Create Local Admin Account From Terminal – Mac OS X

Most of the time you would create a local administrator account through the user interface on a mac, but sometimes this needs to be done from a script or in a terminal window.

This is useful when setting up many MacBooks in a large scale environment.

#!/bin/bash
 
# Create localadmin record in directory services
dscl . -create /Users/localadmin
dscl . -create /Users/localadmin RealName "Local Administrator"
dscl . -create /Users/localadmin UniqueID 399 # Use something between 100 and 500 to hide the user
dscl . -create /Users/localadmin PrimaryGroupID 20
dscl . -create /Users/localadmin UserShell /bin/bash
dscl . -passwd /Users/localadmin "SecretP@ssw0rd"
 
# Add localadmin to the sudoers file
echo "localadmin ALL=(ALL) ALL" >> /etc/sudoers
 
# Puts localadmin in the admin group
sudo dscl . append /Groups/admin GroupMembership localadmin
 
# Set up a hidden home folder
dscl . -create /Users/localadmin NFSHomeDirectory /var/localadmin # or other hidden location
chown -R localadmin:staff /var/localadmin
 
# This will remove the public folder for the localadmin
/bin/rm -R /var/localadmin/Public

Leave a Reply

Your email address will not be published. Required fields are marked *

*