Create user account programmatically

Dear all,

I would like to use C language to write an application to create an user account.  Can any one tell me the procedure or the protocol?


Thanks!

Benson
benson031397Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

tel2Commented:
Benson,

I have no idea how to do this in C (I don't know C).  I would have expected that the easiest way to do this, if you must use C at all, is to have C pass the necessary parameters to a UNIX script or directly to the UNIX mkuser command (or whatever the UNIX command is in your flavour of UNIX).  To start with, do a "man mkuser" to find out if this command exists and what parameters it takes.

What flavour/version are you using?
0
benson031397Author Commented:
YUP!  I have implemented successully that pass the parameter ti adduser command.  However, how to set the user's password?


The version we are using is Solaris 2.6

Benson
0
tel2Commented:
Benson,

Assuming you are doing this as root (or have similar permissions), I only know 2 ways to do this:

1. Call the UNIX passwd command with the name of the user as a parameter, eg:
  passwd $USERID
where the USERID environment variable contains the name of the user.  You will then be prompted to manually enter the password twice.  If this is not acceptable, you could try...

2. Editting the /etc/security/passwd file.  Eg: with sed (or similar) you could replace the old passwd (not sure what this is, or if it even exists for a new user) with one you enter or generate, then pass it through an algorithmn which encrypts it into a format suitable for the passwd file.  I've done this myself - someone gave me the executable which does the encryption, but I used it for changing passwords for existing users.  The algorithmn is probably freeware on the Internet.

Let me know how you get on.
0
Cloud Class® Course: SQL Server Core 2016

This course will introduce you to SQL Server Core 2016, as well as teach you about SSMS, data tools, installation, server configuration, using Management Studio, and writing and executing queries.

tel2Commented:
PS: In option 1 of my previous answer, you may be able to automatically redirect input to passwd somehow, to save you manually entering a password twice - not sure how - maybe someone else can help if this is what you want to do.
0
benson031397Author Commented:
I am interested in the option 1, but I don't think it is feasible.

PS:  Could you tell me clearly how to do it?


Benson
0
tel2Commented:
Are you happy to manually enter the password twice?  I'll be back in a few days.
0
benson031397Author Commented:
No! I am not happy.

In fact, I am curious the operation of the freemail service, such as yahoo and hotmail.

How the user can create an account dynamically, set their password and change their profile?  All the action the user can do is through the CGI program.  Therefore, I think to do this action, understanding  how to create an account dynamically is the elementary concept.

right?

Can u give me more detail?

0
gindeCommented:
You can pass the passwd also as a parameter to passwd command. So from C you can execute a shell command
passwd username newpassword
after creating the user.

0
helverCommented:
There's also nothing stopping you from taking the passwd program and having it accept the new password on the command line.  If you're using linux, you have the source... so...

Additionally, I think it's highly unlikely that free email systems use the standard unix user account system for their users.  Much more likely is that the user names and passwords reside exclusively in a database.  For one thing, the unix password system doesn't scale very well.  Two, actually adding a new user to the system can lead to security issues if you're not careful.  And three - you only need user information when you're running a CGI script - and since you're taking a database hit no matter what, you may as well just store everything in the database...
0
maxkirCommented:
To change user password programmicaly, I have to know your operating system. Changing password mechanics depends on if we are in Solaris, Linux, or FreeBSD.
0
tel2Commented:
maxkir,

Benson said in his 2nd message, that he's using Solaris 2.6.
0
maxkirCommented:
Af far as I know, there is no way of setting password from command line for 'passwd' command. Passwd reads its input directly from terminal device (something like /dev/tty ) and doesn't support redirects like ><. To store passwords Solaris uses /etc/shadow file which is much like /etc/shadow in linux. And, Solaris uses DES crypt() function to crypt passwords.
To operate with login information (except passords)  in C language take a look at getpwent/setpwent functions (man). To setup password, i'm afraid, you'll have to parse /etc/shadow file in your program manually and set password. You'll have to use function

#include <crypt.h>
char* crypt(const char* password, const char* salt)
to encrypt passwords.
password - password
salt - two character array to select algorithm way.

Format of /etc/shadow in Solaris is documented, so no problem here,
Regards,
0
benson031397Author Commented:
maxkir,

Do you mean that I have to use function crypt() to crypt password and then store it to the shadow file?

right?

However, How do I know Solaris use which type of algorithm?  I mean pass what argument to the second argument, salt.

Benson
0
maxkirCommented:
Yes, that's what i mean.

  As far as I know, Solaris uses standard variant for salt, i.e.
  two bytes without _ at the beginning. Probably it supports also
  _ - variant, but definetely not MD5 (i used FreeBSD docs for
  crypt(), which supports all three).

  Any way, you can simply test it to be sure.
0
benson031397Author Commented:
More precise,

Sorry,  I am not familiar to use this function, crypt(), would you give me an example?

Thanks a lot!

Benson
0
maxkirCommented:
Here is fairly simple example:

#include <crypt.h>
#include <stdlib.h>

main()
{
    char passwd[14] = {0};
    char salt[3] = {0};

    srand(time(NULL));

    salt[0] = 'A' + (('Z' - 'A')*rand()) / RAND_MAX;
    salt[1] = 'A' + (('Z' - 'A')*rand()) / RAND_MAX;

    strcpy(passwd, crypt("my passwd", salt));
    printf("%s\n", passwd);

}
0
benson031397Author Commented:
maxkir,

Thanks for your example?

But how to derive the equation for salt[0] and salt[1]?  It is the main point.

Benson
0
maxkirCommented:

  It is random values to select one of the ways for DES algorithm. IMHO, the algorithm in the example is
sufficient for you, i.e. you don't need something more complicated.
Regards,
 KIR
0
bobellCommented:
Well. I've done this some years ago. and the trick is to interact with the passwd command. As stated in another comment, this command communicates directly with /dev/tty which certenly complicates things.

But, the "espect" program does the trick!
You can make a small expect script to set the user passwd. Currently , this is the only way to do it "correctly".
 
(There should be alot of dfferent expect versions out there, as far as i can remeber i used the TCL version, ie. you would have to write a small TCL/EXPECT script ( <10 lines ??  ) )

The other options of changing the passwd file yourself needs root privileges of some sort, either running as root or thru a SUID program/script. If your system uses NIS og some other netlogin, you would be in deep **** anyway.

/bo.
0
benson031397Author Commented:
bobell:

Would you tell me how to get the epect program?

And pls give me an example to me.


Thanks a lot!

Benson
0
bobellCommented:
I'm not sure which platform you are useing, but a "ready to install" vesrion for HPUC can be found at :

http://hpux.cs.utah.edu/hppd/hpux/Tcl/expect-5.30/

You would need TCL as well, found at the sime site. If you are using other plattforms , the source code is here as well. A search on internet should undoubtly give you some more references.



The script to do passwd change is :

#!/opt/expect-5.22/bin/expect -f
#
# newpw : Change passwd for user
#
# usage : newpw <old passwd> <new_passwd>
#
# ret : 0 - passwd changed
#       1 - Old password not correct
#       2 - New password not accepted
#
set oldpassword [lindex $argv 0]
set newpassword [lindex $argv 1]

set idstring [exec id]
set res [regexp {uid=([0-9]+)\(([^\)]+)\)} $idstring match uid user]

spawn passwd $user

set timeout 5

expect {
  eof        { exit 1; }
  timeout    { exit 1; }
  "Old password:"
}
send "$oldpassword\r"

expect {
  eof        { exit 2; }
  timeout    { exit 2; }
  "New password:"
}
send "$newpassword\r"

expect {
  eof        { exit 2; }
  timeout    { exit 2; }
  "Re-enter new password:"
}
send "$newpassword\r"
expect {
  eof        { exit 0; }
  timeout
}


/bo.

(As you may notice, my script is for an older version of expect, but i don't think this should matter)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
cadabraCommented:
Expect.pm - Expect for Perl
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
System Programming

From novice to tech pro — start learning today.