Hello,
I have been banging my head against this one for a week plus. I have seen no good answers anywhere.
It USED to be in TIGER and before that if you changed the UID to be below 500, you got an account that did not show up in the accounts pane and the login window. Move the home directory to someplace hidden, like /var and you had an essentially hidden local user account. Very useful for troubleshooting and keeping paranoid users from deleting your local admin/resource account.
Now, that does not seem to work. I did search the forums here and found this discussion: [url]http://tinyurl.com/2vwann[/url] but it is not the answer. I also posted over at Mac OSX Hints and started this discussion: [url]http://forums.macosxhints.com/showthread.php?t=80670[/url]
I can tell you that apple says the machine accounts are all below UID and GID 100.
No help.
I can tell you that several people have suggested using DSCL to create the account manually…
[code]$ sudo dseditgroup -o create -i 102 -r “USERNAME” USERNAME
$ sudo dscl .
> create /Users/USERNAME
> create /Users/USERNAME UniqueID 102
> create /Users/USERNAME UserShell /bin/bash
> create /Users/USERNAME RealName “USERNAME”
> create /Users/USERNAME NFSHomeDirectory /usr/local/USERNAME
> create /Users/USERNAME PrimaryGroupID 102
> create /Users/USERNAME Password *
> quit
$ sudo mkdir -p /usr/local/USERNAME/
$ sudo chown -R USERNAME:USERNAME /usr/local/USERNAME[/code]
(this was originally suggested here: [url]http://tinyurl.com/3b9ub9[/url] which has its own discussion attached)
This seems to work for some but not for me or any of my co-workers whom I have shanghaied into testing this for me. I get an odd thing with it, it seems at first to work but on second login by any account, the cache must be updated because all of a sudden I can see the account in question….
So what am I doing wrong? Should the DSCL manually account creation work to make hidden users and something about my setup (a fresh install off the GM Disc, no changes to the OS, no network accounts, local only authentication, nothing special at all, completely clean) is messing it up?
Are all those who say it works simply not checking back after the DS Cache updates?
Anyone have a suggestion on where else to look for answers?
Any help/guidance is GREATLY appreciated (constructive criticism too).
Thanks either way,
Knowmad
PS i forgot to mention that although the code here marks it as using UID/GID 102, I have also tried it using UID/GID below 100… multiple times with multiple names…. no luck
no luck. It does hide the account, it also makes it not possible to log into the account except from the command line….
need a better answer and a full explanation…. anyone?
“defaults write /Library/Preferences/com.apple.loginwindow Hide500Users -bool YES” worked for me.
It hides it in the accounts pref pane, the login window, and the fast user switch menu.
I’m still missing something, because simply running this command did not hide my admin account. Please answer the following.
1. In Leopard do I still need to change my admin account’s UID to something below 500, before running the above command?
2. In Leopard now that NetInfo is gone, Is there a place in the GUI to change a UID? Where?
3. What is the command line to change an admin account’s UID?
4. Will I still need the “setfile” command to hide the hidden accounts user directory?
5. I noticed in some replies directions using the dscl command should I have been following those procedures prior to changing the plist?
1. Yes
2. I haven’t found it if there is 1. Though you could probably use workgroup manager. Command line is rather easy though.
3. sudo dscl .
> change /Users/USERNAME UniqueID old# new#
you an also check knowmad’s post and just use change with old value and new value instead of create
4. Easier to just move it to /var or something like that. Same as above command only use NFSHomeDirectory and paths instead of UniqueID
5. Doesn’t matter if you change plist with defaults first or if you change ID first.
Comments are closed