Migrating from AD account to Local Accounts and getting password errors

Valued Contributor II

I'm working on a project to convert our AD accounts to local accounts. So far in testing my script works EXCEPT that the generic password being set in the script doesn't apply. I'm having to go into another administrator account and reset the password manually.


# AD Migration.sh
#  Created by Ed Corfman on 8/28/19.
# Get list of users
listUsers="$(/usr/bin/dscl . list /Users UniqueID | awk '$2 > 1000 {print $1}') FINISHED"

until [ "$user" == "FINISHED" ]; do

/usr/bin/printf "%b" "a

Select a user to convert or select FINISHED:
" >&2
select netname in $listUsers; do

if [ "$netname" = "FINISHED" ]; then
/bin/echo "Finished converting users to local accounts"
exit 0

# Grab variables
shortname=$(dscl "/Active Directory/ORGNAME/All Domains/" -read /Users/"$netname" mailNickname | awk '{print $NF}')
realname=$(dscl "/Active Directory/ORGNAME/All Domains/" -read /Users/"$netname" RealName | sed 's/^ *//' | grep -v Real)

# start heavy lifting

mv /Users/$netname /Users/$shortname

if [ -d /Users/$netname/$shortname ]; then
rm -rf /Users/$netname/$shortname

/usr/bin/dscl . -delete "/Users/$netname"

sysadminctl -addUser $shortname -fullName "$realname" -home /Users/"$shortname" -password "password" -hint "The default password is set to password" -adminUser "ServiceAccount" -password "ServicePassword"

/usr/sbin/chown -R "$shortname":staff /Users/"$shortname"


Anyone had issues with creating accounts with sysadminctl and passwords not applying? I don't care what the password is because once the user logs in the first time, I'll force a current password sync with Enterprise Connect. Anyone got any suggestions?