss_apropos(8)>, | |
122 | L<uss_bulk(8)>, | |
123 | L<uss_delete(8)>, | |
124 | L<uss_help(8)> | |
125 | ||
126 | =head1 COPYRIGHT | |
127 | ||
128 | IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved. | |
129 | ||
130 | This documentation is covered by the IBM Public License Version 1.0. It was | |
131 | converted from HTML to POD by software written by Chas Williams and Russ | |
132 | Allbery, based on work by Alf Wachsmann and Elizabeth Cassell. |