Apple script needed for creating a local admin account

music55 · September 16, 2008, 2:20pm

Hi Everyone,

I need a apple script which will create a local user account with admin privileges. I have tried doing this using following unix commands:

[b]dscl . -create /Users/test1

dscl . -create /Users/test1 UserShell /bin/bash

dscl . -create /Users/test1 RealName “Test1”

dscl . -create /Users/test1 PrimaryGroupID 1000

dscl . -passwd /Users/test1 123456

dscl . -append /Groups/admin GroupMembership test1[/b]

This scripts will create a user account but I can’t login to the machine using that account for some reason.

Thanks,

James_Nierodzik · September 16, 2008, 3:11pm

Try something like this

-- Set variables
set shortUser to "ghouse"
set longUser to "Dr. Gregory House"
set userPass to "infectious"
set userID to "600"
set groupID to "1001"

set theCommand to ""

-- Build the dscl command
set theCommand to theCommand & "/usr/bin/dscl / -create /Users/" & shortUser & ";"
set theCommand to theCommand & "/usr/bin/dscl / -create /Users/" & shortUser & " UserShell /bin/bash;"
set theCommand to theCommand & "/usr/bin/dscl / -create /Users/" & shortUser & " RealName " & quoted form of longUser & ";"
set theCommand to theCommand & "/usr/bin/dscl / -create /Users/" & shortUser & " UniqueID " & userID & ";"
set theCommand to theCommand & "/usr/bin/dscl / -create /Users/" & shortUser & " PrimaryGroup " & groupID & ";"
set theCommand to theCommand & "/usr/bin/dscl / -create /Users/" & shortUser & " NFSHomeDirectory /Users/" & shortUser & ";"
set theCommand to theCommand & "/usr/bin/dscl / -passwd /Users/" & shortUser & space & userPass & ";"
set theCommand to theCommand & "/usr/bin/dscl / -append /Groups/admin GroupMembership " & shortUser

do shell script theCommand with administrator privileges

music55 · September 16, 2008, 7:20pm

I have test this script and works great except I have to change slashes (/) with periods (.), in order to run on Leopard machine.

Do you know if I want to run this on remote machine using apple remote desktop then what do I need to do? I tried copying and pasting thru “send unix command” task but that did not work.

Thanks,

James_Nierodzik · September 16, 2008, 7:58pm

Well if you just want to run the code as a unix command then strip out all the AppleScript bits until you’re left with something like thi
/usr/bin/dscl / -create /Users/ghouse;/usr/bin/dscl / -create /Users/ghouse UserShell /bin/bash;/usr/bin/dscl / -create /Users/ghouse RealName ‘Dr. Gregory House’;/usr/bin/dscl / -create /Users/ghouse UniqueID 600;/usr/bin/dscl / -create /Users/ghouse PrimaryGroup 1001;/usr/bin/dscl / -create /Users/ghouse NFSHomeDirectory /Users/ghouse;/usr/bin/dscl / -passwd /Users/ghouse infectious;/usr/bin/dscl / -append /Groups/admin GroupMembership ghouse

and then when you run it run it as the “root” user.

music55 · September 17, 2008, 3:12pm

Yes, this script creates an account and I can login with that account but once I log into a machine using new account then it give me error that user’s home folder is not at usual place. Currently we have other account’s home folders at this location, “/Users/”. Does anyone know how to fix that problem?

Thanks,

James_Nierodzik · September 17, 2008, 11:55pm

Is this on Leopard or Tiger? I have tested the script in the form I posted “/” rather than “.” on Tiger and I had no problems. I can test on Leopard tomorrow though.

music55 · September 18, 2008, 1:29pm

I have tried to run on Leopard and that is why I have to change slash (/) to period (.). But it still gives me home folder error.

Thanks,

James_Nierodzik · September 18, 2008, 1:37pm

I’m not in the office yet so I am unable to test this, but try changing this line

set theCommand to theCommand & "/usr/bin/dscl . -create /Users/" & shortUser & " NFSHomeDirectory /Users/" & shortUser & ";"

to this line

set theCommand to theCommand & "/usr/bin/dscl . -create /Users/" & shortUser & " home /Users/" & shortUser & ";"

music55 · September 18, 2008, 2:07pm

It still comes up with same error again and I can’t find new users profile folder any where on this disk.

music55 · September 22, 2008, 5:12pm

Can anyone tell me why am I getting the home folder error?

The user’s home folder is not at usual place and I am unable to finder user profile folder any where on the system disk.

Thanks,

James_Nierodzik · September 23, 2008, 12:51pm

interesting and good to know, I was under the impression that it was not required (which is indeed the case under Tiger).

music55 · September 23, 2008, 5:33pm

Thanks James, this script works great. Since this was an apple script which I saved and copied over using ARD to the target machine then I ran it locally and it created an account and a home drive folder at 2 different locations (/Users/ and under the domain folder which is fine with me). Another thing that I experienced that after creating an account once I tried to login to target machine using newly created account then it showed me 2 different names (one was display name and other once was username) and I have to select in order to continue. This is what I have changed:

Applescript:

set T_password to “1”
set longUser_name to quoted form of “Test Account”
set user_name to quoted form of “test1”
set userID to 600
set groupID to 1001

if (do shell script "/usr/bin/dscl . -search /Users name " & user_name) is not “” then
display alert "User name " & user_name & " already exists, modify the user name and try it again "
return
end if

– create account, if (the user ID or the group ID) already exists, loop until the id is unique
do shell script “declare dscl=/usr/bin/dscl;t_uid=” & userID & “;g_uid=” & groupID & “;userA=” & user_name & "
while [[ -n "$($dscl . -search /Users uid $t_uid)" ]]; do
t_uid=$[t_uid+1]
done
while [[ -n "$($dscl . -search /Users uid $g_uid)" ]]; do
g_uid=$[g_uid+1]
done
$dscl . -create /Users/"$userA"
$dscl . -create /Users/"$userA" UserShell /bin/bash
$dscl . -create /Users/"$userA" RealName " & longUser_name & "
$dscl . -create /Users/"$userA" UniqueID $t_uid
$dscl . -create /Users/"$userA" PrimaryGroupID $g_uid
$dscl . -create /Users/"$userA" NFSHomeDirectory /Users/"$userA"
$dscl . -passwd /Users/"$userA" " & T_password & "
$dscl . -append /Groups/admin GroupMembership "$userA"
/usr/sbin/createhomedir -l -u "$userA"
/bin/echo "Admin account: "$userA" successfully created"" with administrator privileges
display alert the result

Do you know why am i getting those two different names?

How can I use this script as a unix command?

Thanks,

music55 · September 24, 2008, 6:08pm

So this is the Unix script that I sent to the target machine using ARD:

This script creates a user properly but shows that it created a home directory as well. Once I logged into target machine using new account then I receive the same error (home folder for user is not located in the usual place or can not be accessed).

Can anyone tell what is wrong with this script?

Thanks,

James_Nierodzik · September 24, 2008, 10:03pm

music55:

So this is the Unix script that I sent to the target machine using ARD:

/usr/bin/dscl / -create /Users/test;/usr/bin/dscl / -create /Users/test UserShell /bin/bash;/usr/bin/dscl / -create /Users/test RealName ‘test’;/usr/bin/dscl / -create /Users/test UniqueID 600;/usr/bin/dscl / -create /Users/test PrimaryGroup 1001;/usr/bin/dscl / -create /Users/test NFSHomeDirectory /Users/test;/usr/sbin/createhomedir -u test;/usr/bin/dscl / -passwd /Users/test 123456;/usr/bin/dscl / -append /Groups/admin GroupMembership test

This script creates a user properly but shows that it created a home directory as well. Once I logged into target machine using new account then I receive the same error (home folder for user is not located in the usual place or can not be accessed).

Can anyone tell what is wrong with this script?

Thanks,

Well a quick observation is that you left out the -l from the example that was posted above. According to the man page

-l creates home directories for users defined in the local directory domain.

Since we are creating a local account and not one defined by a Directory Service I would try adding that option back in and seeing what happens.

music55 · September 25, 2008, 1:27pm

So I have added the “-l” syntax and executed that command again using root account from ARD but still no home folder and I have received the same error message.

One thing that I don’t understand is this that what is the difference between the apple script (that you posted earlier) and this unix script. With apple script account and home folder was created successfully but only issue with that one that a person has to login to all the machines and manually execute apple script. Is there a way that I can remotely run that script on all the machines using ARD?

Thanks,

music55 · September 25, 2008, 5:38pm

Hi Jacques,

That script worked the way I wanted but I am not clear on this:

Do I have use sudo sh -c ’ this if I am running this script from the ARD as a root user?

Thanks,

music55 · September 29, 2008, 1:29pm

Thank you.

GreyRock · January 8, 2010, 5:18pm

This worked for me using ARD in SL 10.6.2, but I received an error when sending it a user with Leopard 10.5.6. It Did create the admin account but didn’t create a home folder so you cannot access any settings requiring the default password. Any thoughts? Thanks!