Remove Local User Accounts by UID

New Contributor

I'm looking to remove six local user accounts from a group of MacBooks. The user names are all different, but they all have the user IDs 501 through 506. Is there a command or script that I can add to a policy to make this happen?


Contributor III

So you just need a way to ferret out the account names?

    condemned=$(dscl /Local/Default -search /Users UniqueID 50$i | cut -sf1);
         if [[ -n "$condemned" ]]; then 
            # Add preferred account nuking script or policy trigger here. Item below is not sufficient.
            dscl /Local/Default -delete /Users $condemned

Legendary Contributor III

Are you looking only to remove the user accounts from directory services, or the home folders for them as well?

New Contributor

I would prefer to wipe the home folders.
Would a line such as the below work in joshuasee's script?

rm -rf/Users $condemned

Honored Contributor II
Honored Contributor II

If you change it to:

rm -rf /Users/$condemned

added after the dscl -delete command, that should do it.

Contributor III

That will work for most purposes, but keep in mind groups memberships would not be cleaned up, so a future user created with the same ID may magically become admin or end up in groups you don't expect. Password hashes may be left behind, though would be unlikely to affect future users. Also, make sure you're comfortable with assuming the home folder is in /Users/, it isn't always. Scripts to delete a user can get pretty elaborate depending on how many edge cases you want to cover and how thorough a job you want to do.

Superuser - How can I delete a Mac OS X user account from Command Line?