How to Add and Remove Users on Ubuntu 24.04? (Ubuntu Add User)

Managing user accounts is a fundamental responsibility in Linux system administration. Typically, when a new system is set up, access is provided through the root account by default. While the root user has unrestricted access and control over the entire system, using it for day-to-day administrative tasks can be risky and potentially harmful.

A safer and more organized approach is to follow the Ubuntu create new user process for setting up non-root accounts used in regular operations. These accounts help maintain security by restricting access to critical system functions. Each person using the system should have their unique user account to ensure accountability and data separation.

For operations that do require elevated privileges, Ubuntu systems include a utility called sudo. This tool allows permitted users to execute specific commands with administrative rights, without logging in as the root user.

In this article, we will demonstrate how to add new user accounts in Ubuntu, grant administrative access using sudo, and remove user accounts when they are no longer needed.

Prerequisites:

To add a new user account in Ubuntu, you should have the following prerequisites:

• You must have a server running Ubuntu 24.04.
• Ensure you have root access or a user account with sudo privileges.
• A firewall should be enabled and properly configured on the server.

Creating a New User on Ubuntu (Ubuntu Add New User)

To add a new user on an Ubuntu system, you can use the adduser command. The method varies slightly depending on whether you're logged in as the root user or as a user with sudo privileges:

If you are logged in as the root user, execute:
adduser newuser

As a non-root user with sudo access, run the following command:
$ sudo adduser newuser

Upon running the above command, you'll be prompted to:

• You need to set and confirm a password for the Ubuntu create user.
• Optionally provide additional user information such as name and contact details. You can skip these by pressing ENTER.
• Confirm the details to finalize the user creation.

Once completed, the user account is ready and can be accessed using the defined credentials.

Granting Sudo Privileges to a User

If the newly created user needs administrative rights, you can assign them sudo access. There are two standard methods for this:

Adding the User to the Sudo Group

Ubuntu systems are configured to grant full administrative rights to members of the sudo group.

To verify the current groups for a user:

# groups newuser

To assign the user to the sudo group:

$ sudo usermod -aG sudo newuser

The -aG option appends the user to the specified group(s) without affecting existing group memberships. Note that using usermod requires administrative privileges, so it must be executed with sudo unless you are the root user.

Manually Defining Privileges in /etc/sudoers

Alternatively, you can explicitly grant a user administrative permissions by editing the /etc/sudoers file using the visudo command. This utility ensures the file's syntax is validated before changes are saved, minimizing the risk of misconfiguration that could lock out sudo access.

If logged in as root, run the following command:

visudo

If using a sudo-enabled user account:

sudo visudo

By default, visudo opens the file in the nano editor on most Ubuntu systems. Locate the following line:

root ALL=(ALL:ALL) ALL

Directly below it, append a line for the new user:

newuser ALL=(ALL:ALL) ALL

This grants the user unrestricted sudo access. After editing, save the file using CTRL + X, then confirm with Y and press ENTER.

You can repeat this process to grant similar access to additional users as needed.

Verifying Sudo Access for the New User

Once the new user has been added to the sudo group or granted explicit sudo permissions, you can test their administrative access.

Run a regular command (without sudo):

# ls /home

Now, run the same command again with sudo privileges:

$ sudo ls /home

You will be prompted to enter the password for the current user. If the user has valid sudo privileges, the command will execute successfully with administrative rights.

Removing a User Account in Ubuntu

When a user account is no longer needed, it is advisable to remove it to maintain system hygiene. To delete a user without affecting their files, run the following command as the root user:

# deluser newuser

If you are logged in as a non-root user with sudo rights, prepend the command with sudo:

$ sudo deluser newuser

To delete the user along with their home directory and associated files, use the “--remove-home” option. As root user, run the below command:

# deluser --remove-home newuser

Or with sudo privileges:

$ sudo deluser --remove-home newuser

Remove Sudo Permissions

If the deleted user had sudo privileges explicitly assigned in the /etc/sudoers file, it is important to remove those entries to avoid unintentional privilege grants in the future.

Edit the sudoers file using the safe editor:

As root user, access the configuration file using this command:
# visudo

Or if you have a sudo user, run the above command with sudo:
$ sudo visudo

Locate and remove the line that grants sudo access to the deleted user, for example:

newuser ALL=(ALL:ALL) ALL

Saving this change ensures that if a new account with the same username is created later, it won't automatically receive sudo privileges.

Removing Unused Groups

If the user was the sole member of a group created specifically for them, and that group is no longer needed, you can delete it with:

sudo delgroup groupname

Temporarily Disabling a User Account

In some cases, you may prefer to disable a user account temporarily rather than delete it entirely. Locking a user account prevents login access without deleting the user’s files, home directory, or user ID.

Locking the User’s Password

One common way to disable an account is by locking its password, which stops the user from logging in with their password. As the root user, you can lock the password with this command:

# passwd -l username

If you are a non-root user with sudo rights, add sudo:

$ sudo passwd -l username

The -l option effectively disables the password by modifying the entry in /etc/shadow to prevent password-based authentication.

To restore access and unlock the password, allowing the user to log in again with their original password, use:

# passwd -u username

Or with sudo access, run the below command:

$ sudo passwd -u username

The -u option reverses the lock and re-enables the original password.

Disabling Login by Changing the User’s Shell

Another method to prevent user login is by setting the user’s login shell to a non-interactive shell, such as /usr/sbin/nologin or /bin/false. This blocks the user from opening a shell session while keeping the account and files intact.

To assign the no-login shell, run:

$ sudo usermod -s /usr/sbin/nologin username

If you want to restore the user’s original shell (commonly /bin/bash), execute:

$ sudo usermod -s /bin/bash username

Conclusion

You should now understand how to add and delete users on your Ubuntu 24.04 system, manage sudo permissions, remove user groups, and lock user accounts when necessary. 

Proper user management is essential for ensuring the security, organization, and overall stability of your Ubuntu environment. With these skills, you can effectively assign users the appropriate level of access needed to perform their tasks while maintaining system integrity.

Discover the unmatched potential of limitless hosting with 10GBVPS! Enjoy blazing-fast speeds that boost your website’s performance while eliminating concerns about bandwidth caps or unexpected overage charges. With a variety of global server locations to choose from, you can ensure maximum speed and reliability tailored to your needs. 

Experience true freedom and performance—switch to 10GBVPS today and take your online presence to the next level!