Administering user accounts

Setting and changing user and group IDs (UID/GID)

Each user and group is assigned an identification number (UID or GID). This ID number is stamped on all files, directories, and processes on local and NFS-mounted filesystems. When you create a new user or group, a new UID or GID number is automatically assigned, but you can specify another by entering it in the text field.

WARNING: Within a network environment, each user and group must have a unique identification number across the entire network, rather than just on the home machine. For more information, see ``Establishing user equivalence'' and ``Configuring the Network Information Service (NIS)''.

To change the ID number for an existing user or group, use the usermod(ADM) or groupmod(ADM) command. Changing an ID number of a user or group does not change the ID on files owned by the user or group; the system administrator must do this manually as described in ``Changing ownership of files with an obsolete UID/GID''.

To alter the range of UIDs from which you select for new users, select User Defaults from the Options menu. To alter the range of GIDs from which you select for new groups, Group Defaults from the Options menu.

NOTE: When operating under the High security profile, a UID cannot be changed. Under other profiles, UIDs can be changed without restriction.

See also:

Changing ownership of files with an obsolete UID/GID

If you have changed or removed a UID or GID, you must change the ownership of their files and check your filesystems for orphaned files. Files without a real owner have a number in the owner and/or group name fields:

   -rw-r--r--   1 obie     pub        68476 Nov 16 12:06 accts.s
   -rw-r--r--   1 15625    pub          508 Oct 31 11:15 balance
   -rw-r--r--   1 obie     pub        40596 Aug 31 13:19 report.2
In this example, the file balance is an orphaned file. The number appears because files are stamped with the ID number rather than the user or group name.

Use the find(C) utility to locate and change the ownership of files. This command line finds all files on the system owned by user UID and changes ownership to user newowner:

find / -user UID -print | xargs -t chown newowner

This variation changes the group ownership:

find / -user GID -print | xargs -t chgrp newgroup

NOTE: These examples assume a search of the entire system (including all mounted filesystems whether local or imported). To restrict the search to a single filesystem, use the pathname instead of /. In addition, you can skip mounted filesystems by including the -mount option, or restrict the search to local filesystems with the -local option.

Instead of changing the ownership, you can perform other actions, such as archiving the files; see ``Locating files''.

See also:

Next topic: Changing user login groups
Previous topic: Reactivating a retired user account

© 2007 The SCO Group, Inc. All rights reserved.
SCO OpenServer Release 6.0.0 -- 05 June 2007