I want to create a “developers” group on my OS-X system. I’m executing: sudo dscl . -create /groups/developers sudo dscl . -append /groups/developers passwd ‘blah’ My understanding from reading various sources is that I should assign an id to the group with sudo dscl . -append /groups/developers gid xxx where xxx is the desired id. My question is, what is an appropriate value for xxx? Is there a convention? Are there any BAD choices? Do [...]Continue Reading »
Because of a very faulty script my root’s PrimaryGroupID is 101 and UniqueID is 101. I have still an access to root, I can run sudo from my admin account, but the sudo and root do not have all the necessary rights obviously. I can read dscl output, for instance: dscl . -read /Users/root PrimaryGroupID PrimaryGroupID: 101dscl . -list /Users UniqueID root 101dscl . -list /Groups PrimaryGroupID wheel 0 But I cannot change anything with [...]Continue Reading »
I’m in an environment where user/group information is maintained in /etc/passwd and /etc/group files, which are NFS mounted. This is nice because we can just edit flat files to change user/group information. However, the OS X machines in our setup don’t like this very much, because Directory Services doesn’t pick up on when these files change. Therefore, I’m planning on setting up a cron job to run something like this once a day or so: [...]Continue Reading »
OK, so I just did something really stupid and deleted all the user accounts on an OSX 10.6.6 machine by running this: sudo dscl . -delete /users What I actually wanted to do was delete a single, troublesome account using a command like this: sudo dscl . -delete /users/localadmin …but I absent-mindedly pressed return too early and deleted the lot. I’ve tried using -list and can confirm that I have indeed wiped all the accounts. [...]Continue Reading »
Alright, so I’ve made a user and a group using dscl as follows: dscl . -create /Users/deadline dscl . -create /Groups/deadline dscl . -append /Groups/deadline GroupMembership deadline Now I’m trying to chown things like so: mkdir /tmp/stuff chown deadline:deadline /tmp/stuff But the problem is that it sets the user and group to nobody instead of this user ‘deadline’. What magic voodoo property do I need to add to the user and group to have it [...]Continue Reading »
- Is there a way for administrators to disable users from installing Firefox extensions?
- Is there research material on NTP accuracy available?
- How to create a limited “domain admin” that does not have access to domain controllers?
- Can Windows RDC admin users be immune from being kicked?
- Domain Administrators account policy (After PCI audit)