4

What's the recommended way to add a user to Mac OS X Server that doesn't need all the hoopla associated with Workgroup Manager? There are many users pre-configured in Mac OS X Server (www, root, ldapadmin, etc.) that don't have "Full Name" or mail accounts, etc.

I'd like to create a 'svn' user to be the owner of our Subversion Repository as per this tutorial:

If you've decided to use either Apache or stock svnserve, create a single svn user on your system and run the server process as that user. Be sure to make the repository directory wholly owned by the svn user as well. From a security point of view, this keeps the repository data nicely siloed and protected by operating system filesystem permissions, changeable by only the Sub- version server process itself.

Wondering if there's a way outside of WorkgroupManager and OpenDirectory as this account will be entirely server based. Is this still sound advice under OS X Server? If so what's the easiest way to create the user (Mac OS X Server doesn't seem to respond to useradd).

Meltemi
  • 579
  • 2
  • 11
  • 24

3 Answers3

2

You can add accounts with the dscl command line utility. Depending on where you want to add users (just on that server, or on all machines via OpenDirectory), you can pass an argument to it.

For a standard OD, adding a user looks like: dscl -u USERNAME -P Password /LDAPv3/127.0.0.1 -create /Users/USERNAME UniqueID <put unique ID here>

For a local user, like this: dscl -u USERNAME -P Password / -create /Users/USERNAME UniqueID <put unique ID here>

You'll need a different dscl command for various user attributes. There is a guide for a standard-type user account here: http://osxdaily.com/2007/10/29/how-to-add-a-user-from-the-os-x-command-line-works-with-leopard/

And as always, man dscl!

snk
  • 392
  • 3
  • 4
  • 10
0

Create the use from the System Preferences, Accounts and make it a Standard user. And after you create the account, if you Control + click on the user you can choose the shell, shortname, home folder, etc. for that user.

This user will be a local user only (ie: not part of the OpenDirectory users)

tegbains
  • 1,986
  • 13
  • 28
0

You can also do this from within Workgroup Manager. There's a hidden pop-up menu just below the toolbar (where it says something like Authenticated as diradmin to directory: /LDAPv3/127.0.0.1); select Local from that pop-up, authenticate if necessary (there's a padlock at the right just under the toolbar), and you'll be editing the purely local accounts on the server (technically, the /Local/Default domain). You can create accounts as you please here, and just leave off irrelevant attributes (except the Full Name; that's required no matter how you create the account).

Gordon Davisson
  • 11,216
  • 4
  • 28
  • 33