I have a local admin account on several machines that are also the management account on those machines as well. Is there a way after the fact that I can go back in and hide them? I can't seem to find a policy setting or script that will do that. We need to hide the current already created ones. I did create a quick add package that will create that user and hide it on any further machines but not sure if there is easy way to hide the already existing one. Hope that makes sense.
Solved
Hiding Management Account
+8Best answer by macboy
Here it is...fairly simple and works for me. Not sure if it can tweaked any better. The first part looks to see if it exists then does what is appropriate based on if the directory exists or not.
This was done because new machines will be brought into our JSS with the account created from the QuickAdd package and hidden as well so it doesn't need to run the script. I am sure there is better way to tweak or write this script but my scripting ability is very limited and heck it works.
#!/bin/sh
# check if the <name of admin account> directory is present
if [ -d /Users/<name of admin account> ]; then
dscl . -create /Users/<name of admin account> UniqueID 401
chown -R <name of admin account> /Users/<name of admin account>
defaults write /Library/Preferences/com.apple.loginwindow Hide500Users -bool YES
mv /Users/<name of admin account>/ /var/<name of admin account>/
dscl . -create /Users/<name of admin account> NFSHomeDirectory /var/<name of admin account>
else
exit
fi
+18Why not install the QuickAdd.pkg on all of them and delete the other accounts? Then they're all the same.
+8The accounts are all the same on all machines. It is the management account we created on each. I could delete them and recreate with the QuickAdd package but was hoping I could just hide them since I am not changing them. Perhaps a script or policy to hide them. I do not need to delete the existing account.
Have you followed any of Apple's steps?
http://support.apple.com/kb/HT5017?? - How to hide a user account in OS X
+27@macboy ```
sudo defaults write /Library/Preferences/com.apple.loginwindow Hide500Users -bool YES
``` is what will remove the user from the Accounts Preference Pane after you lower the UID. You can easily create users in JAMF or with http://magervalp.github.io/CreateUserPkg/
+8Thanks to all for the input. I created a script that will do exactly what I need from information provided above.
+8Here it is...fairly simple and works for me. Not sure if it can tweaked any better. The first part looks to see if it exists then does what is appropriate based on if the directory exists or not.
This was done because new machines will be brought into our JSS with the account created from the QuickAdd package and hidden as well so it doesn't need to run the script. I am sure there is better way to tweak or write this script but my scripting ability is very limited and heck it works.
#!/bin/sh
# check if the <name of admin account> directory is present
if [ -d /Users/<name of admin account> ]; then
dscl . -create /Users/<name of admin account> UniqueID 401
chown -R <name of admin account> /Users/<name of admin account>
defaults write /Library/Preferences/com.apple.loginwindow Hide500Users -bool YES
mv /Users/<name of admin account>/ /var/<name of admin account>/
dscl . -create /Users/<name of admin account> NFSHomeDirectory /var/<name of admin account>
else
exit
fi
Have you followed any of Apple's steps?
http://support.apple.com/kb/HT5017?? - How to hide a user account in OS X
This is still valid as of today and should be the accepted answer.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.