Creating User Accounts from the Command Line

Note: this procedure does not work in Mac OS X 10.5, Leopard. I’ll be updating this article soon to reflect the new procedure.

While the System Preferences, and the Accounts pane, let you easily create user accounts in Mac OS X, you may need to do so, at times, from the command line. Doing so requires several steps, but in Panther, this is relatively easy to do. Read on to find out more about doing this with Terminal.

This article is adapted from my book

The Mac OS X Command Line: Unix Under the Hood.

Creating user accounts from the command line uses the niload (NetInfo load) command together with a few other commands to create the new user’s account and all necessary settings. Here is how to do it, creating a new user named Henry James, with a short name of henry.

(In this article, the commands you type are in bold code font. The output from the commands is in code font but not in bold.)

First, you need to run a command to populate the NetInfo database with the appropriate information for a user account. The following command uses the niload command to load information directly into NetInfo. It uses the format of a standard passwrd file, which is that of a series of fields separated by colons (this command must all be on one line):

echo 'henry::512:512::0:0:Henry James:/Users/henry:/bin/bash' 
| sudo niload -v passwd /

The shell asks for your password, since the second part of the command contains the sudo command, then displays information regarding the additions it has made to the NetInfo database:

1 items read from input
Netinfo /users contains 22 items

Processing input item:
_writers_passwd: henry
change: 0
expire: 0
gid: 512
home: /Users/henry
name: test3
realname: Henry James
shell: /bin/bash
uid: 512

writing new directory /users/henry

Let’s look at the different information you need to enter in the command shown in the example. Each “field” is a bit of text separated by colons. The command contains ten fields:

henry::512:512::0:0:Henry James:/Users/henry:/bin/bash

These fields correspond to the following template:

  1. Field 1: The user’s short name—in this case, emerson.
  2. Field 2: The user’s password; we’ll set this later with another command.
  3. Field 3: The user ID number.
  4. Field 4: The group ID number. For Panther, this is the same as the user ID number.
  5. Field 5: A comment field; you don’t need to enter anything here.
  6. Field 6: The user’s class; not used by NetInfo.
  7. Field 7: The user’s password change time; not used by NetInfo.
  8. Field 8: The user’s full name.
  9. Field 9: The user’s home directory path.
  10. Field 10: The user’s default shell.

In field 3 above, you need to find a user ID to give to your new user. Run this command to find out which user IDs are used: nireport . /users name uid, and choose an ID above 500.

You can use this same procedure to create multiple users with similarly formatted data in a single text file. Instead of running the first echo command shown above, run the command that follows – the file should contain user information in the same 10 fields as shown above, and should contain one user per line. You can import as many users as you want from a single file.

sudo niload -v file.txt /

After you’ve run the command to create the new user, you need to set the user’s password. Run this command, then enter the password twice when prompted:

sudo passwd henry

Changing password for henry.
New password:
Retype new password:

Finally, you need to create a group for the user; Panther uses individual groups for each user, which have the same GID as the user’s UID:

echo 'henry:*:512:henry' | sudo niload -v group /

This command creates the group named henry, gives it the GID of 512, and adds the user henry to the group, all in one step.

Finally, you may want to make the user a member of the admin group so they have administrative access. Run this command to add the user to the admin group:

sudo niutil -appendprop / /groups/admin users henry

If you do this, your new user is an administrator and has all administrative rights. You can always change this later in the Accounts preference pane.

Note that after you have created the new account, the new user does not yet have a home directory. All you need to do is log in under the user’s account, and the system creates the actual home directory at first login. This directory is created from a directory template found in /System/Library/User Template.

See man niload for more on using this command.

Read more articles in this category: Mac OS X Command Line