Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Create new users from the Terminal in 10.3 UNIX
While the System Preferences, and the Accounts pane specifically, let you easily create user accounts in Mac OS X, you may need to do so, at times, from the command line. Doing so requires several steps, but in Panther, this is relatively easy to do.

Creating user accounts from the command line uses the niload (NetInfo load) command together with a few other commands to create the new user's account and all necessary settings. Here is how to do it, creating a new user named Henry James, with a short name of henry.

First, you need to run a command to populate the NetInfo database with the appropriate information for a user account. The following command uses the niload command to load information directly into NetInfo. It uses the format of a standard passwrd file, which is that of a series of fields separated by colons (the $ is just the command prompt; don't type it):
$ echo 'henry::512:512::0:0:Henry James:/Users/henry:/bin/bash'
  | sudo niload -v passwd /
The above is one long line with a space replacing the line break. It's been shown on two lines for a narrower page display.

The shell asks for your password, since the second part of the command contains the sudo command, then displays information regarding the additions it has made to the NetInfo database. After you've run the command to create the new user, you need to set the user's password. Run this command, then enter the password twice when prompted:
$ sudo passwd henry
Changing password for henry.
New password:
Retype new password:
Next, you need to create a group for the user; Panther uses individual groups for each user, which have the same GID as the user's UID:
$ echo 'henry:*:512:henry' | sudo niload -v group /
This command creates the group named henry, gives it the GID of 512, and adds the user henry to the group, all in one step. Finally, you may want to make the user a member of the admin group so they have administrative access. Run this command to add the user to the admin group:
$ sudo niutil -appendprop / /groups/admin users henry
If you do this, your new user is an administrator and has all administrative rights. You can always change this later in the Accounts preference pane. Note that after you have created the new account, the new user does not yet have a home directory. All you need to do is log in under the new user's account, and the system creates the actual home directory at first login. This directory is created from a directory template found in /System -> Library -> User Template.

You can find out a bit more about this command in this article on my site, including more information on the format of data used to create the user. You can then use this same procedure to create multiple users with similarly formatted data in a single text file.
    •    
  • Currently 1.43 / 5
  You rated: 1 / 5 (7 votes cast)
 
[33,250 views]  

Create new users from the Terminal in 10.3 | 6 comments | Create New Account
Click here to return to the 'Create new users from the Terminal in 10.3' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Create new users from the Terminal in 10.3
Authored by: ssevenup on Nov 03, '04 11:36:30AM

I have been doing adduser scripts since Jaguar days. I have a couple of observations about tthis hint.

1. There is no facility here to add the generated UID or GID fields in netinfo.
2. admin users are not added to the appserveradm and appserverusr groups.
3. Maybe the authentication_authority field is automatically set to ;ShadwHash; but I didn't see it here.
4. The picture field is not set.

---
Mark Moorcroft
ELORET Corp. - NASA/Ames RC
Sys. Admin.



[ Reply to This | # ]
Create new users from the Terminal in 10.3
Authored by: Cap'n Hector on Nov 03, '04 11:41:36AM
A second option is to use this shell script:

#!/bin/sh
echo "Enter username:"
read new_username
echo "Enter the full name for user $new_username's:"
read long_name
echo "Will $new_username an Admin user (y/N)?"
read godlike_powers
new_uid=`nidump passwd . | awk -F: '{print $3f}' | sort -n|tail -1`
new_uid=`expr $new_uid + 1`
nicl . -create /users/$new_username
nicl . -create /users/$new_username uid $new_uid
nicl . -create /users/$new_username realname "$long_name"
nicl . -create /users/$new_username passwd ""
nicl . -create /users/$new_username gid 20
nicl . -create /users/$new_username shell "/bin/tcsh"
nicl . -create /users/$new_username home "/Users/$new_username"
nicl . -create /users/$new_username _writers_passwd $new_username
passwd $new_username
ditto /System/Library/UserTemplate/English.lproj /Users/$new_username
chown -R $new_username:staff /Users/$new_username
nicl . -read /users/$new_username
if [ "$godlike_powers" = Y -o "$godlike_powers" = y ]
then
nicl . -append /groups/wheel users $new_username
nicl . -append /groups/admin users $new_username
nicl . -read /groups/wheel
nicl . -read /groups/admin
fi


[ Reply to This | # ]
Create new users from the Terminal in 10.3
Authored by: ClassicUser on Nov 03, '04 11:51:09PM

Not bad, but still quite a few problems - especially regarding Panther-style users (since this primary hint indicates it is for 10.3):

- While this copies from the English.lproj sub-folder of the User Template area, it should also merge the contents from Non_localized
- The "sharedDir" entry really should be set in the user record (set to a value of "Public"), to ensure AFP file sharing is functional for that user
- Panther: This doesn't consider the custom group created by default, and the custom GID used for this group. The group assigned to the user's home, as well as the GID entry in NetInfo, should use this - instead of "staff"
- Panther: The default shell should be /bin/bash - not /bin/tcsh
- There are several _writers_xxx entries which still should be set in NetInfo, as well
- Even an admin user should NOT be added to the "wheel" group

And, note that none of these scripts handle the creation of a password. This could be handled as an additional feature of the script, to ensure the created user is completely implemented. But also note that as of Panther, the authentication_authority should be set to ";ShadowHash;", not ";basic;" - along with a associated shadow password hash implementation (lots of details to be considered here...).

In all: Creating users is something which is done very well by Apple's UI - and changes with every major release. While automating this process sounds like a good idea, if it's not done completely and exactly correctly, the user created could encounter significant problems on the target computer.



[ Reply to This | # ]
Non-localized
Authored by: ssevenup on Nov 30, '04 02:01:13PM

I took a look in Non-Localized and found nothing there that looked useful. It sets up SoftwareUpdate scheduling which we purposely turn off here. And the Cache looks like it's fluff. Not that I disagree that this is a very complex undertaking, not to be taken lightly. Your other comments I agree with completely.

--MM

---
Mark Moorcroft
ELORET Corp. - NASA/Ames RC
Sys. Admin.



[ Reply to This | # ]
Create new users from the Terminal in 10.3
Authored by: juanfc on Nov 04, '04 12:59:08PM

There is a space in the "User Template" name
ditto "/System/Library/User Template/Spanish.lproj" /Users/$new_username

---
---
juan

[ Reply to This | # ]

Create new users from the Terminal in 10.3
Authored by: Valdemar on Sep 15, '07 03:18:02AM
we can create automatically the home by adding at the end :
createhomedir -c


[ Reply to This | # ]