1 files changed, 29 insertions, 0 deletions

diff --git a/vimwiki/User Creation .md b/vimwiki/User Creation .md
new file mode 100644
index 0000000..9bc39ae
--- /dev/null
+++ b/vimwiki/User Creation .md
@@ -0,0 +1,29 @@
+To create a user on the cluster do  `sudo /root/ldifs/addldapuser.py`  
+This will end by prompting you for the LDAP password, which is the same as the normal root password. 
+
+__When creating a user:__ 
+
+    Make sure you have a record of the user’s having accepted the terms of use – this is a GDPR requirement 
+
+    Check that you know the username that the user wants. By default this should be the LCS username, 
+    but we allow others; obviously external users have to choose one. Please try to avoid mixed case, 
+    non-alphanumeric characters, or names longer than about 10 characters. 
+
+    Check that you know what group the user should be in. 
+    addldapuser.py gives a list of possible groups; we need to get this right to make sure people have 
+    access to restricted resources. Currently useful primary groups for Herts users are:
+    
+    `1003` (CAR), 
+    `1004` (CACP, formerly CAIR), 1005 (Computer Science), 
+    `1006` (old Health and Human area, covering Life Sciences), 
+    `1007` (PAM not otherwise covered), 
+    `1008` (Engineering). 
+    
+    Please never use the default group (`1000`).   
+
+    *EITHER* meet the user in person to set the password, 
+
+    *OR* set the initial user password to a random, secure string, not a word or the user’s name 
+    (I normally use `XX99xxXX` where `X`, `x` and `9` are different upper case, lower case and numeric characters) 
+    and send the password by a separate e-mail (we don’t want a record of It in the helpdesk system). 
+