Filter
Top Products
Chapter 8 Working with Users and Groups 111
Creating a Group Account
You can create a new group account by using dscl and other tools. When you create a
group account via the command line, you must also set values for basic attributes of a
group account, such as short name and group ID.
To add a group account:
1 Identify an unused group ID by entering the following command to display a list of
assigned group IDs.
$ dscl /LDAPv3/
ipaddress
-list /Groups PrimaryGroupID | awk '{print $2}' |
sort -n
Replace
ipaddress
with the location of your directory domain (the way it is displayed
in the search path in Directory Access). If you connect to a NetInfo domain, use:
$ dscl /NetInfo/root -list /Groups gid | awk ‘{print $2}’ | sort -n.
After you enter the command, the dscl tool displays a list of assigned IDs similar to the
following output:
-2
0
1
99
25
26
27
70
71
76
77
78
79
501
Important: Pick an ID that isn’t on either list, and that is greater than 501.
2 Start the dscl tool in interactive mode, specifying the computer you are using as the
source of directory service data:
$ dscl localhost
>
3 Change the current folder to /LDAPv3/ipaddress/Groups by entering the path at the
prompt:
> cd /LDAPv3/
ipaddress
/Groups
Replace
ipaddress
with the IP address of your directory server. If using a NetInfo
directory domain, enter cd /NetInfo/root/Groups at the prompt.