Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Create a 'hidden at login' Admin account' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Create a 'hidden at login' Admin account
Authored by: Paul Cook on Jun 05, '07 08:40:13AM

It was a while ago, but I have personally seen a variation of this cause problems when the "admin" account is deleted. Following is what I think happened.

One of my clients set up a computer with both "admin" as both the long and short user name. The admin account was later deleted and the computer stopped working properly and all admin users lost admin privileges. (I don't remember the exact symptoms.) A check in Netinfo Manager showed that there was no "admin" group.

What I think happened:
When you create an account with a short user name of "xyz", OS-X creates a group called "xyz." Many files created by/for the "xyz" user will be owned by the "xyz" user and the "xyz" group will have group level privileges to those files. When the "xyz" user is deleted, normally the "xyz" group is deleted as well.

There is already a group named "admin" and all admin users are part of that group. It is their presence in the "admin" group that makes them admin users.

What I think happened is that when the "admin" user was deleted, the admin group was as well.

This experience was a while ago and it may have now been fixed, but I think it is wise to stay away from using long or short named that are the same as any preexisting users or group in OS-X (i.e. admin, wheel, www. daemon, jabber, bin, etc.) I would be inclined to avoid different case (upper vs lower) versions of these names as well.

If it hasn't been fixed, it should be. As it is not "user friendly" to allow a user to create names that will cause such problems.

Instead, I suggest following nvdingo's suggestion for hiding user names.



[ Reply to This | # ]