Now that we’ve covered using dscl to create a group, let’s look at using dseditgroup to do the same thing. In the previous example we created a group called Local Admins or ladmins for short. First let’s read that group’s information. To do so, run dseditgroup followed by the operation, which can be read, create, delete, edit or checkmember as the operations (verbs). The -o is optional, so : dseditgroup -o read ladmins Or the following has the same output: dseditgroup read ladmins In the case of a namespace collision between two ladmins in two directory services then the one listed highest in the Search Policy would be displayed. The…
-
-
Create Groups Using dscl
The directory services command line (dscl) command can be used to create a group. Here we’re going to use dscl to create a group called Local Admins (or ldadmins for short). First up, create the group: dscl . create /Groups/ladmins Now give our ladmins group the full name by creating the name key: dscl . create /Groups/ladmins RealName “Local Admins” Now to give the group a password: dscl . create /Groups/ladmins passwd “*” Now let’s give the group a Group ID: dscl . create /Groups/ladmins gid 400 That wasn’t so hard, but our group doesn’t have any users. dscl . create /Groups/ladmins GroupMembership localadmin Why create a group with just…