[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Create user account programmatically

Posted on 1999-12-22
22
Medium Priority
?
449 Views
Last Modified: 2013-12-26
Dear all,

I would like to use C language to write an application to create an user account.  Can any one tell me the procedure or the protocol?


Thanks!

Benson
0
Comment
Question by:benson031397
  • 7
  • 5
  • 5
  • +4
22 Comments
 
LVL 12

Expert Comment

by:tel2
ID: 2304675
Benson,

I have no idea how to do this in C (I don't know C).  I would have expected that the easiest way to do this, if you must use C at all, is to have C pass the necessary parameters to a UNIX script or directly to the UNIX mkuser command (or whatever the UNIX command is in your flavour of UNIX).  To start with, do a "man mkuser" to find out if this command exists and what parameters it takes.

What flavour/version are you using?
0
 

Author Comment

by:benson031397
ID: 2304682
YUP!  I have implemented successully that pass the parameter ti adduser command.  However, how to set the user's password?


The version we are using is Solaris 2.6

Benson
0
 
LVL 12

Expert Comment

by:tel2
ID: 2305097
Benson,

Assuming you are doing this as root (or have similar permissions), I only know 2 ways to do this:

1. Call the UNIX passwd command with the name of the user as a parameter, eg:
  passwd $USERID
where the USERID environment variable contains the name of the user.  You will then be prompted to manually enter the password twice.  If this is not acceptable, you could try...

2. Editting the /etc/security/passwd file.  Eg: with sed (or similar) you could replace the old passwd (not sure what this is, or if it even exists for a new user) with one you enter or generate, then pass it through an algorithmn which encrypts it into a format suitable for the passwd file.  I've done this myself - someone gave me the executable which does the encryption, but I used it for changing passwords for existing users.  The algorithmn is probably freeware on the Internet.

Let me know how you get on.
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 12

Expert Comment

by:tel2
ID: 2305522
PS: In option 1 of my previous answer, you may be able to automatically redirect input to passwd somehow, to save you manually entering a password twice - not sure how - maybe someone else can help if this is what you want to do.
0
 

Author Comment

by:benson031397
ID: 2305950
I am interested in the option 1, but I don't think it is feasible.

PS:  Could you tell me clearly how to do it?


Benson
0
 
LVL 12

Expert Comment

by:tel2
ID: 2306145
Are you happy to manually enter the password twice?  I'll be back in a few days.
0
 

Author Comment

by:benson031397
ID: 2306475
No! I am not happy.

In fact, I am curious the operation of the freemail service, such as yahoo and hotmail.

How the user can create an account dynamically, set their password and change their profile?  All the action the user can do is through the CGI program.  Therefore, I think to do this action, understanding  how to create an account dynamically is the elementary concept.

right?

Can u give me more detail?

0
 
LVL 2

Expert Comment

by:ginde
ID: 2308538
You can pass the passwd also as a parameter to passwd command. So from C you can execute a shell command
passwd username newpassword
after creating the user.

0
 
LVL 2

Expert Comment

by:helver
ID: 2308719
There's also nothing stopping you from taking the passwd program and having it accept the new password on the command line.  If you're using linux, you have the source... so...

Additionally, I think it's highly unlikely that free email systems use the standard unix user account system for their users.  Much more likely is that the user names and passwords reside exclusively in a database.  For one thing, the unix password system doesn't scale very well.  Two, actually adding a new user to the system can lead to security issues if you're not careful.  And three - you only need user information when you're running a CGI script - and since you're taking a database hit no matter what, you may as well just store everything in the database...
0
 
LVL 2

Expert Comment

by:maxkir
ID: 2309969
To change user password programmicaly, I have to know your operating system. Changing password mechanics depends on if we are in Solaris, Linux, or FreeBSD.
0
 
LVL 12

Expert Comment

by:tel2
ID: 2310992
maxkir,

Benson said in his 2nd message, that he's using Solaris 2.6.
0
 
LVL 2

Expert Comment

by:maxkir
ID: 2311594
Af far as I know, there is no way of setting password from command line for 'passwd' command. Passwd reads its input directly from terminal device (something like /dev/tty ) and doesn't support redirects like ><. To store passwords Solaris uses /etc/shadow file which is much like /etc/shadow in linux. And, Solaris uses DES crypt() function to crypt passwords.
To operate with login information (except passords)  in C language take a look at getpwent/setpwent functions (man). To setup password, i'm afraid, you'll have to parse /etc/shadow file in your program manually and set password. You'll have to use function

#include <crypt.h>
char* crypt(const char* password, const char* salt)
to encrypt passwords.
password - password
salt - two character array to select algorithm way.

Format of /etc/shadow in Solaris is documented, so no problem here,
Regards,
0
 

Author Comment

by:benson031397
ID: 2312263
maxkir,

Do you mean that I have to use function crypt() to crypt password and then store it to the shadow file?

right?

However, How do I know Solaris use which type of algorithm?  I mean pass what argument to the second argument, salt.

Benson
0
 
LVL 2

Expert Comment

by:maxkir
ID: 2312447
Yes, that's what i mean.

  As far as I know, Solaris uses standard variant for salt, i.e.
  two bytes without _ at the beginning. Probably it supports also
  _ - variant, but definetely not MD5 (i used FreeBSD docs for
  crypt(), which supports all three).

  Any way, you can simply test it to be sure.
0
 

Author Comment

by:benson031397
ID: 2313819
More precise,

Sorry,  I am not familiar to use this function, crypt(), would you give me an example?

Thanks a lot!

Benson
0
 
LVL 2

Expert Comment

by:maxkir
ID: 2314438
Here is fairly simple example:

#include <crypt.h>
#include <stdlib.h>

main()
{
    char passwd[14] = {0};
    char salt[3] = {0};

    srand(time(NULL));

    salt[0] = 'A' + (('Z' - 'A')*rand()) / RAND_MAX;
    salt[1] = 'A' + (('Z' - 'A')*rand()) / RAND_MAX;

    strcpy(passwd, crypt("my passwd", salt));
    printf("%s\n", passwd);

}
0
 

Author Comment

by:benson031397
ID: 2316294
maxkir,

Thanks for your example?

But how to derive the equation for salt[0] and salt[1]?  It is the main point.

Benson
0
 
LVL 2

Expert Comment

by:maxkir
ID: 2325298

  It is random values to select one of the ways for DES algorithm. IMHO, the algorithm in the example is
sufficient for you, i.e. you don't need something more complicated.
Regards,
 KIR
0
 

Expert Comment

by:bobell
ID: 2334451
Well. I've done this some years ago. and the trick is to interact with the passwd command. As stated in another comment, this command communicates directly with /dev/tty which certenly complicates things.

But, the "espect" program does the trick!
You can make a small expect script to set the user passwd. Currently , this is the only way to do it "correctly".
 
(There should be alot of dfferent expect versions out there, as far as i can remeber i used the TCL version, ie. you would have to write a small TCL/EXPECT script ( <10 lines ??  ) )

The other options of changing the passwd file yourself needs root privileges of some sort, either running as root or thru a SUID program/script. If your system uses NIS og some other netlogin, you would be in deep **** anyway.

/bo.
0
 

Author Comment

by:benson031397
ID: 2334842
bobell:

Would you tell me how to get the epect program?

And pls give me an example to me.


Thanks a lot!

Benson
0
 

Accepted Solution

by:
bobell earned 100 total points
ID: 2338975
I'm not sure which platform you are useing, but a "ready to install" vesrion for HPUC can be found at :

http://hpux.cs.utah.edu/hppd/hpux/Tcl/expect-5.30/

You would need TCL as well, found at the sime site. If you are using other plattforms , the source code is here as well. A search on internet should undoubtly give you some more references.



The script to do passwd change is :

#!/opt/expect-5.22/bin/expect -f
#
# newpw : Change passwd for user
#
# usage : newpw <old passwd> <new_passwd>
#
# ret : 0 - passwd changed
#       1 - Old password not correct
#       2 - New password not accepted
#
set oldpassword [lindex $argv 0]
set newpassword [lindex $argv 1]

set idstring [exec id]
set res [regexp {uid=([0-9]+)\(([^\)]+)\)} $idstring match uid user]

spawn passwd $user

set timeout 5

expect {
  eof        { exit 1; }
  timeout    { exit 1; }
  "Old password:"
}
send "$oldpassword\r"

expect {
  eof        { exit 2; }
  timeout    { exit 2; }
  "New password:"
}
send "$newpassword\r"

expect {
  eof        { exit 2; }
  timeout    { exit 2; }
  "Re-enter new password:"
}
send "$newpassword\r"
expect {
  eof        { exit 0; }
  timeout
}


/bo.

(As you may notice, my script is for an older version of expect, but i don't think this should matter)
0
 
LVL 2

Expert Comment

by:cadabra
ID: 2356158
Expect.pm - Expect for Perl
0

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction: Ownerdraw of the grid button.  A singleton class implentation and usage. Continuing from the fifth article about sudoku.   Open the project in visual studio. Go to the class view – CGridButton should be visible as a class.  R…
Introduction: Dialogs (2) modeless dialog and a worker thread.  Handling data shared between threads.  Recursive functions. Continuing from the tenth article about sudoku.   Last article we worked with a modal dialog to help maintain informat…
This video will show you how to get GIT to work in Eclipse.   It will walk you through how to install the EGit plugin in eclipse and how to checkout an existing repository.
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses
Course of the Month8 days, 4 hours left to enroll

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question