Help

Changing local admin account name and password?

jmarshall
New Contributor

Posted on ‎08-19-2015 06:29 AM

I need to change the local admin account's name and password. What is the best practice for this? I was thinking about creating a policy with a new local admin account with the new account name and new password. Once that has been pushed out and verified I would create a policy to delete the old local admin account. Is this the best option? Any issues I should watch out for?

0 Kudos
Reply
1 REPLY 1

andrew_nicholas
Valued Contributor

Posted on ‎08-19-2015 07:17 AM

You could write a script (or package a script if that's your thing) that makes the new account via dscl, then searches for the existing account and deletes it if found, moving its existing home drive to the new account's if you were interested in saving anything like that.

This a snippet of a script I use to create an admin account:

Variables

AdminAccount="YourAccount"
AdminPassword="YourPassword"
dsclPath="/Users/"$AdminAccount
dscl . -create $dsclPath
dscl . -create $dsclPath UserShell /bin/bash
dscl . -create $dsclPath RealName $AdminAccount
dscl . -create $dsclPath UniqueID 490
dscl . -create $dsclPath PrimaryGroupID 1000
dscl . -create $dsclPath NFSHomeDirectory '/var/.'$AdminAccount
createhomedir -c > /dev/null

SetPassword

dscl . -passwd $dsclPath $AdminPassword

Add to local admins group

dseditgroup -o edit -a $AdminAccount -t user admin

0 Kudos
Reply