“User already exists” error when user doesn’t exist on the system

Read Time: 2 mins

Have you ever come across an error says  user already exists  when the user actually doesn’t exist on the system? I have !!! This article talks about what to do in this situation.

Assume you are trying add an user called ‘Mark’ and you get following error.

useradd: user 'vagrant' already exists

The error is very straightforward. It says the user already exists. Now we ‘system admins’ proudly look at the password file for the user.

[email protected]:/home/vagrant# cat /etc/passwd | grep mark
[email protected]:/home/vagrant#

Shit!, Its not in the password file, then why the hell Linux complained the user already exists?  Okay, now let’s run  getent  command which get entries from Name Service Switch libraries, to find our missing user ‘Mark’.

#getent passwd mark

Damn! So the user already exists somewhere that only Name Service Switch libraries knows. Before we go into that, Did you notice something unusual in the second column of the output? It is  *   in the place of  x  which clearly says the password of the user is not stored in the  /etc/shadow  file. Time to find where it is stored! Lets dig into Name Service Switch library config file.

#cat /etc/nsswitch.conf | grep passwd
passwd: files sss

There you go. By mentioning  sss   as above, NSS library is instructed to search a user in LDAP (sss is configured as LDAP client). Now it is perfectly clear that a user ‘Mark’ exist in the LDAP that is why you cannot create the same user in the system.


Now we have found the root cause of the problem. Now you can do one of the following action to fix the problem:

  1. Remove the user from ldap server.
  2. Remove the ldap reference from the /etc/nsswitch.conf file so that NSS library dont look for the user in ldap server.
  3. Keep the user in the ldap as it is, but create the same user in the system! Let me explain how we do it further.

There are situations like you still need a system user to be created even though the same username is present in ldap. Yeah, we can do it with  luseradd  command.

It is as simple as

luseradd mark

You can have the libraries of the command installed by running following command.

In Ubuntu/Debian:

apt-get install libuser

In CentOS/Redhat:

yum install libuser

Note: CentOS/Redhat has this command installed by default. If you don’t find it, try installing it with above command.

No more user already exists error 🙂

Thanks for the time taken to read my blog.Subscribe to this blog so that you don’t miss out anything useful   (Checkout Right Sidebar for Facebook follow button and mail subscription form )  . Please also comment your thoughts.

A Site Reliability Engineer and an automation enthusiast.
Posts created 38

Begin typing your search term above and press enter to search. Press ESC to cancel.

Back To Top