Created
February 5, 2016 15:20
-
-
Save dderusha/4ba2b8d54f68e238d8dd to your computer and use it in GitHub Desktop.
Find Admin account and convert it to standard
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| ## Demote admin users to standard | |
| ## Get list of users for demotion | |
| #In the above, you need to replace the reverse grep (grep -ve) with your local admin #accounts between the quote marks. Place a pipe betwen each name if you have multiple #ones. if you only have one, no need for "-ve", just use grep -v "youradminname" | |
| /bin/echo "Building list of local user accounts for demotion" | |
| userList=$( /usr/bin/dscl . -list /Users UniqueID | /usr/bin/awk '$2 >= 501 { print $1; }' | /usr/bin/grep -v "adminuserhere" ) | |
| ## Remove admin privs from each user and add them into the _lpadmin group | |
| for i in $userList; do | |
| if [[ `/usr/sbin/dseditgroup -o checkmember -m $i admin | /usr/bin/awk '{ print $1 }'` = "yes" ]]; then | |
| /bin/echo "User $i is currently an admin. Converting into Standard User" | |
| /usr/sbin/dseditgroup -o edit -d $i -t user admin | |
| /bin/echo "Adding $i into _lpadmin group" | |
| /usr/sbin/dseditgroup -o edit -a $i -t user _lpadmin | |
| else | |
| echo "User $i is currently a Standard User. Leaving as is." | |
| fi | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment