- Jamf Nation Community
- Products
- Jamf Pro
- Hiding Management Account
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-25-2014 08:02 AM
I have a local admin account on several machines that are also the management account on those machines as well. Is there a way after the fact that I can go back in and hide them? I can't seem to find a policy setting or script that will do that. We need to hide the current already created ones. I did create a quick add package that will create that user and hide it on any further machines but not sure if there is easy way to hide the already existing one. Hope that makes sense.
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-19-2014 01:51 PM
Here it is...fairly simple and works for me. Not sure if it can tweaked any better. The first part looks to see if it exists then does what is appropriate based on if the directory exists or not.
This was done because new machines will be brought into our JSS with the account created from the QuickAdd package and hidden as well so it doesn't need to run the script. I am sure there is better way to tweak or write this script but my scripting ability is very limited and heck it works.
#!/bin/sh
# check if the <name of admin account> directory is present
if [ -d /Users/<name of admin account> ]; then
dscl . -create /Users/<name of admin account> UniqueID 401
chown -R <name of admin account> /Users/<name of admin account>
defaults write /Library/Preferences/com.apple.loginwindow Hide500Users -bool YES
mv /Users/<name of admin account>/ /var/<name of admin account>/
dscl . -create /Users/<name of admin account> NFSHomeDirectory /var/<name of admin account>
else
exit
fi
Reply
9 REPLIES 9
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-25-2014 08:04 AM
Why not install the QuickAdd.pkg on all of them and delete the other accounts? Then they're all the same.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-25-2014 08:07 AM
The accounts are all the same on all machines. It is the management account we created on each. I could delete them and recreate with the QuickAdd package but was hoping I could just hide them since I am not changing them. Perhaps a script or policy to hide them. I do not need to delete the existing account.
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-25-2014 08:10 AM
Have you followed any of Apple's steps?
http://support.apple.com/kb/HT5017?? - How to hide a user account in OS X
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-01-2022 01:10 AM
This is still valid as of today and should be the accepted answer.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-25-2014 08:35 AM
@macboy ```
sudo defaults write /Library/Preferences/com.apple.loginwindow Hide500Users -bool YES
``` is what will remove the user from the Accounts Preference Pane after you lower the UID. You can easily create users in JAMF or with http://magervalp.github.io/CreateUserPkg/
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-25-2014 11:22 AM
Thanks to all for the input. I created a script that will do exactly what I need from information provided above.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-19-2014 01:43 PM
@macboy Would you mind sharing the script? Thanks for your help!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-19-2014 01:51 PM
Here it is...fairly simple and works for me. Not sure if it can tweaked any better. The first part looks to see if it exists then does what is appropriate based on if the directory exists or not.
This was done because new machines will be brought into our JSS with the account created from the QuickAdd package and hidden as well so it doesn't need to run the script. I am sure there is better way to tweak or write this script but my scripting ability is very limited and heck it works.
#!/bin/sh
# check if the <name of admin account> directory is present
if [ -d /Users/<name of admin account> ]; then
dscl . -create /Users/<name of admin account> UniqueID 401
chown -R <name of admin account> /Users/<name of admin account>
defaults write /Library/Preferences/com.apple.loginwindow Hide500Users -bool YES
mv /Users/<name of admin account>/ /var/<name of admin account>/
dscl . -create /Users/<name of admin account> NFSHomeDirectory /var/<name of admin account>
else
exit
fi
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 05-19-2014 02:30 PM
@macboy This works great! Thanks for sharing!
