AFP548

Hiding Local Accounts in Leopard

knowmad
Hello, I have been banging my head against this one for a week plus. I have seen no good answers anywhere. It USED to be in TIGER and before that if you changed the UID to be below 500, you got an account that did not show up in the accounts pane and the login window. Move the home directory to someplace hidden, like /var and you had an essentially hidden local user account. Very useful for troubleshooting and keeping paranoid users from deleting your local admin/resource account. Now, that does not seem to work. I did search the forums here and found this discussion: [url]http://tinyurl.com/2vwann[/url] but it is not the answer. I also posted over at Mac OSX Hints and started this discussion: [url]http://forums.macosxhints.com/showthread.php?t=80670[/url] I can tell you that apple says the machine accounts are all below UID and GID 100. No help. I can tell you that several people have suggested using DSCL to create the account manually... [code]$ sudo dseditgroup -o create -i 102 -r "USERNAME" USERNAME $ sudo dscl . > create /Users/USERNAME > create /Users/USERNAME UniqueID 102 > create /Users/USERNAME UserShell /bin/bash > create /Users/USERNAME RealName "USERNAME" > create /Users/USERNAME NFSHomeDirectory /usr/local/USERNAME > create /Users/USERNAME PrimaryGroupID 102 > create /Users/USERNAME Password * > quit $ sudo mkdir -p /usr/local/USERNAME/ $ sudo chown -R USERNAME:USERNAME /usr/local/USERNAME[/code] (this was originally suggested here: [url]http://tinyurl.com/3b9ub9[/url] which has its own discussion attached) This seems to work for some but not for me or any of my co-workers whom I have shanghaied into testing this for me. I get an odd thing with it, it seems at first to work but on second login by any account, the cache must be updated because all of a sudden I can see the account in question.... So what am I doing wrong? Should the DSCL manually account creation work to make hidden users and something about my setup (a fresh install off the GM Disc, no changes to the OS, no network accounts, local only authentication, nothing special at all, completely clean) is messing it up? Are all those who say it works simply not checking back after the DS Cache updates? Anyone have a suggestion on where else to look for answers? Any help/guidance is GREATLY appreciated (constructive criticism too). Thanks either way, Knowmad PS i forgot to mention that although the code here marks it as using UID/GID 102, I have also tried it using UID/GID below 100... multiple times with multiple names.... no luck
Exit mobile version