Filter
Top Products
98 Chapter 8 Working with Users and Groups
Administering and Creating Accounts
A user account stores data that Mac OS X Server needs to validate the user’s identity
and provide services for the user. This section provides an overview of user accounts.
User accounts, as well as group accounts and computer lists, can be stored in any Open
Directory domain accessible from any Mac OS X computer. A directory domain can
reside on a Mac OS X computer (for example, the LDAP folder of an Open Directory
master, a NetInfo domain, or other read/write directory domain) or it can reside on a
non-Apple server (for example, a non-Apple LDAP or Active Directory server). This
section describes how to administer user accounts stored in various kinds of directory
domains.
Creating a Local Administrator User Account for a Server
Users with server or directory domain administration privileges are known as
administrators. An administrator can be a server administrator, domain administrator, or
both. Server administrator privileges determine whether a user can view info about or
change the settings of a particular server. Domain administrator privileges determine
the extent to which the user can view or change the account settings for users, groups,
and computer lists in the directory domain.
You can use the serversetup tool to create local administrator users for a server. The
serversetup tool is located in /System/Library/ServerSetup/ and it is not in the local
path, so you have to provide the path to it. You also have to run it as root.
To create nonadministrator users, see “Creating a Nonadministrator User Account” on
page 100. To create administrator users in a network directory domain, see “Creating a
Domain Administrator User Account” on page 99.
To create a local administrator user account:
$ sudo /System/Library/ServerSetup/serversetup -createUser
fullname
shortname
password
The name, short name, and password must be entered in the order shown. If the full
name includes spaces, enter it in quotes.
The command displays a 0 if successful, or a 1 if the full name or short name is already
in use.
To create an local administrator user with a specific UID:
$ sudo /System/Library/ServerSetup/serversetup -createUserWithID
fullname
shortname
password
uid
The name, short name, password, and UID must be entered in the order shown. If the
full name includes spaces, enter it in quotes.
The command displays a 0 if successful, or a 1 if the full name, short name, or UID is
already in use or if the UID you specified is less than 100.