Skip to main content
Solved

Deploy Custom User

C
Forum|alt.badge.img+16

I know this is possible, but I cannot figure out the best means of accomplishing this. I'm hoping it is possible to build out a single pkg or dmg in Composer.

Here's what I'm looking to do:
Deploy a custom user including pre-set password, custom settings such as desktop background, dock icons, bookmarks, and login items.

I've managed to accomplish this by using three parts: a pkg, a dmg, and a script.

Currently, I build out the user profile exactly as I would like it to appear and then use Composer to create a dmg that contains the user account. Then I use CreateUserPkg to specify the desired username, shortname, password, type, etc. Finally, I run a simple script that performs a chown -R for the name of the user account being created.

I'm positive there's a simpler way to do this and that's exactly why I'm reaching out here. What would be the best means to have one single package that can do all of the above?

Thank you.

Best answer by mm2270

You shouldn't need to capture the user account by itself as a .dmg file. It can be captured in Composer but before building it out you can add your custom CreateUserPkg package into it by first placing/copying that package into a location like /private/tmp/, then dragging it back into Composer. Composer will add it into the Source list and add in the path to where you dragged it in from. Your end result should look something like this-

/private/
     /tmp/
         CreateUserPkgName.pkg
/Users/
     username

From there, turn down the Source details and add in a shell script by right clicking on the Scripts folder and choosing "postinstall" from the list of shell scripts.
In that script, add something similar to this:

#!/bin/sh

/usr/sbin/installer -pkg /private/tmp/CreateUserPkgName.pkg -tgt /

/usr/sbin/chown -R username /Users/username

This will install the CreateUserPkg package after the main package has deployed both the template home directory into /Users/ and your CreateUserPkg installer into /private/tmp/ And finally, use your chown command to set the ownership on the user home directory.
Now build it out as a pkg installer from Composer instead of a .dmg, and you should have a single package that does what you previously had 3 different items doing.

BTW, I'm not certain if that last line is all that's needed or even right. You may also need to a chmod command or three to properly set the permissions. User home directories have special permissions on some folders within the home that aren't sufficiently taken care of with a simple chown -R command, but if this is more or less a throw away account, I suppose it doesn't matter too much. If on the other hand this is an account someone will be using, you may want to look into some additional script commands to correct the permissions.

View original
    Did this topic help you find an answer to your question?

    8 replies

    mm2270
    Forum|alt.badge.img+16
    • mm2270
    • Legendary Contributor
    • 7880 replies
    • Answer
    • March 26, 2014

    You shouldn't need to capture the user account by itself as a .dmg file. It can be captured in Composer but before building it out you can add your custom CreateUserPkg package into it by first placing/copying that package into a location like /private/tmp/, then dragging it back into Composer. Composer will add it into the Source list and add in the path to where you dragged it in from. Your end result should look something like this-

    /private/
     /tmp/
         CreateUserPkgName.pkg
/Users/
     username

    From there, turn down the Source details and add in a shell script by right clicking on the Scripts folder and choosing "postinstall" from the list of shell scripts.
    In that script, add something similar to this:

    #!/bin/sh

/usr/sbin/installer -pkg /private/tmp/CreateUserPkgName.pkg -tgt /

/usr/sbin/chown -R username /Users/username

    This will install the CreateUserPkg package after the main package has deployed both the template home directory into /Users/ and your CreateUserPkg installer into /private/tmp/ And finally, use your chown command to set the ownership on the user home directory.
    Now build it out as a pkg installer from Composer instead of a .dmg, and you should have a single package that does what you previously had 3 different items doing.

    BTW, I'm not certain if that last line is all that's needed or even right. You may also need to a chmod command or three to properly set the permissions. User home directories have special permissions on some folders within the home that aren't sufficiently taken care of with a simple chown -R command, but if this is more or less a throw away account, I suppose it doesn't matter too much. If on the other hand this is an account someone will be using, you may want to look into some additional script commands to correct the permissions.

    C
    Forum|alt.badge.img+16
    • cstout
    • Author
    • Employee
    • 210 replies
    • April 1, 2014

    Hi Mike,

    I'm finally able to try your recommendation but I'm stuck at the first step. When I make the pkg from CreateUserPkg and drag it into Composer it only adds as a package, not a source. I can convert it to a source, but then it loses its directory (/private/tmp/). Am I missing something?

    C
    Forum|alt.badge.img+16
    • cstout
    • Author
    • Employee
    • 210 replies
    • April 1, 2014

    I found my issue. I was trying to start with draggin the pkg into Composer. If I start with dragging the user folder in, then I'm able to easily drag the pkg in and get the proper directory structure for the file. I'll report back with the results. Thanks again.

    C
    Forum|alt.badge.img+16
    • cstout
    • Author
    • Employee
    • 210 replies
    • April 1, 2014

    Mike, you're a genius. That works flawlessly. Thank you very much.

    H
    Forum|alt.badge.img+4
    • hunter99
    • Contributor
    • 19 replies
    • December 15, 2014

    So I have tried the separate method and the instructions that mm2270 posted to do this without any luck.

    To go back I started with a package of the user home folder that has settings applied. I then used CreateUserPkg to create a package of that user and then a script to apply the permissions to the /User/username folder of the account that is added. I can get all of the root folders to work as they should using the following script but cannot get the Library subfolders, etc to take the permissions.

    This is what I have done so far.

    #!/bin/sh

    sudo chown -R -N /Users/macadmin
    sudo chown -R macadmin:admin /Users/macadmin
    sudo chown -R +rw macadmin /Users/macadmin/Desktop
    sudo chown -R +rw macadmin /Users/macadmin/Documents
    sudo chown -R +rw macadmin /Users/macadmin/Downloads
    sudo chown -R +rw macadmin /Users/macadmin/Library
    sudo chown -R +rw macadmin /Users/macadmin/Movies
    sudo chown -R +rw macadmin /Users/macadmin/Music
    sudo chown -R +rw macadmin /Users/macadmin/Pictures
    sudo chmod -R 600 /Users/macadmin

    done

    I also just applied permissions on the user folder itself without adding the others and then no folders have rights. Lastly, I did try to apply this as mm2270 showed above and the user account does not even create. I'm stuck. I admit this part is a little new to me I just need this one customer account to be setup whenever we image a system or setup a new one. Any help I would appreciate.

    emily
    Forum|alt.badge.img+24
    • emily
    • Employee
    • 870 replies
    • December 15, 2014

    Why not create a policy using the JSS's ability to create local accounts, then scope the policy to machines via AD groups or dummy receipts or something?

    ekw | jamf @ jamf
    H
    Forum|alt.badge.img+4
    • hunter99
    • Contributor
    • 19 replies
    • December 16, 2014

    I looked into doing that but couldn't find a way to use the home folder I was dropping in. I also tried to use scripts and configuration profiles to setup the local account but without any luck either. Now I am not the best at scripting either.

    If I could just get the chown command to work all the way down through the user sub folders then I could just add it to the end of the policy and make it apply during post imaging. Had the same issue.

    It would be cool if I could have a pre-built option for a user folder with the local account policy. I just don't see much interest from most people.

    H
    Forum|alt.badge.img+7
    • hphan
    • Contributor
    • 14 replies
    • February 24, 2017

    Sorry to bring this post back to life but would like to learn more for the original poster cstout or mm2270 user.

    Let assume that we want to package a custom user named Test. I drag the Test user home directory into Composer. I'm confused about the package created from CreateUserPkg. Do we use Composer to monitor the entire HDD for any folder & file changes while creating the Test user? or do we drag the Test user home directory into Composer? Where do we add that package?

    Thank you!

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settingsAccessibility statement

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings