1

I want to get list of users - both human and machine who have access to the unix server. OS is:

NAME="Red Hat Enterprise Linux Server"
VERSION="7.9 (Maipo)"

I tried cat /etc/passwd and getent passwd - but both these lists are incomplete. A number of users that have a folder in /home are not present in output of either of the above two commands.

I ran id <username> for a username that had a folder but not present in the output of these commands and I got a valid output, proving that that user exists.

So, how do I get a list of "all" users of the server.
PS: I do have sudo access.

Output of

~> grep passwd /etc/nsswitch.conf
passwd:     files sss

EDIT1: I did some digging and turns out this server uses IPA. I ran ipa user-find. It listed 2K users, which I believe is the exhaustive list of users that are created via IPA but not necessarily all of them have access to this particular server.

More Background:
Most human users login via either SSH or id + password.
This server is not maintined by any IT/Server team; the business users own the server. People without deep knowledge of servers and systems maintain create users on it. I recently got sudo access and need to 'clean up' the server a little bit - delete users who no longer should have access, identify data that can be archived etc., create proper unix groups to segregate access to data.

Abhishek Jain
  • 113
  • 6
  • 1
    What do you mean by "all users of the server". The users who have logged into it? The users who have access to log in? How are the users authenticating? Is it via LDAP? What do you mean by "both of these lists are incomplete"? I believe the fist command that you ran is actually `cat /etc/passwd`. – Nasir Riley Jun 03 '21 at 15:06
  • I need list of users who have access to login. Yes, it is cat /etc/passwd. By incomplete i mean that users listed in the output of these commands are not the only ones that have login access. I know for sure there are other users having access. – Abhishek Jain Jun 03 '21 at 15:07
  • How do they log in? SSH? FTP? SFTP? A 3rd-party application? – Jeff Schaller Jun 03 '21 at 15:58
  • 3
    `getent passwd` should list all valid users in a properly configured system, whether they come from /etc/passwd or some other authentication database (like ldap or nis or some other libnss-* module). please edit your question and add the output of `grep passwd /etc/nsswitch.conf` – cas Jun 03 '21 at 16:10
  • Does this host use FreeIPA or some other combination of LDAP/PAM/and SSSD? On my FreeIPA-bound systems, `getent passwd` does not include FreeIPA users. – cherdt Jun 03 '21 at 20:37
  • If you have `sss` as a source in NSS, check the sssd configuration (`/etc/sssd/sssd.conf` or thereabouts) – muru Jun 04 '21 at 03:04
  • 1
    @cas nit: it's possible to have enumeration disabled in sssd+LDAP, so `getent passwd ` will work but that user wouldn't show up in a bare `getent passwd`. – muru Jun 04 '21 at 06:21
  • @muru that seems kind of broken. I can see a maybe-valid argument for disabling listing all users for non-root users, but not for root. – cas Jun 04 '21 at 06:57

0 Answers0