I'm not sure if Enterprise or Software is the best Forum for this one, but I'll ask in here and see where it gets me.

I 40 or more Red Hat servers that I am going to need to add several users to each server. Is anybody aware of a script maybe run over SSH that will run against a list of servers and provision a predefined group of users (no passwords). I've done some google'ing and haven't been able to find anything. I think RedHat has an Enterprise tool set available for purchase to do similar things but I'd rather avoid the cost if possible.

Thanks for any help!

Welcome to LQ.

I'm sure you could do this with ssh and remotely executing the adduser commands but you may wish to consider using a network based authentication system such as ldap.

If you decide to go down the ssh route then this may be helpful:
http://www.linuxquestions.org/questi...ticle&artid=79

Thank you for the response. I do agree that I should be able to do it via SSH. My question was if anybody knew of an existing script out there that may perform this instead of reinventing the wheel. Since the shop is mostly Windows focused, we want to leverege our existing user database within SAMS so we are going to roll out Samba authentication on the RedHat boxes. In order to use this, you create a user on the box with no password and set up the secondary authentication method as SMB. My issues is trying to streamline setting up the users on the boxes. So....I'd love to hear if anybody has already written a script to mass add users via ssh.

Would a quickish perl script do it for you?

Have a machine list with things like:

IP:user:password
IP:user:password

and it connects to the (unsecured?) ip address as root, and useradd's a user/password

Nothing fancy, check out Net::SSH::Perl and that'll do it.

If you need root passwords for the various machines, have another file that you read into a hash based on ip, and the password is the value, and just look it up as you do the ssh connection.

Should be a 20-30 line perl script, take 5 minutes to write, another 5 to run (not the most most efficient way of doing it...)

-Chris

That definitely sounds like something along the lines of what I was thinking. I know enough about scripting in general to know what types of things I can do, but not how to write it (frustrating since I don't have the time to learn it either). My idea was something like this:

The script would loop through a file that has a list of the IP addresses of the machines. For each machine it would SSH as a user, possibly expect to answer yes to allow the connection if the host key hasn't already been accepted, answer the login password prompt, "sudo su" and answer with the same password to allow adding users, then run through another file that has the users. Logging the responses to a file would be preferable so I could review the results in case one failed for whatever reason.

It would then be very easy to take the same script, change the user it uses to SSH if needed, and additionally change the useradd to userdel in case I wanted to remove a user for whatever reason.

So, I have an idea of what to do, but not how to do it. Any help is obviously greatly appreciated.

Just to throw in another option if you have a webserver you could write a script - ie:
Then have another script:
The above script reads a file called "hostlist" containing the remote hosts:
The first script is stored on your webserver, when you run the second script it connects in turn to each host defined in hostlist and downloads the script from your website then executes it.

Another reason I suggested this is that you could run a cron job on all your hosts that periodically check for scripts to download and execute. This way your systems update themselves. You may wish to make teh script on your site a bit more advanced and support versions so that commands are never run more than once.

Okay, I saw one of my friends doing this the other day but I didn't ask what they were using to do it. I'm think it might have been Cluster SSH. Give that a look and see if it's what you needs. I'll ask my friend when I see them next.