+== Add a guest account to ud-ldap ==
+
+=== add to guest keyring ===
+
+at home:
+
+{{{
+cd projects/debian/d-a/guest-keyring
+}}}
+
+or whereever you keep the checkout. Then
+{{{
+git pull &&
+echo -n "New user's key fingerprint: " &&
+read fingerprint &&
+./add-key "`echo $fingerprint | tr -d ' '`" &&
+git add debian-guest/add-"`echo $fingerprint | tr -d ' ' | cut -b 25-`" &&
+git add debian-guest/index debian-guest/index.gpg &&
+git ci &&
+git push
+}}}
+
+=== add to ldap ===
+
+Once that is done, to to db-master (aka draghi) and add the account:
+
+{{{
+ud-useradd -n
+}}}
+
+* enter fingerprint, account name, [fml] name and forwarding address.
+* do _not_ subscribe to -private (enter a <space> character)
+* keep uid number
+* use 60000 as gid number
+
+Then set an expire date for the user:
+{{{
+echo -n "userid of new user: " &&
+read uid &&
+ldapvi --encoding=ASCII -ZZ --ldap-conf -h db.debian.org -D uid=$USER,ou=users,dc=debian,dc=org "uid=$uid"
+}}}
+
+and set {{{shadowExpire}}} to today + 60 days ( {{{echo $(( `date +%s` / 3600 / 24 + 60 ))}}} ).