Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.5: Delete users accounts from command line in 10.5' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.5: Delete users accounts from command line in 10.5
Authored by: nilness on Jun 09, '09 09:33:17AM
Here's a little script I wrote that will clear user info on recent versions of OS X. Drop it in the root level of the hard drive, then boot to single user mode and run it.

Please note that I hard coded the user account; someone could easily modify it to find it automatically or as a command line argument. Also the script removes itself, and the name and location are hardcoded, so adjust those as well.

My scripting is pretty rusty but it gets the job done; I'd love to see someone clean it up a bit. Really wish this functionality could get rolled into AppleJack...

PS - I'm sure I looked at the same sources as the OP when I wrote this - I don't want to take credit for the methodology.

======================================


# /bin/sh

# check and mount the hard drive
/sbin/fsck -fy
/sbin/mount -uw /

#determine which OS we're on - clunky but it works...
x_5=`sw_vers -productVersion | grep "10.5"`
x_4=`sw_vers -productVersion | grep "10.4"`
x_3=`sw_vers -productVersion | grep "10.3"`

#if we're 10.5, remove user account this way
if [[ $x_5 != "" ]]; then
# start directory services
launchctl load /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist

# remove  user from directory services
dscl . -delete /groups/_appserveradm GroupMembership username
dscl . -delete /groups/_appserverusr GroupMembership username
dscl . -delete /groups/_lpadmin GroupMembership username
dscl . -delete /groups/admin GroupMembership username
dscl . -delete /groups/com.apple.sharepoint.group.1 GroupMembership username
dscl . -delete /groups/staff GroupMembership username

dscl . -delete /users/username

elif [[ $x_4 != "" ]]; then
#if we're in 10.4 remove the user account this way
# remove netinfo database
rm -rf /var/db/netinfo/local.nidb

elif [[ $x_3 != "" ]]; then
#if we're in 10.3 remove the user account this way
# remove netinfo database
rm -rf /var/db/netinfo/local.nidb

else
echo "unrecognized system"
exit
fi

#further commands will run in 10.3, 10.4, or 10.5
# delete user folder
rm -rf /Users/username

# remove setup done file so setup runs on boot
rm /var/db/.AppleSetupDone

# remove network configuration files
rm /Library/Preferences/SystemConfiguration/*

# remove this script
rm /userreset.sh

# shutdown the computer
shutdown -h now


[ Reply to This | # ]
10.5: Delete users accounts from command line in 10.5
Authored by: nilness on Jun 09, '09 11:59:20AM

Just noticed my account name on the original post. I didn't even realize that was my submission! I sent it in a LONG time ago (at least in 'net time). So sorry for commenting on my own hint w/o realizing it!

It's been a while since I was researching this but I don't think just deleting /var/db/dslocal worked - don't remember why. It probably deletes too many entries.



[ Reply to This | # ]
10.5: Delete users accounts from command line in 10.5
Authored by: bcometa on Jun 10, '09 01:07:11PM

excuse my ignorance with this script/command line stuff:

what's the proper way to save this? just in textedit? or script editor?

can you give the command to run this at single user startup, after moving to root of boot drive?

Also, the only thing needed to be modified on your script is "username", right, to the temp user I want to delete?

thanks in advance!!



[ Reply to This | # ]
10.5: Delete users accounts from command line in 10.5
Authored by: wallybear on Jun 10, '09 02:15:11PM

Two simple changes to address the two issues of your script (the hardcoded user name and script name):

You can get the short ID 501 user name with the command: id -un 501
So if you add this

USERNAME=`id -un 501`

at the beginning of your script and then substitute all "username" occurrences with $USERNAME you get the automatic user detection you wished for.

Secondly, you can get the full pathname of the called script using the $0 variable, so you can substitute the lines:

# remove this script
rm /userreset.sh

with those:

# remove this script
rm $0

and the script will be deleted doesn't matter which name you gave it.



[ Reply to This | # ]
10.5: Delete users accounts from command line in 10.5
Authored by: nilness on Jun 11, '09 08:03:41AM

bcmeta-

Copy and paste it into text edit, make sure it's plain text not RTF, then save it as "userreset.sh" or whatever you'd like; just make sure the ".sh" is on the end. And note that if you change the name of the script you'll need to change the script line that deletes itself - use wallybear's suggestion to make it painless.

Put it in the root level of the hard drive, reboot into single user mode, and type "sh userreset.sh" or whatever you named it.

The script will run then delete itself and shut the machine down when it's finished.

wallybear-

Thanks for the input! I'm REALLY rust on shell scripting but figured there was probably an easy way to do this. For our needs the hardcoding is fine but I certainly prefer to have a more flexible solution.

Do you know off-hand if the "id" command and "$0" variable work consistently with 10.3 & 10.4? As you can see I'm trying to keep the script flexible enough to use with all the OS's we're likely to need it with.

Thanks for the help!



[ Reply to This | # ]
10.5: Delete users accounts from command line in 10.5
Authored by: wallybear on Jun 11, '09 01:03:38PM

"Do you know off-hand if the "id" command and "$0" variable work consistently with 10.3 & 10.4? As you can see I'm trying to keep the script flexible enough to use with all the OS's we're likely to need it with."

The $0 variable is a standard for bash/sh, so it works in 10.3 & 10.4 also.
Regarding the "id" command, man states that "The id command appeared in 4.4BSD."; I don't know if it is available in 10.3.x in general, but I can confirm it is from 10.3.9 and later.



[ Reply to This | # ]
10.5: Delete users accounts from command line in 10.5
Authored by: nilness on Jun 12, '09 07:19:29AM

Thanks... of course I just did a little testing and it looks like the id command won't work in single user mode without starting netinfo/directory services. Not a problem for 10.5 since that has to be done anyway, but I guess I'll have to see about starting & stopping netinfo in 10.3 & 10.4. I'm not sure it's worth the trouble - starting to wonder if listing the user directory might be easier!



[ Reply to This | # ]