Specifications
102 Chapter 8 Managing User and Group Accounts
3 Authenticate as an administrator by entering the following command, replacing
adminusername with your administrator user name, and entering your administrator
password when prompted:
> auth
adminusername
4 Create an administrator user.
>append admin Member
adminusername
This command creates an administrator user, but it doesn’t add the globally unique
identifier (GUID) of the administrator user to the group account.
5 Add the administrator user to the group.
> append admin GroupMembers
guid
Replace
guid
with the globally unique identifier.
6 Quit the
dscl tool.
>quit
To find the GUID of the administrator user:
> cd /LDAPv3/ipaddress/Users
> read
adminusername
GeneratedUID
Verifying a User’s Administrator Privileges
To verify the administrator privileges of a user, use the serversetup tool.
To see if a user is a server administrator:
$ sudo /System/Library/ServerSetup/serversetup -isAdministrator
shortname
The command displays a 0 if the user is an administrator, or a 1 if the user is not an
administrator.
Creating a Nonadministrator User Account
You can create user accounts by using dscl and other tools.
When you create a user account from the command line, you must also set values for
basic attributes of the user account, such as the short name, long name, user ID, and
home folder location.
To create a nonadministrator user account:
1 Identify an unused user ID by using the dscl tool to display lists of assigned user IDs
and group IDs.
$ dscl
/LDAPv3/ipaddress
-list /Users UniqueID| awk '{print $2}' | sort -n
Replace /LDAPv3/ipaddress with the location of your directory domain (the way it
appears in the search path in Directory Access).