createUser 1.0.1

[akinspe]

I have posted an updated version of my createUser package. There are two enhancements:

1. The ability to specify the home folder location (besides /Users/X). It will accept raw paths as well as some substitution patterns.
2. The ability to hide the user from the loginwindow

Check it out and feel free to comment further.

[url=https://www.afp548.com/filemgmt/visit.php?lid=75]https://www.afp548.com/filemgmt/visit.php?lid=75[/url]

For the unaware: createUser is a package that creates a user on either a 10.4 or 10.5 system. It has many configurable options to accommodate a variety of deployment situations. Most properties can be configured or retain sane defaults. Using the included shadowHash generator you can create a package that does not have the password inside of it. It can be deployed either using InstaDMG or to an existing machine via ARD.

[ewhite]

akinspe: First, thank you for this great tool, it worked for me right away and has saved a lot of time! Second, I have a question — do you think createUser.pkg should be able to create more than one user using InstaDMG by running the package twice?

I have tried using the following technique:
I copied a successful version of createUser.pkg that includes my own password_hash and username and moved the copy to a different folder inside of CustomPKG. I then edited the second createUser.pkg to have a different username and a new password_hash.
When InstaDMG runs, it installs both packages without any errors, but when I use NetRestore to image a MacBookPro, it’s only got the first user.

If you think createUser.pkg can be used this way, do you have any ideas about what I’m missing?

[dano]

I’m assuming you are editing the file named “USERDATA” (/Volumes/createUser/createUser.pkg/Contents/Resources/USERDATA). And only editing the “shortname” and “longname” properties.

For the “Unique ID” (UID) you have two options. Insert a value to define the user’s UID or don’t define anything and let the script figure out an available UID starting at #501

[dano]

…if you are manually defining your UID make sure you are not using the same UID for both accounts you are trying to create

[ewhite]

To be more specific… yes I edited the USERDATA file (Instadmg/CustomPKG/#/createUser.pkg/Contents/Resources/USERDATA)

The only difference between the two files I’ve used is the shortname and longname… otherwise they both look like this:

[code]#replace these values with your own. Comment out to use defaults
shortname=osxadmin
longname=”osxadmin”

#leave blank for next available uid
#uid=501

#leave blank for 20
gid=20

#leave blank for /bin/bash
#shell=”/bin/bash”

#leave blank for /Library/User Pictures/Nature/Zen.tif
#pic=”/Library/User Pictures/Nature/Zen.tif”

#uncomment to set password (not recommended since password is clear text)
#if blank, it will use password hash file “password_hash”
#password=”mypassword”

#guid, leave blank for auto gen
#GUID=D4F8BFC9-8EC8-4645-A739-516F59571A2E

#admin
#1 – add to admin group
#0 – don’t add to admin group
admin=1[/code]

[Rusty Myers]

I have a question about my password and the shadowhash script, I use a pipe “|” and I know why the script is failing, but if I quote the whole password, will that work? Are there other methods, short of changing my password, to fix the issue? Thanks!

[akinspe]

[quote]do you think createUser.pkg should be able to create more than one user using InstaDMG by running the package twice?[/quote]

The short answer is YES. There’s no reason that it shouldn’t be able to run twice since all it’s doing is running a bunch of dscl commands. The issues stated above are mostly likely. That either the UID isn’t different, or the GUID isn’t different. presuming you left the UID blank then it should use 501 and 502. I will see if that is indeed the case or if there’s a bug there. I didn’t test that part as throughly, but if coded properly I would expect it to work. Stay tuned…

[akinspe]

[QUOTE][u]Quote by: thespider[/u][p]I have a question about my password and the shadowhash script, I use a pipe “|” and I know why the script is failing, but if I quote the whole password, will that work? Are there other methods, short of changing my password, to fix the issue? Thanks![/p][/QUOTE]

I’m not sure I understand the question. But you shouldn’t use a pipe, it should be a greater than “>” i.e.

/path/to/shadowHash “yourpassword”>password_hash

And yes quoting it should be fine, but I haven’t done thorough tests on “exotic” passwords. In theory it should work with any ASCII characters.If you’re having trouble with a particular password, let me know. I wouldn’t expect you to tell me the password, but perhaps if there’s some wacky characters there may be an issue. Also when you say the script is failing what do you mean?

[Rusty Myers]

[QUOTE][u]Quote by: akinspe[/u][p][QUOTE][u]Quote by: thespider[/u][p]I have a question about my password and the shadowhash script, I use a pipe “|” and I know why the script is failing, but if I quote the whole password, will that work? Are there other methods, short of changing my password, to fix the issue? Thanks![/p][/QUOTE]

I’m not sure I understand the question. But you shouldn’t use a pipe, it should be a greater than “>” i.e.

/path/to/shadowHash “yourpassword”>password_hash

And yes quoting it should be fine, but I haven’t done thorough tests on “exotic” passwords. In theory it should work with any ASCII characters.If you’re having trouble with a particular password, let me know. I wouldn’t expect you to tell me the password, but perhaps if there’s some wacky characters there may be an issue. Also when you say the script is failing what do you mean?[/p][/QUOTE]

Sorry, I should have been clearer. Lets just say my password is “abra|cadabra”, without quotes the pipe is interpreted in the script, as I’m sure your aware. So I am testing with the quotes and I wasn’t sure if the quotes would then become part of the password, or not.

Again:

/path/to/shadowHash abra|cadabra>password_hash

Fails, tries to use the pipe and can’t find the cadabra program

But, I am trying

/path/to/shadowHash “abra|cadabra”>password_hash

And you say it should work. Thanks! I’ll let you know if I have any problems with it today. Cheers!

[ewhite]

[QUOTE][u]Quote by: akinspe[/u][p]The short answer is YES. There’s no reason that it shouldn’t be able to run twice since all it’s doing is running a bunch of dscl commands. The issues stated above are mostly likely. That either the UID isn’t different, or the GUID isn’t different. presuming you left the UID blank then it should use 501 and 502. I will see if that is indeed the case or if there’s a bug there. I didn’t test that part as throughly, but if coded properly I would expect it to work. Stay tuned…[/p][/QUOTE]

I tried again, this time commenting out the gid line in USERDATA, and it worked!

[thisgarryhas2rs]

I’m having a bit of a problem with the new createuser pkg. I used the first version and it worked great. I downloaded this 1.0.1 version and edited the USERDATA file and ran it in InstaDMG. The log file said it failed to run postflight. I tried tinkering it a bit but no go. I downloaded both version 1 and 1.0.1 and ran it out of the box completely default. Version 1 created the user no problem but 1.0.1 still gave me the “failed to run postflight” even when it was default. I read people said it worked right away. I’m not sure what I’m doing wrong!

Any help or troubleshooting tips are welcomed.

[akinspe]

[QUOTE][u]Quote by: thisgarryhas2rs[/u][p]I’m having a bit of a problem with the new createuser pkg. I used the first version and it worked great. I downloaded this 1.0.1 version and edited the USERDATA file and ran it in InstaDMG. The log file said it failed to run postflight. I tried tinkering it a bit but no go. I downloaded both version 1 and 1.0.1 and ran it out of the box completely default. Version 1 created the user no problem but 1.0.1 still gave me the “failed to run postflight” even when it was default. I read people said it worked right away. I’m not sure what I’m doing wrong!

Any help or troubleshooting tips are welcomed.[/p][/QUOTE]

It is _I_ that need the help. There was a really bonehead typo in the 1.0.1 script that I didn’t catch right away. I’m posting a revised version right away. Sorry!

[Rusty Myers]

[QUOTE][u]Quote by: thespider[/u][p][QUOTE][u]Quote by: akinspe[/u][p][QUOTE][u]Quote by: thespider[/u][p]I have a question about my password and the shadowhash script, I use a pipe “|” and I know why the script is failing, but if I quote the whole password, will that work? Are there other methods, short of changing my password, to fix the issue? Thanks![/p][/QUOTE]

I’m not sure I understand the question. But you shouldn’t use a pipe, it should be a greater than “>” i.e.

/path/to/shadowHash “yourpassword”>password_hash

And yes quoting it should be fine, but I haven’t done thorough tests on “exotic” passwords. In theory it should work with any ASCII characters.If you’re having trouble with a particular password, let me know. I wouldn’t expect you to tell me the password, but perhaps if there’s some wacky characters there may be an issue. Also when you say the script is failing what do you mean?[/p][/QUOTE]

Sorry, I should have been clearer. Lets just say my password is “abra|cadabra”, without quotes the pipe is interpreted in the script, as I’m sure your aware. So I am testing with the quotes and I wasn’t sure if the quotes would then become part of the password, or not.

Again:

/path/to/shadowHash abra|cadabra>password_hash

Fails, tries to use the pipe and can’t find the cadabra program

But, I am trying

/path/to/shadowHash “abra|cadabra”>password_hash

And you say it should work. Thanks! I’ll let you know if I have any problems with it today. Cheers![/p][/QUOTE]

Hi Again!!

Just an update. I finaly got around to testing it and I figured out that I can use the \ to use the |. for example:

shadowHash abra\|cadabra>password_hash

It works fine! Thanks for the awesome package!

[Author]

Posts