How to Create Local User Accounts on macOS 10.15+



Description

Provided is a scripted recipe to create a local user account on macOS devices associated with the below Fileset.  Options allow for creating:

  • Admin or standard accounts

  • Hidden or visible accounts

Other values may be specified.

Information

Requirements are:

  • 'Create macOS user' Fileset

  • Some consideration regarding user name, password and ID numbers

 

Customised values are set with the use of Environment Variables.  Settings within the downloaded recipe are:

Customisation includes:

  • username - unix shortname (no spaces)

  • realname - long display name

  • password - users password

  • group_id - user's primary group id

  • shell_type - e.g /bin/bash, /bin/zsh

  • islocaladmin - set user to be a local admin TRUE/FALSE

  • is_hidden - set user to be an invisible account TRUE/FALSE

  • id_choice - set to be a dedicated value [static_id] or find next available value [next_id]

  • unique_id - either the ID to use when id_choice is static_id or the beginning ID of a range of IDs to attempt when id_choice is set to next_id

  • end_id - for next_id, the end value of range of IDs to stop testing and if reached script will exit 1

 

'id_choice'

This options is stating whether the id to be used will be solely one preset value or if a range of values should be attempted; first available will then be attempted.

static_id

When set to 'static_id', the value set in 'unique_id' will be used as the users ID.  If this value is already in use, the script will exit.

next_id

When set to 'next_id', a range of values will be tested starting at 'unique_id' and ending with 'end_id'.  The first available value found will be used. If none are found the script will exit

'username'

This is the short name of the user.  If the name already exists on the device, the script will exit.

'islocaladmin'

If set to TRUE, this will set the user as a local Admin of the device

'is_hidden'

If set to TRUE, this user will be set as a hidden account

Other

All other values should be edited as desired

Directions

To create a user:

  • Download the above Fileset and import into FileWave

  • Edit the Environment Variables as required

  • Associate and Update Model to test devices

  • Once tested associate to greater quantity or all devices.

Example

Consider a device that already has 3 local accounts, with user IDs 501, 502, 503.  Settings could then be either:

  • Variable: id_choice

  • Value: static_id

  • Variable: unique_id

  • Value: 504

or may look something like:

  • Variable: id_choice

  • Value: next_id

  • Variable: unique_id

  • Value: 501

  • Variable: end_id

  • Value: 600

In the first instance, ID 504 will be attempted.  This is useful if all devices are the same and it is considered desirable that all users of this name have the same ID on each device.

In the second instance, 501 will be attempted, then 502 and 503, when finally 504 will be met, found to be free, and then be attempted.  This option is particularly useful for devices where an unknown quantity of user accounts may exist on each device and the users' ID is not considered important.

Considering this example with all other settings as default, the following account should be created:

1 2 3 4 5 6 7 NFSHomeDirectory: /Users/fwadmin PrimaryGroupID: 20 RealName: FileWave Admin RecordName: fwadmin UniqueID: 504 UserShell: /bin/zsh

Additionally, the user will be a local Admin, but the account was not set as hidden