Recently I wanted to install a software no my Mac that required a dedicated user. So I created a user via the GUI-Interface and noted, that the user now was visible in the login-screen, which I didn’t want to happen.
So after a bit of research I came up with the following:
In MacOS-X you can hide users with a user-id below 500, so I had to check which number below the 500 was free.
Using the following commands I got a list of all IDs for the users and the groups and found, that – at least on my system – everything from 300 through 399 was free, so I will settle for the 300 in this example.
# List all User-IDs dscl . list /Users UniqueID | sed -E "s/ +/ /g" | cut -d " " -f 2 \ | sort # List all Group-IDs dscl . list /Groups PrimaryGroupID | sed -E "s/ +/ /g" \ | cut -d " " -f 2 |sort
That given I had to create the group and the user as well as set the user as member of the group
USERNAME="MyUserName" GIDNUMBER=300 UIDNUMBER=300 PASSWORD="secretPassword" # Create the group sudo dscl . create /Groups/$USERNAME sudo dscl . create /Groups/$USERNAME PrimaryGroupID $GIDNUMBER # Create the user sudo dscl . create /Users/$USERNAME sudo dscl . create /Users/$USERNAME PrimaryGroupID $GIDNUMBER sudo dscl . create /Users/$USERNAME UniqueID $UIDNUMBER sudo dscl . create /Users/$USERNAME UserShell /bin/bash # Set the users pasword sudo dscl . passwd /Users/$USERNAME $PASSWORD # Add the user to the group sudo dscl . append /Groups/$USERNAME GroupMembership $USERNAME
That’s that!
Group created, User created, User as Group-Member set, what’s next?
Oh yes, I have to set the flag to hide users with ID below 500, and some stuff like that.
# Hide all users with a user-ID below 500 sudo defaults write /Library/Preferences/com.apple.loginwindow \ Hide500Users -bool TRUE # Add the user to the list of users to be hidden sudo defaults write /Library/Preferences/com.apple.loginwindow \ HiddenUsersList -array $USERNAME # Remove the 'other...' string from the login-screen sudo defaults write /Library/Preferences/com.apple.loginwindow \ SHOWOTHERUSERS_MANAGED -bool FALSE
Finished.
The created User ‘MyUserName’ now should not show up in the login-screen.
For more Information see this MacWorld-Hint