Login or Register to Ask a Question and Join Our Community


OS X (Apple)

Hidding The Administrator Account in OS X 10.5 (Leopard)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems OS X (Apple) Hidding The Administrator Account in OS X 10.5 (Leopard)
# 1  
Old 03-20-2008
Hiding The Administrator Account in OS X 10.5 (Leopard)
I would like to know how to hide my initial account (which is an administrator account) in the new Leopard 10.5 operating system.
In the old OS 10.4 this could be done very easily with the help of NetInfo Manager. You could change the UID to anything below 500 and secure your account, however in the new 10.5 OS this is no longer possible. NetInfo manager is no longer. Is there a script that can be entered via terminal that takes care of this?
In terminal you can check the user database with the following:
dscl . list /Users UniqueID

In raw UNIX you can check with the following:
cat /etc/passwd

Any pro help would be appreciated.

Smilie
Last edited by unimachead; 03-23-2008 at 01:50 AM..
# 2  
Old 03-24-2008
Try this:

sudo defaults write /Library/Preferences/com.apple.loginwindow HiddenUserList -array-add <admin_name>

Substitute <admin_name> with the admin user name. You'll probably need to reboot the system.
# 3  
Old 03-24-2008
I think also if you set the UID to under 500 it will hide it from the finder but not the loginwindow, if you use the previous line above with the sudo default write command it should do from both.

Sorry, I didn't fully read the original post. I take quick breaks from work and browse forums to clear my mind of something I am working on, and so as of a result I sometimes hastily answer things.

To answer your question about the user id, UID, you can set it by using the dscl command in OS X. For example, lets say you have a user called hidden administrator, short name hadmin

Code:
dscl . -create /Users/hadmin UniqueID 401

I am not exactly sure if you can modify a UID on a system, and I am willing to bet OS X doesn't like you doing that. I know in Work Group Manager in an OD environment you can't change the shortname nor can you change the UID once it has been generated. So, you may have to recreate your hidden user account.
Last edited by tlarkin; 11-23-2009 at 06:01 PM..
# 4  
Old 03-24-2008
MySQL Hiding The Administrator in OSX 10.5
Thanks Guys, I'll give it a shot. But I think I'm pretty close to finding what I'm looking for. I'll post as soon as I can verify the solution.
# 5  
Old 03-27-2008
I think I've found a solution for the hiding the admin account, but it took a little experimenting to get it to work. At first I had dropped the UID & GID to 102 and along with script: sudo dscl .-change /Users/pgsql UserShell "/bin/bash" "/usr/bin
false" ... it hides the account, but weirdly locks you out at the login screen.

Things seem to be much smoother by dropping the UID to 499 and the GID to 501 along with the script: defaults write /Library/Preferences/com.apple.loginwindow Hide500Users -bool YES

This hides the account well with no problems. I'm still experimenting with a few other things, but this should do the trick.
# 6  
Old 03-29-2008
Just a special thanks to Mark S. for working with us on this down in Texas.
Last edited by unimachead; 03-29-2008 at 04:39 PM..
# 7  
Old 04-24-2008
I have a script that creates this now, the script is still with in testing phases so it may or may not work 100% please use at your own risk, and if you make any tweaks let me know to make it better.

Code:
#!/bin/bash

if [ -z $1 ] ; then
	echo "usage: `basename $0` [username] [password] ([UID] optional) ([GID] optional)"
	exit 1
fi

USERNAME=$1
PASSWORD=$2
USERID=$3
GROUPID=$4

if [ `uname -r | cut -c1` = 8 ] ; then
	PATH='/NetInfo/root'
elif [ `uname -r | cut -c1` = 9 ] ; then
	PATH='/Local/Default'
else
	exit 1
fi

if [ -z $GROUPID ] || [ -z $UNIQUEID ] ; then
	GROUPID=0
	UNIQUEID=489
fi

checkUser ()
{
	if [[ `/usr/bin/dscl localhost list /Local/Default/Users | /usr/bin/grep "$USERNAME" | /usr/bin/grep -v "$USERNAME." | /usr/bin/grep -v ".$USERNAME"` == "$USERNAME" ]] ; then
		echo "the username '$USERNAME' already exists"
		exit 1
	fi
}

makeUser ()
{
	/usr/bin/sudo /usr/bin/dscl localhost create $PATH/Users/$USERNAME
	/usr/bin/sudo /usr/bin/dscl localhost create $PATH/Users/$USERNAME PrimaryGroupID 0
	/usr/bin/sudo /usr/bin/dscl localhost create $PATH/Users/$USERNAME UniqueID 0
	/usr/bin/sudo /usr/bin/dscl localhost create $PATH/Users/$USERNAME UserShell /bin/bash
	/usr/bin/sudo /usr/bin/dscl localhost passwd $PATH/Users/$USERNAME $PASSWORD
	/usr/bin/sudo /usr/bin/dscl localhost append $PATH/Groups/admin GroupMembership $USERNAME
}

moveUser ()
{
    /bin/echo "creating new admin account homedir..."
	/bin/mkdir -p /var/home/$USERNAME
	/usr/bin/ditto -rsrc -V /System/Library/User\ Template/English.lproj/ /var/home/$USERNAME/
	/usr/sbin/chown -Rf $USERNAME:admin /var/home/$USERNAME
	/bin/echo "confirming what we just did..."
	/bin/ls /var/home/$USERNAME/
	/usr/bin/id $USERNAME
	/bin/echo "if that looks good, we're all set."
}	

deleteUser ()
{
	/usr/bin/sudo /usr/bin/dscl localhost delete $PATH/Users/$USERNAME
	/usr/bin/sudo /usr/bin/dscl localhost delete $PATH/Groups/admin GroupMembership $USERNAME
}

hideUser ()
{
	/usr/bin/sudo /bin/cp -n /Library/Preferences/com.apple.loginwindow.plist /Library/Preferences/com.apple.loginwindow.plist.backup
	/usr/bin/sudo /usr/bin/defaults write /Library/Preferences/com.apple.loginwindow Hide500Users -bool TRUE
	/usr/bin/sudo /usr/bin/defaults write /Library/Preferences/com.apple.loginwindow HiddenUsersList -array $USERNAME
	/usr/bin/sudo /usr/bin/defaults write /Library/Preferences/com.apple.loginwindow SHOWOTHERUSERS_MANAGED -bool FALSE
}

checkUser
makeUser
moveUser
hideUser
#deleteUser

You will need to fill in the blanks, and it also moves the hidden account's home directory to /private/var/home
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Create a shell script to gather user account information and displays the result to administrator

I want to create a shell script to gather user account information and displays the result to administrator. I have created a script but its showing all the information when i search for username like: amit@mx:~$ ./uinfo.sh amit Username : amit User Info ... (2 Replies)
Discussion started by: amit1986
2 Replies

2. Windows & DOS: Issues & Discussions

What happens to your skype account if you close outlook.com email account?

Hello, Does anyone know what happens to your skype account if you close the outlook.com email account which are linked together? As you know they are both owned by Microsoft. Thanks (0 Replies)
Discussion started by: milhan
0 Replies

3. How to Post in the The UNIX and Linux Forums

Simultaneously try to execute commands after connecting to remote account to one account

I have made password less connection to my remote account. and i tried to execute commands at a time. but i am unable to execute the commands. ssh $ACCOUNT_DETAILS@$HOST_DETAILS cd ~/JEE/*/logs/ (1 Reply)
Discussion started by: kishored005
1 Replies

4. Forum Support Area for Unregistered Users & Account Problems

Restart old account, change email for account

Hi there, I may have had a typo in my email previously provided. I have doublechecked my email for Scott's reply but havent seen it, so I am creating a new post. My new email can be either one of these: <removed> or <removed> I beleive my old email was <removed by admin> thanks for your... (1 Reply)
Discussion started by: AKelam_MagnusA
1 Replies

5. Linux

Apply disk quota to account(dedicate 3 GB to account).

Hi , I am faceing lot of problem due to "disk space is not enough". senerio is like as, In system has 5 account. a,b,c,d,e say account c if very critical. Due to other user's data, user 'c' is faceing disk space issue. I want to dedicate 3 GB for user 'c'. No user... (1 Reply)
Discussion started by: ashokd009
1 Replies

6. What is on Your Mind?

Unix Administrator and Linux Administrator transition

Hello Unix Experts, I'm going to be graduating with a CIS (Computer Information Systems) degree in the coming year. I have been offered an internship with a job title of Unix Administrator under a well known company. I understand that Unix is used for high-end servers in many large... (1 Reply)
Discussion started by: brentmd24
1 Replies

7. UNIX for Dummies Questions & Answers

Change Account to not lock account if password expires

I have access to 15+ UNIX boxes at work, and I do not consistently log onto all of them over time. When I do try to access one I havent been on in awhile, my account is locked as the password has expired. I need to request to the UNIX SA's that the password expiration is 90 days and that if it... (1 Reply)
Discussion started by: stringzz
1 Replies

8. UNIX for Dummies Questions & Answers

Setting an account to be a non-login account automatically?

Is there a way to easily change an account to be a non login account (NP in the shadow) file? I know I can just edit the file but that is not what we want to do. We use access control software and want to provide a way to set an account to be non-login using simple commands that can be mapped... (0 Replies)
Discussion started by: LordJezo
0 Replies

9. UNIX for Dummies Questions & Answers

Hidding Files in UNIX

:o ! HELLO SIR, 1) In UNIX how to hide & unhide a file. What are the Commands are there . ----------- :confused: 2) One more thing is that when i using WILD CARDS .The commands are not working Properly. Why like that. Please help me . (3 Replies)
Discussion started by: smdakram
3 Replies
Login or Register to Ask a Question