本文目录导读:
- Linux系统批量创建用户
- Windows AD批量创建用户 (PowerShell)
- 数据库批量创建用户 (MySQL/MariaDB)
- Web应用批量注册 (Python脚本)
- 使用Ansible批量创建Linux用户
- 使用建议
Linux系统批量创建用户
基础脚本
#!/bin/bash
# 用户列表文件格式:username:password:group
USER_FILE="users.txt"
# 检查文件是否存在
if [ ! -f "$USER_FILE" ]; then
echo "用户列表文件 $USER_FILE 不存在"
exit 1
fi
# 逐行处理用户
while IFS=':' read -r username password group; do
# 跳过空行和注释行
[[ -z "$username" || "$username" =~ ^# ]] && continue
# 检查用户是否已存在
if id "$username" &>/dev/null; then
echo "用户 $username 已存在,跳过"
continue
fi
# 创建用户组(如果指定)
if [ -n "$group" ]; then
if ! getent group "$group" &>/dev/null; then
groupadd "$group"
fi
useradd -m -g "$group" "$username"
else
useradd -m "$username"
fi
# 设置密码
echo "$username:$password" | chpasswd
# 强制首次登录修改密码
chage -d 0 "$username"
echo "用户 $username 创建成功"
done < "$USER_FILE"
用户列表文件格式 (users.txt)
# 格式: username:password:group
user1:Pass123!:developers
user2:Pass456!:testers
user3:Pass789!:Windows AD批量创建用户 (PowerShell)
# 批量创建AD用户
$users = Import-Csv "C:\users.csv"
foreach ($user in $users) {
$username = $user.Username
$password = $user.Password
$name = $user.Name
$ou = $user.OU
# 安全密码转换
$securePassword = ConvertTo-SecureString -String $password -AsPlainText -Force
# AD用户属性
$params = @{
Name = $name
SamAccountName = $username
UserPrincipalName = "$username@domain.com"
GivenName = $user.FirstName
Surname = $user.LastName
Department = $user.Department
Title = $user.Title
AccountPassword = $securePassword
Enabled = $true
ChangePasswordAtLogon = $true
Path = "OU=$ou,DC=domain,DC=com"
}
try {
New-ADUser @params
Write-Host "用户 $username 创建成功" -ForegroundColor Green
}
catch {
Write-Host "创建用户 $username 失败: $_" -ForegroundColor Red
}
}
数据库批量创建用户 (MySQL/MariaDB)
-- 创建存储过程批量创建用户
DELIMITER $$
CREATE PROCEDURE batch_create_users()
BEGIN
DECLARE done INT DEFAULT FALSE;
DECLARE v_username VARCHAR(50);
DECLARE v_password VARCHAR(100);
DECLARE v_host VARCHAR(50);
-- 临时表存储用户信息
DECLARE user_cursor CURSOR FOR
SELECT username, password, host FROM temp_users;
DECLARE CONTINUE HANDLER FOR NOT FOUND SET done = TRUE;
OPEN user_cursor;
read_loop: LOOP
FETCH user_cursor INTO v_username, v_password, v_host;
IF done THEN
LEAVE read_loop;
END IF;
-- 检查用户是否已存在
SET @user_exists = (SELECT COUNT(*) FROM mysql.user
WHERE User = v_username AND Host = v_host);
IF @user_exists = 0 THEN
-- 创建用户
SET @sql = CONCAT('CREATE USER ''', v_username, '''@''',
v_host, ''' IDENTIFIED BY ''', v_password, '''');
PREPARE stmt FROM @sql;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
-- 授予基本权限
SET @sql = CONCAT('GRANT SELECT ON mydb.* TO ''',
v_username, '''@''', v_host, '''');
PREPARE stmt FROM @sql;
EXECUTE stmt;
DEALLOCATE PREPARE stmt;
END IF;
END LOOP;
CLOSE user_cursor;
FLUSH PRIVILEGES;
END$$
DELIMITER ;
Web应用批量注册 (Python脚本)
#!/usr/bin/env python3
import pandas as pd
import requests
import json
import time
from concurrent.futures import ThreadPoolExecutor
class BulkUserCreator:
def __init__(self, api_url, admin_token):
self.api_url = api_url
self.headers = {
'Authorization': f'Bearer {admin_token}',
'Content-Type': 'application/json'
}
def create_user(self, user_data):
"""创建单个用户"""
try:
response = requests.post(
f"{self.api_url}/users",
headers=self.headers,
json=user_data
)
if response.status_code == 201:
return {"success": True, "username": user_data['username']}
else:
return {"success": False, "username": user_data['username'],
"error": response.text}
except Exception as e:
return {"success": False, "username": user_data['username'],
"error": str(e)}
def batch_create(self, csv_file, batch_size=10, max_workers=5):
"""批量创建用户"""
# 读取CSV文件
df = pd.read_csv(csv_file)
results = []
# 使用线程池并行处理
with ThreadPoolExecutor(max_workers=max_workers) as executor:
# 分批处理
for i in range(0, len(df), batch_size):
batch = df.iloc[i:i+batch_size]
# 提交批量任务
futures = []
for _, row in batch.iterrows():
user_data = {
'username': row['username'],
'email': row['email'],
'password': row['password'],
'full_name': row['full_name'],
'role': row.get('role', 'user')
}
futures.append(executor.submit(self.create_user, user_data))
# 收集结果
for future in futures:
results.append(future.result())
# 速率限制
time.sleep(1)
return results
# 使用示例
if __name__ == "__main__":
creator = BulkUserCreator(
api_url="https://your-api.com/api",
admin_token="your-admin-token"
)
results = creator.batch_create("users.csv")
# 输出结果统计
successful = [r for r in results if r['success']]
failed = [r for r in results if not r['success']]
print(f"成功创建: {len(successful)}")
print(f"失败: {len(failed)}")
for fail in failed:
print(f" - {fail['username']}: {fail['error']}")
使用Ansible批量创建Linux用户
---
- name: 批量创建Linux用户
hosts: all
become: yes
vars:
users:
- name: user1
uid: 1001
group: developers
shell: /bin/bash
ssh_key: "ssh-rsa AAAAB3NzaC1yc2E..."
- name: user2
uid: 1002
group: testers
shell: /bin/bash
tasks:
- name: 创建用户组
group:
name: "{{ item }}"
state: present
loop:
- developers
- testers
when: item is defined
- name: 创建用户
user:
name: "{{ item.name }}"
uid: "{{ item.uid | default(omit) }}"
group: "{{ item.group | default(omit) }}"
shell: "{{ item.shell | default('/bin/bash') }}"
create_home: yes
state: present
loop: "{{ users }}"
- name: 设置SSH密钥
authorized_key:
user: "{{ item.name }}"
key: "{{ item.ssh_key }}"
loop: "{{ users }}"
when: item.ssh_key is defined
- name: 设置密码(需要加密)
user:
name: "{{ item.name }}"
password: "{{ 'password123' | password_hash('sha512') }}"
loop: "{{ users }}"
使用建议
-
安全性:
- 不要在脚本中硬编码密码
- 使用环境变量或密码管理工具
- 实施最小权限原则
-
可靠性:
- 添加错误处理
- 记录日志
- 支持回滚操作
-
性能优化:
- 批量处理时使用限制
- 实施速率控制
- 考虑使用异步处理
-
验证机制:
- 预检查用户是否存在
- 验证输入数据
- 提供结果报告
选择哪种脚本取决于您的具体场景和需求,是否需要针对特定场景的定制?
