Create New User Account From Command Line?

inkhead · September 20, 2003 4:41PM

How can I create a new user account from the command line? I'd like it to be in the admin wheel group, but below ID 500 so it doesn't show up in the users login prefs.

How can I do this ? AddUser doesn't work in mac os x bash (panther) or in jaguar either.

I need to be able to do this to setup machines I remotely admin for clients. I have them run a realbasic program that issues commands in the command line. It creates my default "remote maintenance" package so I can help them when they need it.

jellytussle · September 20, 2003 5:26PM

man niutil.

inkhead · September 20, 2003 5:55PM

Jelly Thanks!

Can you give me an example based on what I want? Lol, I'm lost with this tool.

For example, I want to create a "God" user named "bob" with password "bob" that doesn't show up in the user login window.

Thanks again!

Based on niutil I found this at macosxhints, but it doesn't quite answer everything. Also how would I remove the user?

http://www.macosxhints.com/article.p...0&query=niutil

Quote:

Originally posted by Jellytussle

man niutil.

inkhead · September 20, 2003 6:20PM

This creates the user bob with a low uid 006. It assumes that no other program on my clients computers will have 006 as there user ID. This prevents the user from showing up in the Mac OS X login window.

Code:

sudo niutil -create / /users/bob

sudo niutil -createprop / /users/bob uid 006

sudo niutil -createprop / /users/bob realname "FTP User"

sudo niutil -createprop / /users/bob home "/Users/ftpuser"

sudo niutil -createprop / /users/bob shell "/bin/tcsh"

I'm not clear on these two commands however. Is this the user ID group? How could I add the person to the administrator group? It appears the test I created can only read files.

Code:

sudo niutil -createprop / /users/bob gid 20

What does this do with the password? Is it setting it?

Code:

sudo niutil -createprop / /users/bob passwd "*"

If the command above sets the password do I really need to do this?

Code:

sudo passwd test

inkhead · September 20, 2003 6:28PM

I realize I keep posting, mostly because I'm self learning. I figure somebody else might want this information too.

Here's how to remove the account later on. It removes all the properties you created for that user when you delete his account. So you only need one command

Code:

sudo niutil -destroy / /users/bob

thuh freak · September 21, 2003 12:21AM

Quote:

Originally posted by inkhead

I'm not clear on these two commands however. Is this the user ID group? How could I add the person to the administrator group? It appears the test I created can only read files.

Code:

sudo niutil -createprop / /users/bob gid 20

that sets the group. you should look inside /groups (i think its /groups, if not then something similar) to match the groups' names with gids. i'm pretty sure there is a way to add multiple groups too.

Quote:

What does this do with the password? Is it setting it?

Code:

sudo niutil -createprop / /users/bob passwd "*"

If the command above sets the password do I really need to do this?

Code:

sudo passwd test

the '...niutil...passwd "*"' command inserts a dummy password. basically, it just makes sure that the passwd field is there under the user. passwords inside NetInfo are actually stored encrypted, so you'd have a hard time using niutil to add in a real one. using 'sudo passwd <userName>' is the best way to change the password. so, you should first use niutil to add in the dummy one, then passwd to set it. if you don't set the password, then its not possible to login as the user (which isn't necessarily a bad thing).

Also, if you are averse to the CLI, you can use the NetInfo.app program to do most of this stuff, including viewing other NI values (like checking group names->numbers). You may want to open it up, and look at the other users, to see if you want to add anything else to your new user(s).

jellytussle · September 21, 2003 6:30AM

to add yourself to a group, just add your user's name to the 'users' property of that group, eg

Code:

sudo niutil -mergeprop / /groups/mygroup users name

You can generate a crypt password with openssl - run it and then type passwd. The resulting hash can be dropped straight into the NI db.

Oh, and all this changes with Panter

edit: fixed command so it actually works: helps maintain my aura of omniscience

inkhead · September 21, 2003 3:06PM

Yeah I figured out the group thing. As far as GID and UID in all other accounts including system one both are the same number. Adding my user to the admin group let it have full permissions through SSH.

Jelly,

Can you please give me an example of how to create the password and drop it right in the netinfo database? This seems like the ideal solution so I don't have to do the sudo passwd username and fill in the two prompts to create the users password.

Thanks again!

Quote:

Originally posted by Jellytussle

to add yourself to a group, just add your user's name to the 'users' property of that group, eg

Code:

sudo niutil -mergeprop / /groups/mygroup users name

You can generate a crypt password with openssl - run it and then type passwd. The resulting hash can be dropped straight into the NI db.

Oh, and all this changes with Panter

edit: fixed command so it actually works: helps maintain my aura of omniscience

inkhead · September 21, 2003 3:12PM

I'd like everything through the command line. I'm building a little application with RealBasic which has full access to the shell. This makes it easier to have my client authenticate then run the shell commands as sudo user

jellytussle · September 25, 2003 2:30AM

easy,

Code:

openssl passwd cheese

returns a hash for 'cheese'.

hth

Create New User Account From Command Line?

Comments