Using an efficient template for Just-In-Time (JIT) user creation on devices is crucial to ensuring that automation processes are safe and effective. The following example was done on a Ubuntu 23 device and demonstrates how an automation script can be structured to create a new user on the system, using Unix commands and the ‘expect’ tool to interact with the shell programmatically.
Example JIT User Creation Template:
set-connect-timeout 1
set-read-timeout 5
# Elevating privilege
expect "$"
exec "sudo -k"
# Elevating privilege
expect "$"
exec "sudo su"
# Elevating privilege
expect "*:"
exec "[#AUTH_PASSWORD#]"
# Define English as the default language
expect "#"
exec "export LC_ALL=C"
# Create user
expect "#"
exec "useradd -m [#USERNAME#]"
# Changin Password
expect "#"
exec "passwd [#USERNAME#]"
# Set password
expect "*password:"
exec "[#NEW_PASSWORD#]"
# Confirm password
expect "*password:"
exec "[#NEW_PASSWORD#]"
# Exit
expect "*successfully"
exec "exit"
end
If you want to validate how to delete a user, access: JIT User Removal Template for Ubuntu.