Replacing niload with ds* tools??

[ssevenup]

Has anyone looked at how to replace niload with the ds* tools for creating user accounts from command line or scripts? My need for inserting mcx properties makes things complicated. This is on 10.4 (not Server) by the way.

nidb_power()
{
niload -r /users/$uname . <<EOF
{
  "name" = ( "$uname" );
  "_writers_picture" = ( "$uname" );
  "shell" = ( "$shell" );
  "_writers_hint" = ( "$uname" );
  "sharedDir" = ( "" );
  "home" = ( "$home" );
  "gid" = ( "$gid" );
  "authentication_authority" = ( ";ShadowHash;" );
  "_writers_realname" = ( "$uname" );
  "picture" = ( "/Library/User Pictures/Nature/Zen.tif" );
  "passwd" = ( "********" );
  "realname" = ( "$irl" );
  "hint" = ( "" );
  "_shadow_passwd" = ( "" );
  "uid" = ( "$uid" );
  "generateduid" = ( "$UUID" );
  "passwordpolicyoptions" = ( "<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<!DOCTYPE plist PUBLIC \"-//Apple Computer//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">
<plist version=\"1.0\">
<dict>
	<key>canModifyPasswordforSelf</key>
	<integer>1</integer>
	<key>expirationDateGMT</key>
	<date>1969-12-31T23:59:59Z</date>
	<key>hardExpireDateGMT</key>
	<date>1969-12-31T23:59:59Z</date>
	<key>isSessionKeyAgent</key>
	<integer>0</integer>
	<key>maxChars</key>
	<integer>0</integer>
	<key>maxFailedLoginAttempts</key>
	<integer>0</integer>
	<key>maxMinutesOfNonUse</key>
	<integer>0</integer>
	<key>maxMinutesUntilChangePassword</key>
	<integer>0</integer>
	<key>maxMinutesUntilDisabled</key>
	<integer>0</integer>
	<key>minChars</key>
	<integer>8</integer>
	<key>passwordCannotBeName</key>
	<integer>1</integer>
	<key>requiresAlpha</key>
	<integer>1</integer>
	<key>requiresNumeric</key>
	<integer>1</integer>
	<key>usingExpirationDate</key>
	<integer>0</integer>
	<key>usingHardExpirationDate</key>
	<integer>0</integer>
	<key>usingHistory</key>
	<integer>0</integer>
</dict>
</plist>
" );
  "mcx_settings" = ( "<?xml version=\"1.0\" encoding=\"UTF-8\"?>
<!DOCTYPE plist PUBLIC \"-//Apple Computer//DTD PLIST 1.0//EN\" \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\">
<plist version=\"1.0\">
<dict>
	<key>mcx_application_data</key>
	<dict>
		<key>com.apple.Classic</key>
		<dict>
			<key>Forced</key>
			<array>
				<dict>
					<key>mcx_data_timestamp</key>
					<date>2005-03-18T18:30:35Z</date>
					<key>mcx_preference_settings</key>
					<dict>
						<key>ClassicRedirectUserFolders</key>
						<true/>
					</dict>
				</dict>
			</array>
		</dict>
		<key>com.apple.systempreferences</key>
		<dict>
			<key>Forced</key>
			<array>
				<dict>
					<key>mcx_data_timestamp</key>
					<date>2005-03-18T18:30:35Z</date>
					<key>mcx_preference_settings</key>
					<dict>
						<key>EnabledPreferencePanes</key>
						<array>
							<string>com.apple.preference.desktoppictures</string>
							<string>com.apple.preference.dock</string>
							<string>com.apple.preference.general</string>
							<string>com.apple.Localization</string>
							<string>com.apple.preference.screensaver</string>
							<string>com.apple.preference.universalaccess</string>
							<string>com.apple.preference.keyboard</string>
							<string>com.apple.preference.sound</string>
							<string>com.apple.preference.classic</string>
							<string>com.apple.preference.quicktime</string>
							<string>com.apple.preference.displays</string>
							<string>com.apple.preference.energysaver</string>
							<string>com.apple.preference.digihub.discs</string>
							<string>com.apple.preferences.Bluetooth</string>
							<string>com.apple.preference.datetime</string>
							<string>com.apple.preference.internet</string>
							<string>com.apple.preferences.sharing</string>
							<string>com.apple.preferences.users</string>
							<string>com.apple.preference.expose</string>
							<string>com.apple.preference.network</string>
							<string>com.apple.preference.security</string>
							<string>com.apple.preference.desktopscreeneffect</string>
							<string>com.apple.preference.printfax</string>
						</array>
					</dict>
				</dict>
			</array>
		</dict>
	</dict>
</dict>
</plist>
" );
}
EOF
}

[ssevenup]

[QUOTE BY= MacTroll] IIRC I’ve used dscl with the output of a preformated MCX blob to do this.

For example, populate the MCX as needed then

dscl localhost read /Search/Users/joel MCXSettings > mcxblob.txt

Then load it into the new user as

dscl localhost create /Search/Users/marc MCXSettings `cat mcxblob.txt`

I haven’t looked at the format, but it should be easy enough to generate from scratch too.[/QUOTE]
So far that appears to totally bork the xml formating. I have tried using a “here” document in my bash script but no luck there either so far. I may be stuck with niload for the mcx stuff for now.

[ssevenup]

[QUOTE BY= MacTroll] Yeah, I see the same thing. Coming out is fine, but the loading in isn’t.

In the back of my mind, I know I’ve done this with the mail attribute for a user….

I’m going to think some more.[/QUOTE]
[QUOTE BY= MacTroll] Yeah, I see the same thing. Coming out is fine, but the loading in isn’t.

In the back of my mind, I know I’ve done this with the mail attribute for a user….

I’m going to think some more.[/QUOTE]
I managed to get this working perfectly. I’m not sure why I could never get it to work on the command line? Once I made the shell script variable per your suggestion:

mcx_apps=`cat "$basepath"/Contents/Resources/mcx_apps.xml`
mcx_flags=`cat "$basepath"/Contents/Resources/mcx_flags.xml`
mcx_prefs=`cat "$basepath"/Contents/Resources/mcx_prefs.xml`

dscl -q /NetInfo/DefaultLocalNode -create /Users/"${uname}" "mcx_flags" "${mcx_flags}"
dscl -q /NetInfo/DefaultLocalNode -create /Users/"${uname}" "mcx_settings" "${mcx_prefs}"
dscl -q /NetInfo/DefaultLocalNode -append /Users/"${uname}" "mcx_settings" "${mcx_apps}"

I have password policy, pref and app control… the full boat The only remaining issue is that I can’t find any way to push properties with empty values via dscl.
_shadow_passwd:
sharedDir:
AuthenticationHint:

[ssevenup]

By the way I believe I verified that even if the xml format “looks” all screwed up it appears to still work. That being said, my current method preserves the formatting quite nicely.

[Author]

Posts