Hidden Accounts

So is the ability to see accounts that are hidden, is that a feature of
the OS or something that Casper is controlling?

For instance, how does OS X know to look in someplace other than /Users
natively or did Casper write something somewhere to tell it to look
there?

John Wojda

Lead System Engineer, DEI & Mobility

3333 Beverly Rd. B2-338B

Hoffman Estates, IL 60179

Phone: (847)286-7855

Page: (224)532.3447

Team Lead DEI: Matt Beiriger
<mailto:mbeirig at searshc.com;jwojda at searshc.com?subject=John%20Wojda%20Fe
edback&body=I%20am%20contacting%20you%20regarding%20John%20Wojda.>

Team Lead Mobility: Chris
<mailto:cstaana at searshc.com;jwojda at searshc.com?subject=John%20Wojda%20Fe
edback&body=I%20am%20contacting%20you%20regarding%20John%20Wojda.> Sta
Ana

Mac Tip/Tricks/Self Service & Support
<http://bit.ly/gMa7TB>

"Any time you choose to be inflexible in your approach to an
unpredictable project you are already building failure into your plan"

You could create a group called "hidden users" and then add your hidden
user account to that group via dseditgroup then use the dscl command to
query your hidden accounts

jamf uses the built-in mechanism for hiding users: by adding the user to the hidden users array in loginwindow prefs and/or using a low UID and hiding < 500 users.

those are set like so:

defaults write /Library/Preferences/com.apple.loginwindow Hide500Users -bool YES
defaults write /Library/Preferences/com.apple.loginwindow HiddenUsersList -array-add user1 user2

so it's an OS function, not magic jamf dust.

Yeah sorry misread your question, like Nate said it depends on the UID to hide it from the finder and to hide it from the login window you have to edit that specific plist. Of course you can hide all accounts from the login Window so it just shows username and password fields and not a list of users.

I am pretty sure 99% of what Jamf does under the hood is using Apple tech.

What do you mean by "hidden users"?

There is a key in /Library/Preferences/com.apple.loginwindow called Hide500Users. When set to TRUE, UIDs less than 500 are hidden. They can't login at the login window, and they are hidden from the System Preferences > Accounts pane.

http://groups.google.com/group/macenterprise/browse_thread/thread/67615b4f72b39702

Walter
--
Walter Rowe, Team Lead
System Hosting Services
walter.rowe at nist.gov<mailto:walter.rowe at nist.gov>
301.975-2885

There is also the HiddenUsersList array which hides these users from Fast User Switching as well as System Preferences, and all other non-LoginWindow spots.

Effectively, both Hide500Users and HiddenUsersList need to be set in order for these user accounts to truly be hidden from the GUI.

And yes, 99% of JAMF is Apple standards in a much, much better implementation. ;)

-----------------------------
Douglas Worley Apple Certified System Administrator Apple Certified Trainer AppleCare Certified Service Trainer

Also, setting the user's home folder location somewhere outside of /Users (/private/var/myhiddenuser, for instance) makes it much harder to stumble upon it in the Finder.

Any list admins around who can update this guy's email address on the list? I'm sure I'm not the only one getting tired of the repeated messages...

It looks wherever the DS database says to look. One of the things jamf does when it sets up a hidden account is it sets that user's home folder in the DS database to somewhere in /private/var.

To further explain, in UNIX everything is a file. This includes user accounts.

Currently, user account files are stored in short-user-name.plist files in the /var/db/dslocal/nodes/Default/users/ directory. The plist file has attributes for everything, and I mean EVERYTHING about the user. One of these attributes is where that account looks for home. In theory this could be anywhere, but default is of course to put them in /Users.

Hope this helps. - D

-----------------------------
Douglas Worley Apple Certified System Administrator Apple Certified Trainer AppleCare Certified Service Trainer Certified Casper Administrator