Script to create new users on Mac
If a user on Mac has the admin role, they can create a new user easily from System Preferences > Users & Groups. But, when a device admin managing many macOS endpoints desires to create a new account this way, it becomes a tedious process to do it manually on each endpoint. For such scenarios, you can use the script below to create new users in batch on Mac.
Device admins can remotely run scripts on Macs managed with Hexnode using the Execute Custom Script action.
Scripting language – Bash
File extension – .sh
Create a new user using the dscl command
# Create a new user with the username New user
sudo dscl . -create /Users/Username
# Add the display name of the User as John Doe
sudo dscl . -create /Users/Username RealName "John Doe"
# Replace password_here with your desired password to set the password for this user
sudo dscl . -passwd /Users/Username password_here
# (Optional)Add a password hint
sudo dscl . -create /Users/Username hint “Password Hint”
# (Optional)Add a profile picture
sudo dscl . -create /Users/Username picture “/path to picture.png”
# Set the Unique ID for the New user. Replace with a number that is not already taken.
sudo dscl . -create /Users/Username UniqueID 1088
# Set the group ID for the user
sudo dscl . -create /Users/Username PrimaryGroupID 20
# Set the shell interpreter to Bash for New\ user
sudo dscl . -create /Users/Username UserShell /bin/bash
# Create a Home folder for the user
sudo dscl . -create /Users/Username NFSHomeDirectory /Local/Users/Username
# Append the User with admin privilege. If this line is not included the user will be set as standard user.
sudo dscl . -append /Groups/admin GroupMembership Username
The dscl command is a command line utility that helps create/modify user accounts.
When you add the Unique ID and Primary Group ID, note the following points –
- The UniqueID for a user must be unique to the user.
- You can set the PrimaryGroupID as ‘80’ to add the user to the Admin user group directly. Or, set the PrimaryGroupID as ‘20’ to add the user to the Standard user group.
Create a new user using the sysadminctl command
#Create a new user with a username
sysadminctl –addUser <username> -password <password>
The above script uses the sysadminctl command to create a new user on Mac.
If your system is FileVault encrypted, only FileVault enabled users will show up on the initial login screen after reboot. To add a user to the login screen, the user will have to be manually enabled by the device administrator to unlock the disk from System Preferences > Security & Privacy > FileVault > Enable Users.
You can also run the below script to do the same –
sudo fdesetup add -usertoadd New\ user