Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Scripting User Account Removal
Operating Systems OS X (Apple) Scripting User Account Removal Post 302602970 by [MA]Flying_Meat on Tuesday 28th of February 2012 08:36:50 PM
Old 02-28-2012
"Users log in with their AD accounts and user folders are created locally and pulled from the default new user template that I've modified to suit our environment."

I presume the account credentials are cached locally. If not, then all you have to do is remove the home folder.

If the account credentials are cached locally, then the user can log in without a network connection. You will need to delete the locally cached user account data using the dscl command.

You can try:
dscl localhost -read...
or:
dscl localonly -read...

But dscl . -read... is valid according to the man page for dscl:
man dscl

ldap may be a dead end, as you are binding machines to AD, which doesn't generally require configuring the generic ldap directory service at all.
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

creatin user account

hi all, i m tryin to create a new account on the unix work station. do i use 'useradd' command? can u guyz advice on the usage of 'useradd' command as it can comes with 'useradd -D' or 'useradd -e' thanks :confused: (1 Reply)
Discussion started by: damian
1 Replies

2. Post Here to Contact Site Administrators and Moderators

user account

hi how to disable the useraccount in aix (should not remove). (1 Reply)
Discussion started by: chomca
1 Replies

3. UNIX for Dummies Questions & Answers

Difference between : Locked User Account & Disabled User Accounts in Linux ?

Thanks AVKlinux (3 Replies)
Discussion started by: avklinux
3 Replies

4. Shell Programming and Scripting

How to suspend a user account?

Hi, guys. I have two questions: I need to write a script, which can show all the non-suspended users on system, and suspend the selected user account. There are two things I am not sure: 1. How can I suspend user's account? What I think is: add a string to the encrypted password in shadow... (2 Replies)
Discussion started by: daikeyang
2 Replies

5. Red Hat

RPM Updation & Keeping User Change files during removal

Hi All, I have a RPM for an Java based application. Currently it works fine. But recently I want to implement that when newer packages gets installed over the older one, the rpm should only update the older files with the newer one (I know this could be done by rpm -Uvh xxx.rpm), but it... (0 Replies)
Discussion started by: jw_amp
0 Replies

6. Cybersecurity

Please help identify these user account

Please help me identify these user accounts.. bin, lp, nuucp, smbnull, mysql, tftp Can we remove these user or disable these users?We have to apply the security policy about the user identification.Since it was settup by our vendor long time ago. We do not have these informations about these... (3 Replies)
Discussion started by: rdstkg
3 Replies

7. Red Hat

User Account Sync

Hi All, I want to know is there any way where if i add a user in a centos machine the can be replicated to another centos automatically. As i have setup DRBD with heartbeat for apache webserver everything is working fine but the only thing im stuck in is about system account for ftp. Can any... (3 Replies)
Discussion started by: search4u2003
3 Replies

8. Linux

User Account Policy

Hi, i have the following config in the system-auth files auth required /lib/security/$ISA/pam_env.so auth sufficient /lib/security/$ISA/pam_unix.so likeauth nullok auth required /lib/security/$ISA/pam_deny.so account required ... (2 Replies)
Discussion started by: yprudent
2 Replies

9. HP-UX

User account

I need to check actual date a user was disabled on my HP-UX server. Audit is claiming the user account was active during the last audit exercise. (7 Replies)
Discussion started by: cyriac_N
7 Replies

LEARN ABOUT OSX

dsexport

dsexport(1)						    BSD General Commands Manual 					       dsexport(1)

NAME

     dsexport -- export records from OpenDirectory

SYNOPSIS

     dsexport [--N] [-r record_list] [-e exclude_attributes] [-a address -u username [-p password]] output_file node_path record_type

DESCRIPTION

     The dsexport utility exports records from Open Directory.

     The first argument is the path to the output file.  If the file already exists it will be overwritten.

     The second argument is the path to the OpenDirectory node from which the records will be read.

     The third argument is the type of record to export.  If the record type does not begin with 'dsRecTypeStandard:' or 'dsRecTypeNative:', the
     dsexport utility will determine if the node supports a standard attribute by the specified name; otherwise, dsexport will assume that the
     record type is native.  A warning will be printed if the record type is converted.  Standard record types can be listed using the following
     command: 'dscl -raw . -list /'.

OPTIONS

     The options are as follows:

     --N     Export all attributes, including native attributes.  By default, dsexport only exports standard attributes.

     -r record_list
	     Comma-separated list of records to export from the specified node.  The -r option may be used multiple times to specify additional
	     records to export.  If the -r option is not specified, dsexport will attempt to export all records.

     -e exclude
	     Comma-separated list of attributes that should not be exported.  The -e option may be used multiple times to specify additional
	     attributes to exclude.  The following attributes are always excluded: 'dsAttrTypeStandard:AppleMetaNodeLocation',
	     'dsAttrTypeStandard:RecordType', 'dsAttrTypeNative:objectClass'.

     -a address
	     Address of the desired proxy machine.

     -u username
	     Username to use for the proxy connection

     -p password
	     Password to use for the proxy connection.	If the -p option is not specified, dsexport will interactively prompt for the password.

NOTES

     When using an LDAP node, please be aware that dsexport can only export as many records as the LDAP server is willing to return.  If the LDAP
     server has several thousand users, you may want to raise the maximum number of search results that the server returns.  This can be done in
     Server Admin (my.server.com>OpenDirectory>Settings>Protocols tab).  By default this is set to 11000 results.

EXAMPLES

     Export all user records from the local node to 'export.out':

	   $ dsexport export.out /Local/Default dsRecTypeStandard:Users

     Export the group records for 'admin' and 'staff' from the LDAPv3 node on a proxy machine 'proxy.machine.com':

	   $ dsexport export.out /LDAPv3/127.0.0.1 dsRecTypeStandard:Groups -r admin,staff -a proxy.machine.com -u diradmin -p password

     Export augmented users from the LDAPv3 node, including native attributes but excluding the PasswordPlus attribute:

	   $ dsexport augments.out /LDAPv3/127.0.0.1 dsRecTypeStandard:Augments --N -e "dsAttrTypeStandard:PasswordPlus"

EXIT STATUS

     The dsexport utility exits 0 on success, and >0 if an error occurs.

SEE ALSO

     dscl(1), dsimport(1), DirectoryService(8)

BSD
								 20 November 2008							       BSD
All times are GMT -4. The time now is 07:47 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy