Category filter
Script to create new users on Mac
If a user on Mac has the admin role, they can create a new user easily from System Preferences > Users & Groups. But, when a device admin managing many macOS endpoints desires to create a new account this way, it becomes a tedious process to do it manually on each endpoint. For such scenarios, you can use the script below to create new users in batch on Mac.
Device admins can remotely run scripts on Macs managed with Hexnode using the Execute Custom Script action.
Scripting language – Bash
File extension – .sh
The sample scripts provided below are adapted from third-party open-source sites.
Create a new user using the dscl command
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
#!/bin/sh # Create a new user with the username New user sudo dscl . -create /Users/Username # Add the display name of the User as John Doe sudo dscl . -create /Users/Username RealName "John Doe" # Replace password_here with your desired password to set the password for this user sudo dscl . -passwd /Users/Username password_here # (Optional)Add a password hint sudo dscl . -create /Users/Username hint “Password Hint” # (Optional)Add a profile picture sudo dscl . -create /Users/Username picture “/path to picture.png” # Set the Unique ID for the New user. Replace with a number that is not already taken. sudo dscl . -create /Users/Username UniqueID 1088 # Set the group ID for the user sudo dscl . -create /Users/Username PrimaryGroupID 20 # Set the shell interpreter to Bash for New\ user sudo dscl . -create /Users/Username UserShell /bin/bash # Create a Home folder for the user sudo dscl . -create /Users/Username NFSHomeDirectory /Local/Users/Username # Append the User with admin privilege. If this line is not included the user will be set as standard user. sudo dscl . -append /Groups/admin GroupMembership Username |
The dscl command is a command line utility that helps create/modify user accounts.
When you add the Unique ID and Primary Group ID, note the following points –
- The UniqueID for a user must be unique to the user.
- You can set the PrimaryGroupID as ‘80’ to add the user to the Admin user group directly. Or, set the PrimaryGroupID as ‘20’ to add the user to the Standard user group.
The dscl commands might not run as expected on some macOS versions.
Create a new user using the sysadminctl command
|
1 2 3 |
#!/bin/bash #Create a new user with a username sysadminctl –addUser <username> -password <password> |
The above script uses the sysadminctl command to create a new user on Mac.
In Bash, before inserting space while defining file or folder names, we use a backslash \ to separate the characters. This will prevent the shell interpreter from interpreting the space as a separator and assuming they were two different arguments. Hence, we write New user as New\ user in the above code.
If your system is FileVault encrypted, only FileVault enabled users will show up on the initial login screen after reboot. To add a user to the login screen, the user will have to be manually enabled by the device administrator to unlock the disk from System Preferences > Security & Privacy > FileVault > Enable Users.
You can also run the below script to do the same –
sudo fdesetup add -usertoadd New\ user
- It is recommended to manually validate the script execution on a system before executing the action in bulk.
- Hexnode will not be responsible for any damage/loss to the system on the behavior of the script.
