Knowledge Base ​ > ​ ​Mac (macOS) Device Management ​ > ​ ​Shell Scripts & Custom Payloads ​ > ​   Manage Users and Passwords on Mac devices

Manage Users and Passwords on Mac devices

Updated 3 months ago by Yukti Rathore

The following shell script helps IT Admins to create a user(s) account on Mac devices with specified parameters.

  1. Create a file on your desktop, for example, CreateUseronMac.sh and open it in a text editor like notepad++
  2. Copy the contents below to the file or click here to download the file.
    #!/bin/sh   

    # Add the user name
    username="XXXXXXX"
    # Add the display name of the User   
    displayName="XXXXXXXXXXXXX"
    # Set the password for the user
    password="XXXXXX"
    # If admin account is needed then set "yes" else "no"
    admin="XX"
    # If hidden account is needed then set "yes" else "no"
    hidden="XX"
    # Set the password hint if required. Else set empty string ""
    passwordhint="XX"
    # Set the account image if required. Else set empty string ""
    accountimage="XX"

    ##### DO NOT EDIT BELOW CODE #####

    if id "$username" &>/dev/null; then
        echo "$username already exists. Exiting script"
        exit 1
    fi


    # determine next available UID
    highestUID=$( dscl . -list /Users UniqueID | /usr/bin/awk '$2>m {m=$2} END { print m }' )
    nextUID=$(( ${highestUID//[ $'\001'-$'\037']}+1 ))

    echo "Creating user with username: $username, displayName: $displayName, password: $password"
    echo "isAdminAccount: $admin, isHidden: $hidden, passwordHint: $passwordhint, accountimage: $accountimage"

    dscl . -create "/Users/$username"
    dscl . -create "/Users/$username" RealName "$displayName"
    dscl . -passwd "/Users/$username" "$password"  
    dscl . -create "/Users/$username" UniqueID "$nextUID"  
    dscl . -create "/Users/$username" UserShell /bin/bash

    # make the account admin, if specified
    if [[ "$admin" = "yes" ]]; then
    	dscl . -create "/Users/$username" PrimaryGroupID 80  
        dscl . append /Groups/admin GroupMembership "$username"
    else
    	dscl . -create "/Users/$username" PrimaryGroupID 20  
    fi

    # hide the account, if specified
    if [[ "$hidden" = "yes" ]]; then
        dscl . create "/Users/$username" IsHidden 1
        dscl . create "/Users/$username" NFSHomeDirectory "/private/var/$username"
        cp -R /System/Library/User\ Template/English.lproj "/Users/$username"
        chown -R "$username:admin" "/Users/$username"
    else
        dscl . create "/Users/$username" NFSHomeDirectory "/Users/$username"
        cp -R /System/Library/User\ Template/English.lproj "/Users/$username"
        chown -R "$username:staff" "/Users/$username"
    fi

    # set password hint if mentioned
    if [ ! -z "$passwordhint" ]; then
    	dscl . -create "/Users/$username" hint "$passwordhint"
    fi

    # set account image if mentioned
    if [ ! -z "$accountimage" ]; then
    	dscl . -create "/Users/$username" picture "$accountimage"
    fi



    echo "Successfully created the account"
  3. Replace the following data in the above script according to your requirements:
    1. username: replace it with the name of the user account that you want to create.
    2. displayName: replace it with the display name of the user.
    3. password: enter the password that you want to set for the user.
    4. admin: if you want to add an admin account on the device then set yes or else no.
    5. hidden: if you want to add a hidden account on the device then set yes or else no.
    6. passwordhint: enter a password hint or keep it blank.
    7. accountimage: add and image for account or keep it blank.
      For example:
      #!/bin/sh   

      # Add the user name
      username="Scalefusion"
      # Add the display name of the User   
      displayName="Scalefusion Standard User"
      # Set the password for the user
      password="123456"
      # If admin account is needed then set "yes" else "no"
      admin="no"
      # If hidden account is needed then set "yes" else "no"
      hidden="no"
      # Set the password hint if required. Else set empty string ""
      passwordhint=""
      # Set the account image if required. Else set empty string ""
      accountimage=""
  4. Follow our guide to upload & publish the Shell script using Scalefusion Dashboard.
Please note that to use the Shell scripts, the Scalefusion MDM Client Application must be installed on the device(s). Please follow our guide to publish and install the Scalefusion MDM Agent Application.
Notes:
1. The scripts and their contents are sourced from various albeit authenticated Apple Developer communities and forums.
2. Please validate the scripts on a test machine before deploying them on all your managed devices.
3. Scalefusion has tested these scripts, however, Scalefusion will not be responsible for any loss of data or system malfunction that may arise due to the incorrect usage of these scripts.

How did we do?

Powered by HelpDocs (opens in a new tab)