Before i started working at my current job, they didn’t have a central person managing the systems and standardizing configuration, which meant it didn’t happen. The Tech personnel at each location would setup the computers however they wanted, which meant that no two computers were setup the same way. The problem with this was that trying to administer these systems now was difficult as no one was ever sure of what the administrator password or account name was. Luckily the building techs use Apple remote desktop regularly and even if they can’t tell you what the password for the computer is, they had added it to their computer list in ARD, which allows us to copy files and run commands on these computers. so i wrote the following script file for the them to copy out and run on their computers to create a TechStaff user, grant it admin privileges and rights to manage the computer over Apple Remote Desktop.
UserFound=$(dscl . -list /Users | Grep techstaff) UserFound2=$(dscl . -list /Users | Grep techstaff) if [ "$UserFound" = "" ] && [ "$UserFound2" = "" ]; then echo "Create techstaff..." #Create a new entry in the local (.) domain under the category /users. dscl . -create /Users/techstaff #Create and set the shell property to bash. dscl . -create /Users/techstaff UserShell /bin/bash #Create and set the user’s full name. dscl . -create /Users/techstaff RealName "Tech Staff" #Create and set the user’s ID. dscl . -create /Users/techstaff UniqueID 555 #Create and set the user’s group ID property. dscl . -create /Users/techstaff PrimaryGroupID 1000 #Create and set the user home directory. dscl . -create /Users/techstaff NFSHomeDirectory /Local/Users/techstaff #Set the password. dscl . -passwd /Users/techstaff MyPassword #give User Admin access dscl . -append /Groups/admin GroupMembership techstaff #Grant User Access through Remote Desktop /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/Resources/kickstart -activate -configure -access -on -users techstaff -privs -all else echo "Found techstaff..." fi
What i had them do was choose all of the computers in their all computers list and choose to copy that file to all of them, knowing that it would fail on the ones that weren’t on, etc. on the results screen for the copy, sort the result column so you have all of the successful computers at the top and choose those. Using the Unix function of Apple Remote Desktop, I had them send the following three lines to those computers as root:
chmod +x /tmp/SCT2.sh /tmp/SCT2.sh rm -f /tmp/SCT2.sh
These lines make the script executable (chmod +x /tmp/SCT2.sh), run the script (/tmp/SCT2.sh), and then delete the script (rm -f /tmp/SCT2.sh).
The resulting output from running these lines will be one of two things, either a line saying that it found a techstaff user already on the computer, or a line that it’s creating techstaff and then the results of commands to create the user and give it permissions.