Creating invisible users in Mac OS-X (Snow)Leopard

Allgemein, Mac, ,

Recently I wanted to install a software no my Mac that required a dedicated user. So I created a user via the GUI-Interface and noted, that the user now was visible in the login-screen, which I didn’t want to happen.

So after a bit of research I came up with the following:
In MacOS-X you can hide users with a user-id below 500, so I had to check which number below the 500 was free.

Using the following commands I got a list of all IDs for the users and the groups and found, that – at least on my system – everything from 300 through 399 was free, so I will settle for the 300 in this example.

# List all User-IDs
dscl . list /Users UniqueID | sed -E "s/ +/ /g" | cut -d " " -f 2 \
    | sort
# List all Group-IDs
dscl . list /Groups PrimaryGroupID | sed -E "s/ +/ /g" \ 
    | cut -d " " -f 2 |sort

That given I had to create the group and the user as well as set the user as member of the group

USERNAME="MyUserName"
GIDNUMBER=300
UIDNUMBER=300
PASSWORD="secretPassword"
# Create the group
sudo dscl . create /Groups/$USERNAME
sudo dscl . create /Groups/$USERNAME PrimaryGroupID $GIDNUMBER
# Create the user
sudo dscl . create /Users/$USERNAME
sudo dscl . create /Users/$USERNAME PrimaryGroupID $GIDNUMBER
sudo dscl . create /Users/$USERNAME UniqueID $UIDNUMBER
sudo dscl . create /Users/$USERNAME UserShell /bin/bash
# Set the users pasword
sudo dscl . passwd /Users/$USERNAME $PASSWORD
# Add the user to the group
sudo dscl . append /Groups/$USERNAME GroupMembership $USERNAME

That’s that!

Group created, User created, User as Group-Member set, what’s next?

Oh yes, I have to set the flag to hide users with ID below 500, and some stuff like that.

# Hide all users with a user-ID below 500
sudo defaults write /Library/Preferences/com.apple.loginwindow \
    Hide500Users -bool TRUE
# Add the user to the list of users to be hidden
sudo defaults write /Library/Preferences/com.apple.loginwindow \
    HiddenUsersList -array $USERNAME
# Remove the 'other...' string from the login-screen
sudo defaults write /Library/Preferences/com.apple.loginwindow \
     SHOWOTHERUSERS_MANAGED -bool FALSE

Finished.

The created User ‘MyUserName’ now should not show up in the login-screen.

For more Information see this MacWorld-Hint

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)