Jamf Nation Community

Is the admin account on your Macs consistent? If so, it should be easy to script grabbing all local accounts with UIDs of 501 and up and exclude your admin from it. Something like this would work-

dscl . list /Users UniqueID | awk '$2 > 500 { print $1 }' | grep -v admin

You can use the above to build a list in the script that you then run through a 'for' loop to use in a delete command.

@ mm2270: Yeah the name of the admin account is consistent across the board.

@Matt: Does ACCOUNT signify the account name I need to supply? Wouldn't the third line erase the admin account if that is the case?

The script is just for removing users you know of. mm2270's script will actually traverse the local directory for accounts over 501 and remove. You will need to make sure that your admin accounts are not using < 500 UID's. In our environment we give all our service accounts UID's in the 100's.

If your admin account is hidden, i.e, using a sub 501 UID, then my example will still work. In fact, you wouldn't even need to add the grep -v admin part at all. You'll end up with a list of all the user accounts that are not your local hidden admin that can then be sent into something like

for i in $userList; do
    dscl . -delete /Users/$i
    rm -rf /Users/$i
done

Just make sure you assign the $UserList variable using the first bit, as in

UserList=`dscl . list /Users UniqueID | awk '$2 > 500 { print $1 }' | grep -v admin`

Exlude the last part of "| grep -v admin" if you don't need that.

Note that I just typed that all up very quickly, so please don't just take my word that it all works. Test it out carefully.

I have all my admins hidden and under 500 UID. Is it possible to have a script that deletes any admins over 500 without deleting any Active Directory accounts that are over 500 but could be admin or standard as well?