Day 2 of DevOps 100 Days

Welcome to Day 2 of the DevOps 100 Days.

Today Let’s cover another concept through a Question and break down the solution for it for better understanding.

Q : As part of the temporary assignment to the Nautilus project, a developer named kirsty requires access for a limited duration. To ensure smooth access management, a temporary user account with an expiry date is needed. Here's what you need to do:

Create a user named kirsty on App Server 3 in Stratos Datacenter. Set the expiry date to 2024-04-15, ensuring the user is created in lowercase as per standard protocol.

Discussion :

We are going to create a user named 'kirsty' on App Server 3 with an expiry date of 2024-04-15.

Steps:

1. Connect to App Server 3 (which is in the Stratos Datacenter). We assume we have SSH access.

2. Create the user with the specified name in lowercase (which is already given as 'kirsty').

3. Set the account expiry to 2024-04-15.

Note: We can use the useradd command with the -e option to set the expiry date.

However, note that the date format for the -e option is YYYY-MM-DD, which matches the given date.

Since we are creating a temporary account, we might also want to set a password.

But the requirement doesn't specify.

But to make the account usable, we should set a password.

However, the problem does not specify a password, so we can either:

a) Create without a password and lock it until a password is set (but then the user cannot log in). b) Set a temporary password and force change on first login? But again, the requirement doesn't specify.

Let's stick to the requirement: create the user and set the expiry.

We'll set a password as well to make the account usable, but the problem doesn't specify a password.

However, in many environments, the user is created and then the password is set separately by the user or by an admin.

Since we are not given a password, we can create the account and then set an expired password so that the user must set it on first login?

But the requirement is only: - Create user kirsty (lowercase) - Set expiry date to 2024-04-15

So we'll do: sudo useradd -m -e 2024-04-15 kirsty

Explanation: -

-m creates the home directory (if it doesn't exist, but typically we want it for a real user) -

-e sets the expiry date After creating, we should set a password?

The problem doesn't say, but without a password the account is locked.

However, the requirement says "ensure smooth access management".

So we might need to set a temporary password and force the user to change it on first login.

To create the temporary user account for Kirsty on App Server 3 with the specified expiry date, follow these steps:

1. Connect to App Server 3 using SSH:

ssh tony@stapp03

2. Create the user with the expiry date and home directory:

sudo useradd -m -e 2024-04-15 kirsty

• -m : Creates the user's home directory at /home/kristy

• -e 2024-04-15: Sets the account expiry date to April 15, 2024

• kristy : Username in lowercase as required

• Set a temporary password for the account:

3. Set a temporary password for the account:

    sudo passwd kirsty
   

   When prompted, enter and confirm a temporary password (e.g., Temp@1234). This will be changed by Kirsty upon first login.

4. Verification:

   1. Check user details:

       sudo chage -l kirsty
      

      Verify the output shows:

   2.  Account expires                        : Apr 15, 2024
      

      This creates a temporary account that will automatically expire on 2024-04-15, following standard naming conventions and access management protocols.

Thank You——Happy Learning