This article shows how to add users and set account privileges in Ubuntu without using the command line.
The “System Settings” screen will load. In the bottom right hand corner there is an icon for user accounts.
To be able to do anything on this screen you need to click the unlock icon in the right corner of the screen.
Clicking the unlock icon will make the plus and minus symbols active. If you only have one user then only the plus symbol is active because you cannot remove the only user.
Clicking on the plus symbol brings up the “Add account” dialog window.
The “Add Account” screen has three fields:
- Account Type – Can be set to Standard or Administrator
- Full name – The full name of the user
- Username – Name used to log in to the system
When you click the “Add” button the user is created but it is created in the disabled state meaning that at first it cannot be used.
To change the status click on the words “Account disabled” next to the password of the user that is disabled.
The action dropdown gives you three choices:
- Set a password now (recommended)
- Login without a password
- Enable the account
The obvious choice is to set the password. Enter the password and confirm it in the boxes provided. The quality of your password is shown as you type.
When a valid password has been entered the “Change” button becomes active and you can set the password.
You can change any user’s password by clicking the password next to their account on the main “User Accounts” screen. If the account is already active then you can choose to disable the account.
One of the items skipped over during that short tutorial was the account types options. As mentioned there are two account types:
Basically in Ubuntu (and derivatives thereof) there is a function called sudo which enables users to run commands as an administrator. Most of the time there is no difference between a standard account and an administrator.
A standard user does not have permission to run sudo and therefore cannot run any commands as the root user which keeps the system nice and safe.
The administrator does everything as a standard user but when something that requires administrator access occurs the user is asked for the root password to complete the task.
To put this theory into action I have created a user called “Harrison” and set it as a standard user. I logged in as Harrison, opened a terminal window and typed ”sudo nano” which opens the nano editor as an administrator.
As you can see I get an error stating that the user Harrison is not in the sudoers file and therefore cannot run the command.
Any person that is to use your computer should be set up as a standard user or should use a guest session (more on this later).
Incidentally if the user Harrison tries to add a user to the system he can do so but whilst clicking the unlock button on the “User Accounts” screen a request will be made for the administrator’s password.
If the administrator’s password is provided that user now has permission to add, amend and delete users in the system as if he or she is an administrator.
You should be very careful about entering the administrator’s password.
By default Ubuntu comes with the guest account turned on. This is useful if you have visitors staying as they can surf the internet on your computer and not cause any damage whatsoever.
If your computer is set to automatically login then you will need to click the icon in the top right corner and click “Guest session”. A new session will open and the user will have essentially the same permissions as a standard user.
If the user tries to add user accounts then they will be asked for the administrator’s password so your system cannot be changed in any way by the guest without your permission and this includes installing software of any kind.
The user does have permission to setup online accounts so that they can use the GWibber lens and so they could set up Thunderbird for their email, add GMail, Twitter and other accounts.
When the user logs out of the guest session all the things they set up will be removed so that when the next person logs in to the guest session there is no trace of the previous user.
You can disable the guest account. To disable the guest account follow the tutorial at this link.
For more information about the security in Ubuntu visit https://help.ubuntu.com/13.04/serverguide/user-management.html
Thankyou for reading