Create a New User on macOS from the Terminal Command Line

scottalanmiller

Managing Users in macOS can be a bit challenging, but it can be done if we understand the steps involved. Unlike traditional UNIX systems, Mac OSX and macOS do not keep all users in the /etc/passwd system. Only system accounts are kept there.

In macOS we use dscl or the Directory Service Command Line utility to manipulate user accounts. In this example, we will walk through creating a completely new user, setting their details, adding them to the "admin" group (giving them the ability to use sudo to manage the system), and setting their password.

First the full example, then we will break it down:

sudo dscl . -create /Users/sally
sudo dscl . -create /Users/sally UserShell /bin/bash
sudo dscl . -create /Users/sally RealName "Sally Brown"
sudo dscl . -create /Users/sally UniqueID 503
sudo dscl . -create /Users/sally PrimaryGroupID 503
sudo dscl . -create /Users/sally NFSHomeDirectory /Local/Users/sally
sudo dscl . -passwd /Users/sally mySecretPassword
sudo dscl . -append /Groups/admin GroupMembership sally

That's decently self explanatory. But we will go line by line and explain what is happening.

First, we create the user "container" for the account:

sudo dscl . -create /Users/sally

Next, we set the user's shell. We use bash in this example. The macOS default is /bin/tcsh and the most recommended shell is /bin/zsh.

sudo dscl . -create /Users/sally UserShell /bin/bash

Next, we set the actual name of the account user.

sudo dscl . -create /Users/sally RealName "Sally Brown"

Then we set the unique user ID (uid) for the user. As is typical with UNIX systems, we generally start with 500 for the first user and increment. macOS starts with 501. You will often look up the existing users to see what is available before doing this.

sudo dscl . -create /Users/sally UniqueID 503

Then we set the primary group ID (gid). It is customary for a normal user to have their own group that matches the ID of their user ID. But this is only a recent tradition and this is actually a very customizable field.

sudo dscl . -create /Users/sally PrimaryGroupID 503

Next we set a home directory for the user. The name of this field can be confusing as it clearly mentions NFS but we do not use NFS here. This is a vestige of this tool having come from an LDAP background.

sudo dscl . -create /Users/sally NFSHomeDirectory /Local/Users/sally

Then we have our final required step to set up a working user, setting their password:

sudo dscl . -passwd /Users/sally mySecretPassword

Our final step that we will show here is optional and only used for accounts that need membership in another group. The most common one would be the admin group which allows access to sudo so that administrative actions can be taken.

sudo dscl . -append /Groups/admin GroupMembership sally

scottalanmiller

It is likely obvious, but as I know that some people are searching for this information, creating administrative users in this way can be done very easily from remote command lines such as ScreenConnect, ConnectWise, MeshCentral, and so forth.

justAl

@scottalanmiller Hi Scott, thanks for the post, unfortunately this works not on Mac OS X Mojave. I'm able to create a user but not able to login with this user account. It stucks after the login prozess. Is there any workaround?
Thanks!

scottalanmiller

@justal said in Create a New User on macOS from the Terminal Command Line:

@scottalanmiller Hi Scott, thanks for the post, unfortunately this works not on Mac OS X Mojave. I'm able to create a user but not able to login with this user account. It stucks after the login prozess. Is there any workaround?
Thanks!

I switched offices for a couple days to one where I'm on Ubuntu rather than my Mac. I'll look into it once I'm back to my Mac.