Add a user to the admin group via command line
A colleague asked how he could promote a user to an admin via the command line. Here’s how I do it:
niutil -appendprop . /groups/admin users gneagle
replacing gneagle with the user’s shortname. You can add both local and network users to the local admin group.
You should probably do a
niutil -readprop . /groups/admin users
to make sure the user isn’t already in the admin group.
Removing a user from the group:
niutil -destroyval . /groups/admin users gneagle
The tool we’re using is niutil, which presumably stands for NetInfo Utility. man niutil for more information.
Note: niutil is on its way out, and is scehduled to disappear in Leopard (OS X 10.5). So we’ll have to do something using dscl eventually.
September 15, 2006 at 9:31 am
Hey,
To do this with dscl would look something like the following:
sudo dscl -p / -append /Groups/admin users gneagle
The dscl command is nice because it will also work for editing LDAP/OD information. The man page is a bit messy, though, and I’ve found it necessary to modify some of the syntax listed there in order to get things working properly, so be warned. Still, I’ve kept notes on this, and have been using dscl for most directory operations for a while now. Happy to share my findings if you’re ever interested. Just drop me a line.
-systemsboy
September 15, 2006 at 12:09 pm
Thanks. I’ll post the dscl equivalents in a future post.
September 10, 2007 at 10:15 am
Great command for automating tasks.
November 14, 2007 at 2:50 pm
This has a good explanation of how dscl replaces niutil with very clear examples http://osxdaily.com/2007/10/29/how-to-add-a-user-from-the-os-x-command-line-works-with-leopard/
December 11, 2008 at 8:52 am
[...] Add a user to the admin group via command line [...]