im still learning confd, and i wonder is it possible to add user without using cli?
the first thought that come to my mind is to edit : /etc/confd/cdb/config_init.xml

<aaa xmlns="http://tail-f.com/ns/aaa/1.1">
    <authentication>
      <users>
        <user>
          <name>test</name>
          <uid>1000</uid>
          <gid>1000</gid>
          <password>$1$5Q5b/7cc$xyslIcrVzIq0Jc75RfDRt0</password>
          <ssh_keydir>/dev/null</ssh_keydir>
          <homedir>/dev/null</homedir>
        </user>
      </users>
    </authentication>
    <ios>

so if i add in the /config_init.xml same info as above but with diffrent login, will it work? or can it be done?

<aaa xmlns="http://tail-f.com/ns/aaa/1.1">
    <authentication>
      <users>
 <user>
          <name>test</name>
          <uid>1000</uid>
          <gid>1000</gid>
          <password>$1$5Q5b/7cc$xyslIcrVzIq0Jc75RfDRt0</password>
          <ssh_keydir>/dev/null</ssh_keydir>
          <homedir>/dev/null</homedir>
        </user>
        <user>
          <name>test2</name>
          <uid>1000</uid>
          <gid>1000</gid>
          <password>$1$5Q5b/7cc$xyslIcrVzIq0Jc75RfDRt0</password>
          <ssh_keydir>/dev/null</ssh_keydir>
          <homedir>/dev/null</homedir>
        </user>
      </users>
    </authentication>
    <ios>

Hello,

You can of course modify your _init.xml file(s) and set users as you need, but it will work only if you then start ConfD “for the first time” / with empty CDB. The _init.xml files are loaded by ConfD only if the database is empty/non-existent - on initial population…

If you want to load new users later when CDB configuration already exists/runs, you may need to use either northbound APIs like CLI/NETCONF/other, or e.g. tools like confd_cli (that basically uses ConfD C library to invoke its job (or you could program own tool/code with libconfd to do the same).

thanks for reply josephm,can i have some examples of commands that i need to use fo confd_cli or netconf to add the user?

You should start with the ConfD user guide and with examples, both the NETCONF protocol as well as the confd_cmd tool is used there. More specificaly, confd_cmd (this is probably what josephm meant, confd_cli is a CLI client even though it can be used in a batch mode) is shown in several use cases in the misc/shell_tools example, netconf-console, a NETCONF client tool, is shown both in the user guide as well as in several examples including the introductory one.

I suspect that none of those exactly show how to add a user, but once you understand the concept it should be fairly simple. For netconf-console, the principle usually is that you prepare the configuration in the XML form and use --edit-config to apply it - see the mentioned examples.

For confd_cmd, you need to specify what instances to create and what values should be set, e.g. like this:

$ userpath='/aaa/authentication/users/user{newuser}'
$ confd_cmd << EOF
mcreate $userpath
mset $userpath/uid 12345
mset $userpath/gid 100
mset $userpath/password secret
mset $userpath/ssh_keydir /tmp
mset $userpath/homedir /tmp
EOF

thanks fro the naswer mvf, but i cant use any api. I want to know is it some option to modify confd or netconf file where the system will load it and the new user will be added. Actually im not truly understand from where the system load confd file, if joseph said that

so from were it takes the data to laod if it reads xml files only if db is empty

What i meant by loading _init.xml files, is described in ConfD user guide - chapter “Loading initial data into CDB”.