How do I create a script to create/modify local admin accounts?
We have approx. 400 Macs on our campus, and the problem is they were not all set up identically. There are at least 4 different admin username and password variations.
What I'd like to have is a script that will:
1) Check to see what the local admin account(s) is called. 2) If the account isn't named properly, create a new one with the proper name. 3) Set the proper password. (Preferably it'd be obfuscated in the script)
I found on StackExchange this script, but it doesn't exactly do what I need.
#!/bin/sh./etc/rc.common dscl . create /Users/administrator dscl . create /Users/administrator RealName"Administrator Account" dscl . create /Users/administrator hint "Password Hint" dscl . create /Users/administrator picture "/Path/To/Picture.png" dscl . passwd /Users/administrator thisistheaccountpassword dscl . create /Users/administrator UniqueID501 dscl . create /Users/administrator PrimaryGroupID80 dscl . create /Users/administrator UserShell/bin/bash dscl . create /Users/administrator NFSHomeDirectory/Users/administrator cp -R /System/Library/User\ Template/English.lproj /Users/administrator chown -R administrator:staff /Users/administratorAnother suggestion was to use to get next proper id number.
LastID=`dscl . -list /Users UniqueID | awk '{print $2}' | sort -n | tail -1`NextID=$((LastID+1))
4 Comments
[ + ] Show comments
Answers (1)
Please log in to answer
Posted by:
SMal.tmcc
10 years ago
we change the password for our user with this script
dscl . -passwd /Users/admin oldpassword newpassword
http://www.macenterprise.org/mailing-list
You can check the archives first but I don't remember seeing anyone post about this recently. - chucksteel 10 years ago
#!/bin/bash
# This script will first check existing accounts for presence of USERNAME or admin or administrator
# If found, it will change the password to PASSWORD
# If none are found, it will run the package create_USERNAME-1.0.pkg which creates an account with Full Name = Administrator, Account Name
# (short name) USERNAME with the password.
function checkusername () {
local test1=$(dscl . -list /Users | grep -i USERNAME)
local test2=$(dscl . -list /Users | grep -i admin)
local test3=$(dscl . -list /Users | grep -i Administrator)
if [ "$test1" = “username†]; then
echo the username username already exists
echo setting password
dscl . passwd /Users/username PASSWORD
exit
else
echo
fi
if [ "$test1" = "Username" ]; then
echo the username Username already exists
echo setting password
dscl . passwd /Users/Username PASSWORD
exit
else
echo
fi
if [ "$test1" = “UserName†]; then
echo the username UserName already exists
echo setting password
dscl . passwd /Users/UserName PASSWORD
exit
else
echo
fi
if [ "$test2" = "admin" ]; then
echo the username admin already exists
echo setting password
dscl . passwd /Users/admin PASSWORD
exit
else
echo
fi
if [ "$test2" = "Admin" ]; then
echo the username Admin already exists
echo setting password
dscl . passwd /Users/Admin PASSWORD
exit
else
echo
fi
if [ "$test3" = "Administrator" ]; then
echo the username Administrator already exists
echo setting password
dscl . passwd /Users/Administrator PASSWORD
exit
else
echo
fi
if [ "$test3" = "administrator" ]; then
echo the username administrator already exists
echo setting password
dscl . passwd /Users/administrator PASSWORD
exit
else
echo
fi
}
checkusername
/usr/sbin/installer -pkg 'create_USERNAME-1.0.pkg' -target / - jtremblay 10 years ago