...
We will also create staff users associated with the built in staff group so we know who is working on the machine. As a policy, our team requires that unless absolutely necessary, staff log in as their own account and then su to serveradmin or use sudo for maintenance work. That way we can have a trail of who does what.
Code Block | ||
---|---|---|
| ||
sudo useradd -d /home/bhitch -m -g staff -u 2002 -c "Support Bryan Hitch" -s /bin/bash bhitch |
...
sudo useradd -d /home/jcassaday -m -g staff -u 2002 -c "Support John Cassaday" -s /bin/bash jcassaday |
...
sudo useradd -d /home/wellis -m -g staff -u 2001 -c "Support Warren Ellis" -s /bin/bash wellis |
Notice the -u which set's the user's GUIDs. We found it essential to standardize on the GUID of the accounts across all our systems consistently. Not doing so causes problems when it comes to cloning systems or moving programs across different environments. As a practice, we use the following GUID's ranges,
...