Account audits get messy when service accounts, disabled logins, and real people all appear in the same database. To list users in Ubuntu Linux cleanly, start with getent passwd for the baseline account source, then filter by UID range, login shell, group membership, or active session depending on what you need to confirm.
These read-only checks work on Ubuntu 26.04 LTS, 24.04 LTS, and 22.04 LTS. Most commands do not need sudo; only password-status checks require elevated access because Ubuntu protects shadow password metadata.
Understand Ubuntu User Account Sources
Ubuntu stores local account records in /etc/passwd, but getent passwd is the safer first command because it asks the configured Name Service Switch for user records. On a simple laptop, that usually means local users only. On a domain-joined, LDAP, or SSSD-managed system, it can also include directory users when that service allows enumeration.
| Field | Example | What It Means |
|---|---|---|
| Username | joshua | The login name used by commands such as id, su, and passwd. |
| Password placeholder | x | Password hashes live in /etc/shadow, not in the readable account list. |
| UID | 1000 | The numeric user ID. Normal local users usually start at 1000 on Ubuntu. |
| Primary GID | 1000 | The numeric primary group ID for the account. |
| Comment or GECOS | joshua | Optional descriptive text. It can be blank or formatted differently across systems. |
| Home directory | /home/joshua | The account’s normal home path. |
| Login shell | /bin/bash | The shell or blocking program assigned to the account. |
Ubuntu User-Listing Command Quick Reference
| Task | Command Pattern | Best Use |
|---|---|---|
| Show account records | getent passwd | Best starting point because it follows Ubuntu’s configured account lookup. |
| Print only usernames | getent passwd | cut -d: -f1 | Fast account-name inventory for review or comparison. |
| List normal UID-range users | getent passwd | awk -F: '$3 >= 1000 && $3 < 65534 {print $1}' | Filters out most system accounts and the nobody account. |
| List login-capable normal users | getent passwd | awk -F: '$3 >= 1000 && $3 < 65534 && $7 !~ /(nologin|false)$/ {print $1}' | Shows normal accounts that are not blocked by nologin or false. |
| Check one account | getent passwd username | Confirms whether a specific username exists. |
| Show user IDs and groups | id username | Displays UID, primary group, and supplementary group membership. |
| List sudo group members | getent group sudo | Shows accounts with Ubuntu’s default group-based sudo access. |
| Show active login sessions | who or w | Lists users currently recorded as logged in. |
List All Ubuntu Users with getent
Use getent passwd when you want the account records Ubuntu can enumerate through its configured lookup. This includes normal users, system service accounts, and any external directory users exposed through the system’s account lookup configuration.
getent passwdThe first records are usually system accounts created by the base installation and packages:
root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin man:x:6:12:man:/var/cache/man:/usr/sbin/nologin lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
Those accounts are normal. Ubuntu uses them so services can run with narrow identities instead of sharing root.
Print Only Ubuntu Usernames
For a compact username list, extract the first colon-separated field. The -d: option tells cut to use a colon as the delimiter, and -f1 prints the first field.
getent passwd | cut -d: -f1The beginning of the list should look familiar because it comes from the same account records:
root daemon bin sys sync games man lp
Pipe this output into filters when you need a narrower answer. For example, grep command in Linux is useful when you need exact username or group-name matching in a longer account list.
List Normal Ubuntu Users by UID
Ubuntu normally assigns the first regular local account UID 1000. System accounts usually sit below that range, while nobody commonly uses UID 65534. That makes a UID filter a practical way to find normal user accounts without most service accounts.
getent passwd | awk -F: '$3 >= 1000 && $3 < 65534 {print $1}'On a single-user Ubuntu system, the result may contain only one account:
joshua
UID range is a useful filter, not proof that every matching account is a person. Locally created service accounts can use higher UIDs, and centrally managed users may follow a different numbering policy.
Show Login-Capable Ubuntu Users and Shells
Some accounts exist but cannot open an interactive shell because their login shell ends in nologin or false. Add a shell filter when you want normal accounts that can plausibly log in.
getent passwd | awk -F: '$3 >= 1000 && $3 < 65534 && $7 !~ /(nologin|false)$/ {printf "%-16s %s\n", $1, $7}'A typical local administrator account appears with its shell path:
joshua /bin/bash
This filter answers a different question from “all users.” It intentionally hides service accounts and normal accounts that have been blocked from interactive login.
Check One Ubuntu User Account
When you already know the username, query that account directly instead of scanning the entire database. Replace joshua with the account name you need to inspect.
getent passwd joshuajoshua:x:1000:1000:joshua:/home/joshua:/bin/bash
The fifth field can show a name, be blank, or include comma placeholders depending on how the account was created. If the command prints nothing, Ubuntu could not resolve that username through its configured account sources. Check the spelling first, then confirm whether the account is local, domain-managed, or supposed to exist on another machine.
Show Ubuntu User IDs and Groups
Use id when the account exists and you need its UID, primary group, and supplementary groups. Group membership controls access to features such as sudo, printers, serial devices, containers, and shared directories.
id joshuaExample output includes the UID, primary GID, and the account’s group list:
uid=1000(joshua) gid=1000(joshua) groups=1000(joshua),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),100(users),111(lpadmin),114(lxd)
The exact supplementary groups depend on the packages, devices, and services configured on the machine. Focus on the specific group you are checking rather than trying to make every group list match another system.
Check the Current Ubuntu User
For the account running the current terminal session, ask the shell for the username and pass it to getent.
getent passwd "$(id -un)"For script-friendly field output, let awk label the stable fields you usually need:
getent passwd "$(id -un)" | awk -F: '{print "username=" $1; print "uid=" $3; print "gid=" $4; print "home=" $6; print "shell=" $7}'username=joshua uid=1000 gid=1000 home=/home/joshua shell=/bin/bash
List Ubuntu sudo Users and Root Account State
On Ubuntu, the default administrator path is the sudo group, not a routinely enabled root login. List the group record when you need to see which users inherit the default sudo policy.
getent group sudosudo:x:27:joshua
The usernames after the final colon are members of the sudo group. If an account should have administrator rights but does not appear there, use the dedicated workflow to add a new user to sudoers on Ubuntu.
Check Whether the Current Ubuntu User Has sudo
For the current account, print group names one per line and match sudo exactly. The exact match avoids false positives from unrelated group names that merely contain the word.
id -nG "$(id -un)" | tr ' ' '\n' | grep -Fx sudosudo
No output means the current account is not a member of the sudo group in this session. If the group was just added, sign out and back in so Ubuntu starts a fresh login session with the updated group list.
Check Ubuntu Root Password Status
Ubuntu normally keeps the root account locked. Use passwd -S when you need to confirm the root account state without changing it.
sudo passwd -S root | awk '{print $1, $2}'root L
The L flag means the account is locked. A P flag means a usable password is set. If you need to recover or deliberately change that state, follow the separate guide to change or reset the root password on Ubuntu.
List Ubuntu Password Status Flags
For a status audit, list each account’s password status flag. This command needs sudo because it reads protected shadow metadata.
sudo passwd -S -a | awk '{print $1, $2}' | head -n 10root L daemon L bin L sys L sync L games L man L lp L mail L news L
Do not read this as a list of people. Most early records are locked system accounts, which is exactly what you want on a normal Ubuntu installation.
List Currently Logged-In Ubuntu Users
Account records tell you who exists. Session commands tell you who is logged in right now. Use them when you are checking an SSH server, shared workstation, or maintenance window before changing services.
Show Active Ubuntu Sessions with who
The who command reads the login database and prints active recorded sessions.
whoNo output is a valid result on a headless system, a non-interactive SSH command, or a machine with no recorded user sessions. When users are logged in through a terminal or desktop session, who prints one row per session.
Show Ubuntu Session Activity with w
Use w when you want session activity as well as usernames. The -h option removes the header so scripts and quick checks can focus on session rows.
w -hAs with who, no output simply means there were no matching active records in that environment. It does not mean the account database is empty.
Use Bash and /etc/passwd Alternatives on Ubuntu
getent should stay your default because it is explicit and works well in scripts. Two alternatives are still useful for quick shell checks or for understanding what Ubuntu stores locally.
List Ubuntu Users with Bash compgen
Bash includes compgen, and the -u option generates usernames. It is convenient in an interactive Bash shell, but it is less clear than getent in portable scripts.
compgen -uroot daemon bin sys sync games man lp
If the shell says compgen is missing, you are probably not running Bash. Switch to getent passwd | cut -d: -f1 for a shell-neutral username list.
Read /etc/passwd Directly on Ubuntu
Reading /etc/passwd directly is fine when you only care about local file-backed accounts. It does not show users supplied by LDAP, SSSD, or another account source unless those users are also written into the local file.
cut -d: -f1 /etc/passwdUse this direct file form for local-only checks. Use getent passwd when you want Ubuntu’s configured account lookup rather than one file.
Troubleshoot Ubuntu User Listing Commands
getent passwd Shows Too Many Ubuntu Users
A long list is normal because Ubuntu includes system accounts for packages and services. Filter by UID when you want normal user accounts:
getent passwd | awk -F: '$3 >= 1000 && $3 < 65534 {print $1}'If your environment uses LDAP, SSSD, or another directory service, ask the directory administrator which UID ranges represent real users before treating the local Ubuntu range as universal.
A Listed Ubuntu User Cannot Log In
An account can exist without being allowed to open a shell. Check the shell field for the account:
getent passwd username | awk -F: '{print $1, $7}'A shell ending in /usr/sbin/nologin, /bin/false, or another blocking program usually means the account is meant for a service, not interactive login. Do not “fix” service accounts by changing their shell unless you know which package or service owns that account.
who Prints No Logged-In Ubuntu Users
who reports active login records, not every account. A blank result is common when the command runs through automation, a non-interactive SSH command, a container, or a system with no active terminal sessions.
who
w -hUse getent passwd or the UID filters when you need users that exist, and use who or w only when you need current sessions.
passwd Status Checks Need sudo on Ubuntu
If you try to list every password status as a normal user, Ubuntu blocks access to protected shadow metadata.
passwd -S -apasswd: Permission denied.
Rerun the status audit with sudo when you have administrator rights:
sudo passwd -S -a | awk '{print $1, $2}' | head -n 10Ubuntu Cannot Find the Username
When getent passwd username prints nothing, the name is absent from the account sources Ubuntu can resolve. Confirm the exact spelling, then check whether the account exists only in an external directory or on another host.
getent passwd usernameFor password-status checks, a missing account produces a direct error that names the requested user:
passwd -S no-such-userpasswd: user 'no-such-user' does not exist
Create the account first if it should exist locally. If the next task is administrator access, add the account to Ubuntu’s sudo group after the user record exists.
Conclusion
Ubuntu user inventory is now split into the questions that matter: account records Ubuntu can enumerate, normal UID-range users, login-capable users, sudo members, root status, and active sessions. Keep getent passwd as the baseline, then use id, getent group sudo, and who when the audit needs permissions or current login state.
Formatting tips for your comment
You can use basic HTML to format your comment. Useful tags currently allowed in published comments:
<code>command</code>command<strong>bold</strong><em>italic</em><blockquote>quote</blockquote>