[wplug] finding all users & groups

[Poyner, Brandon]

> 	Other than just going to the /home directory and seeing all the
user directories in there, is > there another way to determine what user
accounts exist on the machine? 
>	
>	Also, I need to determine which security groups each user
belongs to.  I checked out the 
> /etc/group file but that doesn't seem to jive with what is produced
when I type 'groups' at the 
> command line.  ex. I can see that My user id is part of the 'ldap'
group in the group file but 
> when I run groups there is an additional group that I am a part of
that is not reflected in the 
> group file.  Here is the output from my queries: 
>	
>	> grep -i 'pp43157' /etc/group 
>	> ldap:x:600:pp24438,pp25730,pp25902,pp43157,pp43231,pp19617 
>	
>	> grep -i 'ldap' /etc/group 
>	> ldap:x:600:pp24438,pp25730,pp25902,pp43157,pp43231,pp19617 
>	
>	> groups 
>	> mantas ldap 
>	
>	> grep -i 'mantas' /etc/group 
>	> informat:x:700:mantas,pp18623,stx0001 
>	> mantas:x:800: 
>	
>	I'm using Red Hat Linux Advanced Server release 2.1AS/i686
(Pensacola) 
>	
>	Thanks in advance, 
>	
>	~Jh 

You won't necessarily be able to determine all user accounts by looking
at /home and the /etc/password files.  The system could be using NIS,
LDAP, or other directories.  The file /etc/nsswitch.conf can tell you
how the system references user accounts, groups, hostname lookups, and
more.

For instance if you see a line in nsswitch.conf like 'group: files ldap'
it means that groups are both in /etc/group and in LDAP.  You would then
need to examine the LDAP configuration (/etc/ldap.conf) to determine
things such as which LDAP server(s) and which OU it is using to begin to
understand where it is pulling the groups listed in LDAP.
 
Brandon Poyner
Network Engineer III
CCAC - College Office
412-237-3086