Admin Users

WWWグループにユーザー(自分)を追加する


#!/bin/bash -e
#com.cocolog-nifty.quicktimer.icefloe
#################################################
###管理者インストールしているか?チェック
USER_WHOAMI=$(/usr/bin/whoami)
/bin/echo "実行ユーザー(whoami): $USER_WHOAMI"
if [ "$USER_WHOAMI" != "root" ]; then
/bin/echo "このスクリプトを実行するには管理者権限が必要です。"
/bin/echo "sudo で実行してください"
  ### path to me
SCRIPT_PATH="${BASH_SOURCE[0]}"
/bin/echo "/usr/bin/sudo \"$SCRIPT_PATH\""
/bin/echo "↑を実行してください"
  ###実行しているユーザー名
CONSOLE_USER=$(/bin/echo "show State:/Users/ConsoleUser" | /usr/sbin/scutil | /usr/bin/awk '/Name :/ { print $3 }')
/bin/echo "コンソールユーザー(scutil): $CONSOLE_USER"
exit 1
else
  ###実行しているユーザー名
CONSOLE_USER=$(/bin/echo "show State:/Users/ConsoleUser" | /usr/sbin/scutil | /usr/bin/awk '/Name :/ { print $3 }')
/bin/echo "コンソールユーザー(scutil): $CONSOLE_USER"
  ###実行しているユーザー名
HOME_USER=$(/bin/echo "$HOME" | /usr/bin/awk -F'/' '{print $NF}')
/bin/echo "実行ユーザー(HOME): $HOME_USER"
  ###logname
LOGIN_NAME=$(/usr/bin/logname)
/bin/echo "ログイン名(logname): $LOGIN_NAME"
  ###UID
USER_NAME=$(/usr/bin/id -un)
/bin/echo "ユーザー名(id): $USER_NAME"
  ###STAT
STAT_USR=$(/usr/bin/stat -f%Su /dev/console)
/bin/echo "STAT_USR(console): $STAT_USR"
fi

#######
#ローカルアカウントを調べる
STR_LOCALUSER=$(/usr/bin/dscl . list /Users | grep -v '^_' | grep -v 'admin' | grep -v 'daemon' | grep -v 'nobody' | grep -v 'root')
/bin/echo "ローカルユーザーリスト:" "$STR_LOCALUSER"
####WWWグループにユーザーを追加
STR_GROUPS_USER=$(/usr/bin/dscl . read /Groups/_www GroupMembership)
if [[ $STR_GROUPS_USER == *"$CONSOLE_USER"* ]]; then
echo "GroupMembershipに $CONSOLE_USER はすでに含まれています"
else
echo "GroupMembershipに $CONSOLE_USER は含まれていません"
/usr/bin/sudo /usr/bin/dscl . append /Groups/_www GroupMembership "$CONSOLE_USER"
STR_USER_UUID=$(/usr/bin/dscl . -read "$HOME" GeneratedUID | awk 'NF > 1 {print $NF}')
/usr/bin/sudo /usr/bin/dscl . append /Groups/_www GroupMembers "$STR_USER_UUID"
/usr/bin/dscl . read /Groups/_www GroupMembership
/usr/bin/dscl . read /Groups/_www GroupMembers
fi


exit 0


|

[plist]ユーザーの言語設定を取得する

Bash

#!/bin/bash
#com.cocolog-nifty.quicktimer.icefloe
#

STR_USR_LANG=$(/usr/bin/plutil -extract AppleLanguages.0 raw -expect string $HOME/Library/Preferences/.GlobalPreferences.plist ) 
/bin/echo "plutil:ユーザー設定の第1言語は $STR_USR_LANG です"

STR_USR_LANG=$(/usr/bin/defaults read $HOME/Library/Preferences/.GlobalPreferences AppleLanguages| tr -d "[:space:][(][)]\""|cut -d , -f 1 )
/bin/echo "defaults:ユーザー設定の第1言語は $STR_USR_LANG です"

STR_USR_LANG=$(/usr/libexec/PlistBuddy -c "Print:AppleLanguages:0" "$HOME/Library/Preferences/.GlobalPreferences.plist")
/bin/echo "PlistBuddy:ユーザー設定の第1言語は $STR_USR_LANG です"

exit 0


AppleScript

【スクリプトエディタで開く】|

#!/usr/bin/env osascript
----+----1----+----2----+-----3----+----4----+----5----+----6----+----7
#
#com.cocolog-nifty.quicktimer.icefloe
----+----1----+----2----+-----3----+----4----+----5----+----6----+----7
##自分環境がos12なので2.8にしているだけです
use AppleScript version "2.8"
use framework "Foundation"
use scripting additions

property refMe : a reference to current application
set appFileManager to refMe's NSFileManager's defaultManager()


##########################################
###【1】ドキュメントのパスをNSString
set ocidURLsArray to (appFileManager's URLsForDirectory:(refMe's NSLibraryDirectory) inDomains:(refMe's NSUserDomainMask))
set ocidLibraryDirPathURL to ocidURLsArray's firstObject()
set ocidPlistFilePathURL to ocidLibraryDirPathURL's URLByAppendingPathComponent:("Preferences/.GlobalPreferences.plist")
##########################################
### 【2】PLISTを可変レコードとして読み込み
set ocidPlistDict to refMe's NSMutableDictionary's alloc()'s initWithContentsOfURL:(ocidPlistFilePathURL)

##########################################
### 【3】値を取得
set ocidAppleLanguagesArray to (ocidPlistDict's objectForKey:("AppleLanguages"))
log (ocidAppleLanguagesArray's objectAtIndex:(0)) as text
-->(*ja-JP*)


|

新規ユーザー追加(macOS14.3で修正された)


#!/bin/bash
#com.cocolog-nifty.quicktimer.icefloe
#設定するユーザーID
#学籍や社員番号があれば関連づけるのも有効だけど
#セキュリティ上はユーザーと紐づかない番号が推奨
STR_SET_UID="555"
#ユーザー名ショート
STR_USER_NAME="quick_timer"
#ユーザー名フル
STR_USER_FULLNAME="QuickTimer"
#グループID
STR_GID="20"
#シェル
STR_SHELL_PATH="/bin/zsh"
#パスワード
STR_PASSWORD="1234"
#パスワードヒント
STR_HINT="初期パスワードは書類に記載されています"
#ホームパス
STR_HOME_PATH="/Users/$STR_USER_NAME"
#アイコンパス
STR_PICTURE_PATH="/Library/User Pictures/Sports/Target.heic"

#################################################
###管理者インストールしているか?チェック
#################################################
USER_WHOAMI=$(/usr/bin/whoami)
/bin/echo "実行ユーザー(whoami): $USER_WHOAMI"
if [ "$USER_WHOAMI" != "root" ]; then
/bin/echo "このスクリプトを実行するには管理者権限が必要です。"
/bin/echo "sudo で実行してください"
  ### path to me
SCRIPT_PATH="${BASH_SOURCE[0]}"
/bin/echo "/usr/bin/sudo \"$SCRIPT_PATH\""
/bin/echo "↑を実行してください"
exit 1
else
  ###実行しているユーザー名
CONSOLE_USER=$(/bin/echo "show State:/Users/ConsoleUser" | /usr/sbin/scutil | /usr/bin/awk '/Name :/ { print $3 }')
/bin/echo "コンソールユーザー(scutil): $CONSOLE_USER"
  ###実行しているユーザー名
HOME_USER=$(/bin/echo "$HOME" | /usr/bin/awk -F'/' '{print $NF}')
/bin/echo "実行ユーザー(HOME): $HOME_USER"
  ###logname
LOGIN_NAME=$(/usr/bin/logname)
/bin/echo "ログイン名(logname): $LOGIN_NAME"
  ###UID
USER_NAME=$(/usr/bin/id -un)
/bin/echo "ユーザー名(id): $USER_NAME"
  ###STAT
STAT_USR=$(/usr/bin/stat -f%Su /dev/console)
/bin/echo "STAT_USR(console): $STAT_USR"
fi
########################################
/bin/echo "ユーザーIDの重複チェック"
########################################
TEXT_RESULT=$(/usr/bin/dscl localhost -list /Local/Default/Users UniqueID)
#リストにして
DEFAULT_IFS=$IFS
IFS=$'\n'
read -d '\n' -r -a LIST_USER <<<"$TEXT_RESULT"
IFS=$DEFAULT_IFS
#総当たりで調べます
for ITEM_LIST in "${LIST_USER[@]}"; do
  #ユーザーが存在するか?
  if [[ $ITEM_LIST == *"$STR_SET_UID"* ]]; then
TEXT_USER_INFO=$ITEM_LIST
  fi
done
#ユーザーが発見された場合
if [ -z "$TEXT_USER_INFO" ]; then
/bin/echo "未設定ですので処理を開始します"
else
/bin/echo "ユーザー:" "$TEXT_USER_INFO"
/bin/echo "$STR_SET_UID""ユーザーがいるので処理を終了します"
exit 1
fi
########################################
/bin/echo "ユーザーアカウント作成"
########################################
/usr/bin/sudo /usr/sbin/sysadminctl -addUser "$STR_USER_NAME" -fullName "$STR_USER_FULLNAME" -UID "$STR_SET_UID" -GID "$STR_GID" -shell "$STR_SHELL_PATH" -home "$STR_HOME_PATH" -picture "$STR_PICTURE_PATH" -password "$STR_PASSWORD" -hint "$STR_HINT" -admin
########################################
/bin/echo "パスワードリセット"
########################################
##ルートで処理する場合(非推奨)
## /usr/bin/printf "ルートパスワード" | /usr/bin/sudo /usr/bin/pwpolicy -a root -u "$STR_USER_NAME" -setpolicy "newPasswordRequired=1"
##初回ログイン時にパスワード設定
##macOS14.3で修正された
/usr/bin/sudo /usr/bin/pwpolicy -u "$STR_USER_NAME" -setpolicy "newPasswordRequired=1"

########################################
/bin/echo "ユーザーフォルダ作成"
########################################
/bin/mkdir -p "$STR_HOME_PATH"
# 規定は700 アパッチ運用ある場合は755
/bin/chmod 755 "$STR_HOME_PATH"
/bin/chmod +a "group:everyone deny delete" "$STR_HOME_PATH"
#ユーザーテンプレートをコピー
/usr/bin/ditto "/Library/User Template/Japanese.lproj/.CFUserTextEncoding" "$STR_HOME_PATH/.CFUserTextEncoding"
########################################
/bin/echo "サブフォルダ作成"
########################################
LIST_SUB_DIR_NAME=("Library" "Desktop" "Documents" "Downloads" "Movies" "Music" "Pictures" "Public" "Groups" "Developer" "Sites" "Applications" "bin")
for ITEM_DIR_NAME in "${LIST_SUB_DIR_NAME[@]}"; do
STR_CHK_PATH="$STR_HOME_PATH/${ITEM_DIR_NAME}"
/bin/mkdir -p "$STR_CHK_PATH"
/bin/chmod 700 "$STR_CHK_PATH"
/bin/chmod +a "group:everyone deny delete" "$STR_CHK_PATH"
  #localized生成
/usr/bin/touch "$STR_CHK_PATH/.localized"
done
########################################
/bin/echo "Library サブフォルダ作成 "
########################################
LIST_SUB_DIR_NAME=("Compositions" "PreferencePanes" "Application Support" "Favorites" "Preferences" "Assistants" "FontCollections" "Printers" "Fonts" "Screen Savers" "Autosave Information" "Input Methods" "Services" "Caches" "Internet Plug-Ins" "Sounds" "ColorPickers" "Keyboard Layouts" "Spelling" "Colors" "Logs" "Group Containers" "Managed Items" "Managed Items/My Applications" "Managed Items/My Network" "Managed Items/Documents" "Audio" "Audio/MIDI Drivers" "Audio/Plug-Ins/Components" "Audio/Plug-Ins/Digidesign" "Audio/Plug-Ins/VST" "Audio/Sounds/Alerts" "Audio/Sounds/Banks")
for ITEM_DIR_NAME in "${LIST_SUB_DIR_NAME[@]}"; do
STR_CHK_PATH="$STR_HOME_PATH/Library/${ITEM_DIR_NAME}"
/bin/mkdir -p "$STR_CHK_PATH"
/bin/chmod 700 "$STR_CHK_PATH"
/bin/chmod +a "group:everyone deny delete" "$STR_CHK_PATH"
done
##可視にする場合
/usr/bin/chflags nohidden "/Users/$CONSOLE_USER/Library"
/usr/bin/SetFile -a v "/Users/$CONSOLE_USER/Library"
#不可視にする場合
# /usr/bin/chflags hidden "/Users/$CONSOLE_USER/Library"
# /usr/bin/SetFile -a V "/Users/$CONSOLE_USER/Library"
# binは不可視にする
/usr/bin/chflags hidden "/Users/$CONSOLE_USER/bin"
/usr/bin/SetFile -a V "/Users/$CONSOLE_USER/bin"
#ユーザーテンプレートをコピー
/usr/bin/ditto "/Library/User Template/Japanese.lproj/Library/FontCollections" "$STR_HOME_PATH/Library/FontCollections"
/usr/bin/ditto "/Library/User Template/Japanese.lproj/Library/Preferences" "$STR_HOME_PATH/Library/Preferences"

########################################
/bin/echo "Public サブフォルダ作成 "
########################################
/bin/chmod 755 "$STR_HOME_PATH/Public"
/bin/mkdir -p "$STR_HOME_PATH/Public/Drop Box"
/bin/chmod 733 "$STR_HOME_PATH/Public/Drop Box"
/bin/chmod +a "group:everyone deny delete" "$STR_HOME_PATH/Public/Drop Box"
/bin/chmod +a "user:$STR_USER_NAME allow list,add_file,search,delete,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,writesecurity,chown,file_inherit,directory_inherit" "$STR_HOME_PATH/Public/Drop Box"
/usr/bin/touch "$STR_HOME_PATH/Public/Drop Box/.localized"

########################################
/bin/echo "アクセス権 オーナー指定"
########################################
/usr/sbin/chown -Rf "$STR_USER_NAME" "$STR_HOME_PATH"
/usr/bin/chgrp -Rf staff "$STR_HOME_PATH"
##
########################################
/bin/echo "Sites サブフォルダ作成 "
#Sites以下は削除可能でOK
########################################
# 規定は700 アパッチ運用ある場合は755
/bin/chmod 755 "$STR_HOME_PATH/Sites"
LIST_SUB_DIR_NAME=("images" "css" "js" "Streaming")
for ITEM_DIR_NAME in "${LIST_SUB_DIR_NAME[@]}"; do
STR_CHK_PATH="$STR_HOME_PATH/Sites/${ITEM_DIR_NAME}"
/bin/mkdir -p "$STR_CHK_PATH"
/bin/chmod 755 "$STR_CHK_PATH"
/usr/bin/chgrp -Rf _www "$STR_CHK_PATH"
done
/bin/chmod +a "group:_qtss allow read,write,execute" "$STR_HOME_PATH/Sites/Streaming"

  
exit 0




|

[bash]ユーザーの取得(statを追加)


#!/bin/bash
#com.cocolog-nifty.quicktimer.icefloe
#
#################################################
###管理者インストールしているか?チェック
USER_WHOAMI=$(/usr/bin/whoami)
/bin/echo "実行ユーザー(whoami): $USER_WHOAMI"
if [ "$USER_WHOAMI" != "root" ]; then
  /bin/echo "このスクリプトを実行するには管理者権限が必要です。"
  /bin/echo "sudo で実行してください"
  ### path to me
  SCRIPT_PATH="${BASH_SOURCE[0]}"
  /bin/echo "/usr/bin/sudo \"$SCRIPT_PATH\""
  /bin/echo "↑を実行してください"
  ###実行しているユーザー名
  CONSOLE_USER=$(/bin/echo "show State:/Users/ConsoleUser" | /usr/sbin/scutil | /usr/bin/awk '/Name :/ { print $3 }')
  /bin/echo "コンソールユーザー(scutil): $CONSOLE_USER"
  exit 1
else
  ###実行しているユーザー名
  CONSOLE_USER=$(/bin/echo "show State:/Users/ConsoleUser" | /usr/sbin/scutil | /usr/bin/awk '/Name :/ { print $3 }')
  /bin/echo "コンソールユーザー(scutil): $CONSOLE_USER"
  ###実行しているユーザー名
  HOME_USER=$(/bin/echo "$HOME" | /usr/bin/awk -F'/' '{print $NF}')
  /bin/echo "実行ユーザー(HOME): $HOME_USER"
  ###logname
  LOGIN_NAME=$(/usr/bin/logname)
  /bin/echo "ログイン名(logname): $LOGIN_NAME"
  ###UID
  USER_NAME=$(/usr/bin/id -un)
  /bin/echo "ユーザー名(id): $USER_NAME"
  ###STAT
  STAT_USR=$(/usr/bin/stat -f%Su /dev/console)
  /bin/echo "STAT_USR(console): $STAT_USR"
fi


|

[BASH]ユーザーの最終ログアウト日時


【スクリプトエディタで開く】|

#!/bin/bash
#com.cocolog-nifty.quicktimer.icefloe
#ユーザードメインにインストール
#!/bin/bash
#com.cocolog-nifty.quicktimer.icefloe
# 要管理者権限
########################################
###管理者インストールしているか?チェック
USER_WHOAMI=$(/usr/bin/whoami)
/bin/echo "実行したユーザーは:$USER_WHOAMI"
if [ "$USER_WHOAMI" != "root" ]; then
  /bin/echo "このスクリプトを実行するには管理者権限が必要です。"
  /bin/echo "sudo で実行してください"
  ### path to me
  SCRIPT_PATH="${BASH_SOURCE[0]}"
  /bin/echo "/usr/bin/sudo \"$SCRIPT_PATH\""
  /bin/echo "↑を実行してください"
  exit 1
else
  ###実行しているユーザー名
  CURRENT_USER=$(/bin/echo "$HOME" | /usr/bin/awk -F'/' '{print $NF}')
  /bin/echo "実行ユーザー:" "$CURRENT_USER"
fi
###コンソールユーザー CONSOLE_USERはFinderでログインしていないと出ない
CONSOLE_USER=$(/bin/echo "show State:/Users/ConsoleUser" | /usr/sbin/scutil | /usr/bin/awk '/Name :/ { print $3 }')
if [ -z "$CONSOLE_USER" ]; then
  /bin/echo "コンソールユーザーが無い=電源入れてログインウィンドウ状態"
else
  /bin/echo "コンソールユーザー:" "$CONSOLE_USER"
fi
########################################
###ローカルのユーザーアカウントを取得
TEXT_RESULT=$(/usr/bin/dscl localhost -list /Local/Default/Users PrimaryGroupID | /usr/bin/awk '$2 == 20 { print $1 }')
###リストにする
read -d '\\n' -r -a LIST_USER <<<"$TEXT_RESULT"
###リスト内の項目数
NUM_CNT=${#LIST_USER[@]}
/bin/echo "ユーザー数:" "$NUM_CNT"

########################################
##デバイスUUIDを取得
STR_DEVICE_UUID=$(/usr/sbin/ioreg -c IOPlatformExpertDevice | grep IOPlatformUUID | awk -F'"' '{print $4}')
  /bin/echo "デバイスUUID: " "$STR_DEVICE_UUID"
  
###各ユーザーの最終ログイン日
for ITEM_LIST in "${LIST_USER[@]}"; do
  STR_LAST_LOGIN=$(/usr/bin/last "${ITEM_LIST}" | /usr/bin/grep console | /usr/bin/head -n 1  | awk -F'console' '{print $2}')
  /bin/echo "${ITEM_LIST} の最終ログイン日: "
  /bin/echo  "$STR_LAST_LOGIN"
done

###各ユーザーの最終ログアウト日
for ITEM_LIST in "${LIST_USER[@]}"; do
  STR_CHECK_File_PATH="/Users/${ITEM_LIST}/Library/Preferences/ByHost/com.apple.loginwindow.$STR_DEVICE_UUID.plist"
  STR_LAST_LOGOUT=$(/usr/bin/sudo -u "${ITEM_LIST}" /usr/bin/stat -f "%Sm" -t "%Y-%m-%d %H:%M:%S" "$STR_CHECK_File_PATH")
  /bin/echo "$ITEM_LIST の最終ログアウト日: " "$STR_LAST_LOGOUT"
done

|

[UID]UIDを取得する方法6種


【スクリプトエディタで開く】|

#!/usr/bin/env osascript
----+----1----+----2----+-----3----+----4----+----5----+----6----+----7
#
# com.cocolog-nifty.quicktimer.icefloe
----+----1----+----2----+-----3----+----4----+----5----+----6----+----7
use AppleScript version "2.8"
use framework "Foundation"
use scripting additions


##
set recordSystemInfo to (system info) as record
set stUID to (user ID of recordSystemInfo) as text
##
set strCommandText to ("/usr/bin/stat -f \"%u\" /dev/console") as text
set stUID to (do shell script strCommandText) as text
##
set strCommandText to ("/usr/bin/id -u") as text
set stUID to (do shell script strCommandText) as text
##
set strCommandText to ("/bin/echo $UID") as text
set stUID to (do shell script strCommandText) as text
##
set strCommandText to ("/usr/bin/dsmemberutil getid -U $USER | /usr/bin/awk '/:/ { print $2 }'") as text
set stUID to (do shell script strCommandText) as text
##
set strCommandText to ("/usr/bin/dscl localhost -list /Local/Default/Users UniqueID | grep $USER | /usr/bin/awk '/ / { print $2 }'") as text
set stUID to (do shell script strCommandText) as text


|

[NSUserName]現在のユーザー名(ショートユーザー名)


【スクリプトエディタで開く】|

#!/usr/bin/env osascript
----+----1----+----2----+-----3----+----4----+----5----+----6----+----7
#com.cocolog-nifty.quicktimer.icefloe
----+----1----+----2----+-----3----+----4----+----5----+----6----+----7
use AppleScript version "2.8"
use scripting additions

set recordSystemInfo to (system info) as record
set strCurrentUserName to (short user name of recordSystemInfo) as text



【スクリプトエディタで開く】|

#!/usr/bin/env osascript
----+----1----+----2----+-----3----+----4----+----5----+----6----+----7
#com.cocolog-nifty.quicktimer.icefloe
----+----1----+----2----+-----3----+----4----+----5----+----6----+----7
use AppleScript version "2.8"
use framework "Foundation"
use scripting additions

property refMe : a reference to current application

##プロセスインフォ
set ocidProcessInfo to refMe's NSProcessInfo's processInfo()
##ユーザー情報
set ocidEnvDict to ocidProcessInfo's environment()
set strTMPDIR to (ocidEnvDict's valueForKey:"TMPDIR") as text
set strHOME to (ocidEnvDict's valueForKey:"HOME") as text
set strUSER to (ocidEnvDict's valueForKey:"USER") as text
set strLOGNAME to (ocidEnvDict's valueForKey:"LOGNAME") as text



【スクリプトエディタで開く】|

#!/usr/bin/env osascript
----+----1----+----2----+-----3----+----4----+----5----+----6----+----7
#com.cocolog-nifty.quicktimer.icefloe
----+----1----+----2----+-----3----+----4----+----5----+----6----+----7
use AppleScript version "2.8"
use framework "Foundation"
use scripting additions

property refMe : a reference to current application
set appFileManager to refMe's NSFileManager's defaultManager()

set ocidUserName to refMe's NSUserName()
set strUserName to ocidUserName as text


【スクリプトエディタで開く】|

#!/usr/bin/env osascript
----+----1----+----2----+-----3----+----4----+----5----+----6----+----7
#com.cocolog-nifty.quicktimer.icefloe
----+----1----+----2----+-----3----+----4----+----5----+----6----+----7
use AppleScript version "2.8"
use framework "Foundation"
use scripting additions


tell application "System Events"
  set refUser to (current user)
  set strShortUserName to (full name of refUser) as text
  set strShortUserName to (home directory of refUser) as text
  set strShortUserName to (name of refUser) as text
end tell


【スクリプトエディタで開く】|

#!/bin/bash
###
STR_WHOAMI=$(/usr/bin/whoami)
/bin/echo "実行したユーザーは:" "$STR_WHOAMI"

STR_UID_NAME=$(/usr/bin/id -un)
/bin/echo "実行したユーザーは:" "$STR_UID_NAME"

STR_LOGIN_NAME=$(/usr/bin/logname)
/bin/echo "ログインユーザーは:" "$STR_LOGIN_NAME"

STR_LOGIN_ENV_NAME=$(/bin/echo "$USER")
/bin/echo "ログインユーザーは:" "$STR_LOGIN_ENV_NAME"

STR_LOGIN_ENV_NAME=$(/bin/echo "$HOME" | /usr/bin/awk -F'/' '{print $NF}')
/bin/echo "実行ユーザー:" "$STR_LOGIN_ENV_NAME"

CONSOLE_USER=$(/usr/sbin/scutil <<< "show State:/Users/ConsoleUser" | /usr/bin/awk '/Name :/ { print $3}')
/bin/echo "ログインしているユーザー:" "$CONSOLE_USER"

CONSOLE_USER=$(/bin/echo "show State:/Users/ConsoleUser" | /usr/sbin/scutil | /usr/bin/awk '/Name :/ { print $3 }')
/bin/echo "ログインしているユーザー:" "$CONSOLE_USER"

STR_UID=$(/usr/bin/id -u)
UID_TO_USERNAME=$(/usr/bin/dscl localhost -list /Local/Default/Users UniqueID | grep "$STR_UID" | /usr/bin/awk '/ / { print $1 }')
/bin/echo "実行しているユーザー:" "$UID_TO_USERNAME"

|

[mobileconfig]ゲストアカウント停止

<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">

<plist version="1.0">

  <dict>

    <key>PayloadContent</key>

    <array>

      <dict>

            <!--この設定は期待動作しません -->

        <key>AllowGuestAccess</key>

        <false />

        <key>PayloadDisplayName</key>

        <string>com.apple.smb.server</string>

        <key>PayloadIdentifier</key>

        <string>com.apple.smb.server.50D3674E-3DDA-4C03-B3BB-CDE4C0793859</string>

        <key>PayloadType</key>

        <string>com.apple.smb.server</string>

        <key>PayloadUUID</key>

        <string>50D3674E-3DDA-4C03-B3BB-CDE4C0793859</string>

        <key>PayloadVersion</key>

        <integer>1</integer>

      </dict>

      <dict>

        <key>DenyList</key>

        <array>

        <!--ここはDirectory Utilityを見てGuestグループのUUIDを入力 -->

          <string>ABCDEFAB-CDEF-ABCD-EFAB-CDEF000000C9</string>

          <string>ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000063</string>

        </array>

          <!--そもそもGuestアカウント停止にするから意味ないけど -->

        <key>HiddenUsersList</key>

        <array>

          <string>Guest</string>

        </array>

        <key>PayloadDisplayName</key>

        <string>Loginwindow</string>

        <key>PayloadIdentifier</key>

        <string>com.apple.loginwindow.AF9C2A51-B3A2-4DB2-A6A8-ABA6A47606BE</string>

        <key>PayloadType</key>

        <string>com.apple.loginwindow</string>

        <key>PayloadUUID</key>

        <string>AF9C2A51-B3A2-4DB2-A6A8-ABA6A47606BE</string>

        <key>PayloadVersion</key>

        <integer>1</integer>

      </dict>

      <dict>

        <key>DisableGuestAccount</key>

        <true />

        <key>PayloadDisplayName</key>

        <string>DisableGuestAccount</string>

        <key>PayloadIdentifier</key>

        <string>com.apple.MCX.5702DDA1-D156-4857-8E09-6BCC3DCA8BE5</string>

        <key>PayloadType</key>

        <string>com.apple.MCX</string>

        <key>PayloadUUID</key>

        <string>5702DDA1-D156-4857-8E09-6BCC3DCA8BE5</string>

        <key>PayloadVersion</key>

        <integer>1</integer>

      </dict>

      <dict>

        <key>EnableGuestAccount</key>

        <false />

        <key>PayloadDisplayName</key>

        <string>DisableGuestAccount</string>

        <key>PayloadIdentifier</key>

        <string>com.apple.MCX.DBFEC076-FE40-4C19-AE77-893946D1F6D7</string>

        <key>PayloadType</key>

        <string>com.apple.MCX</string>

        <key>PayloadUUID</key>

        <string>DBFEC076-FE40-4C19-AE77-893946D1F6D7</string>

        <key>PayloadVersion</key>

        <integer>1</integer>

      </dict>

    </array>

    <key>ConsentText</key>

    <dict>

      <key>default</key>

      <string>ゲストアカウント停止</string>

    </dict>

    <key>PayloadDisplayName</key>

    <string>DisableGuestAccount</string>

    <key>PayloadDescription</key>

    <string>ゲストアカウント停止</string>

    <key>PayloadIdentifier</key>

    <string>EDDA6AFC-E2C7-463E-B034-9D91B48BF73D</string>

    <key>PayloadType</key>

    <string>Configuration</string>

    <key>PayloadUUID</key>

    <string>EDDA6AFC-E2C7-463E-B034-9D91B48BF73D</string>

    <key>PayloadOrganization</key>

    <string>com.cocolog-nifty.quicktimer</string>

    <key>PayloadScope</key>

    <string>System</string>

    <key>TargetDeviceType</key>

    <integer>5</integer>

    <key>PayloadVersion</key>

    <integer>1</integer>

  </dict>

</plist>

|

[dsmemberutil ]ディレクトリの出力ツール


/usr/bin/dsmemberutil flushcache


/usr/bin/dsmemberutil getuuid -G _guest

/usr/bin/dsmemberutil getid -G _unknown

/usr/bin/dsmemberutil getsid -U nobody



dsmemberutil(1)                   General Commands Manual                  dsmemberutil(1)


NAME

     dsmemberutil various operations for the membership APIs, including state dump,

     check memberships, UUIDs, etc.


SYNOPSIS

     dsmemberutil [-v] [-h] command [options]


DESCRIPTION

     dsmemberutil is a program that implements the membership API calls in a command line

     utility.


FLAGS

     A list of flags and their descriptions:


     -h      Lists the options for calling dsmemberutil


     -v      Causes dsmemberutil to operate in verbose mode.


COMMANDS

     The action of each command is described below:


     getuuid -ugUGsS value

                 Takes any of the options and returns the associated UUID.


     getid -UGsSX value

                 Takes any of the options and returns the associated UID or GID depending

                 on option provided.


     getsid -ugUGX value

                 Takes any of the options and returns the associated SID.


     checkmembership -uUxs param -gGXS param

                 Returns if a user or group with the associated option is a member of the

                 group.


     flushcache  Flushes the current membership cache.


     Legacy commands such as dumpstate and statistics are gone. See odutil(1) for show

     cache and statistics operations.


     A list of options available. In some cases -xX and -sS can be used synonymously due

     to nature of the value.


     -u uid           Using user with UID


     -U name          Using user with name


     -s sid           Using user with SID


     -x uuid          Using user with UUID


     -g gid           Using group with GID


     -G name          Using group with name


     -S sid           Using group with SID


     -X uuid          Using group with UUID


EXAMPLES

     Get a user's uuid:

                    % dsmemberutil getuuid -u 501

                    EEA4F2F6-B268-49E7-9C6F-E3C4A37DA4FD


     Get a group's uuid

                    % dsmemberutil getuuid -g 0

                    ABCDEFAB-CDEF-ABCD-EFAB-CDEF00000000


     Get a user's or group's id from a uuid

                    % dsmemberutil getid -X ABCDEFAB-CDEF-ABCD-EFAB-CDEF0000000C

                    gid: 12


     Check a user's membership in a group (using UID and GID)

                    % dsmemberutil checkmembership -u 501 -g 0

                    user is not a member of the group


     Check a user's membership in a group (using names)

                    % dsmemberutil checkmembership -U root -G wheel

                    user is a member of the group


SEE ALSO

     odutil(1), dseditgroup(1), dscacheutil(1)


Darwin                                January 1, 2007                               Darwin

(END)

|

[dscacheutil]LDAPのキャッシュの内容


/usr/bin/dscacheutil -flushcache


/usr/bin/dscacheutil -statistics

/usr/bin/dscacheutil -configuration

/usr/bin/dscacheutil -entries user

/usr/bin/dscacheutil -cachedump -entries user

/usr/bin/dscacheutil -q user -a name ユーザー名



dscacheutil(1)                  General Commands Manual                 dscacheutil(1)


NAME

     dscacheutil gather information, statistics and initiate queries to the

     Directory Service cache.


SYNOPSIS

     dscacheutil -h

     dscacheutil -q category [-a key value]

     dscacheutil -cachedump [-buckets] [-entries [category]]

     dscacheutil -configuration

     dscacheutil -flushcache

     dscacheutil -statistics


DESCRIPTION

     dscacheutil does various operations against the Directory Service cache including

     gathering statistics, initiating lookups, inspection, cache flush, etc.  This

     tool replaces most of the functionality of the lookupd tool previously available

     in the OS.


FLAGS

     A list of flags and their descriptions:


     -h      Lists the options for calling dscacheutil


     -q category

             Initiate a query using standard calls.  These calls will either return

             results from the cache or go fetch live data and place them in the cache.

             By default if no specific query is requested via -a then all results

             within that category will be returned.


     -a key value

             Optional flag to -q for a specific key with a value.


     -cachedump

             Dumps an overview of the cache by default.  Additional flags will provide

             more detailed information.


     -buckets

             Used in conjunction with -cachedump to also print hash bucket usage of

             the current cache.


     -entries [category]

             Used in conjunction with -cachedump to dump detailed information about

             cache entries.  An optional category can be supplied to only see types of

             interest.  Dumping 'host' entries can only be done by administrative

             users.


     -configuration

             Prints current configuration information, such as the search policy from

             Directory Service and cache parameters.


-flushcache

             Flushes the entire cache.  This should only be used in extreme cases.

             Validation information is used within the cache along with other

             techniques to ensure the OS has valid information available to it.


     -statistics

             Prints statistics from the cache including an overview and detailed call

             statistics.  Some calls are not cached but are derived from other calls

             internally.  Cache hits and cache misses may not always be equal to

             external calls.  For example getaddrinfo is actually a combination of

             gethostbyname with other calls internally to the cache to maximize cache

             hit rate.


     Available categories and associated keys:


     group       name or gid


     host        name or ip_address (used for both IPv6 and IPv4)


     mount       name


     protocol    name or number


     rpc         name or number


     service     name or port


     user        name or uid


EXAMPLES

     Lookup a user:

                    % dscacheutil -q user -a name jdoe

                    name: jdoe

                    password: ********

                    uid: 501

                    gid: 501

                    dir: /Users/jdoe

                    shell: /bin/csh

                    gecos: John Doe


     Lookup all users:

                    % dscacheutil -q user


     Dump cache overview:

                    % dscacheutil -cachedump


     Dump cache details with user entries:

                    % dscacheutil -cachedump -entries user


SEE ALSO

     DirectoryService(8), dsmemberutil(1)


Darwin                             January 14, 2007                             Darwin

(END)



|

より以前の記事一覧

その他のカテゴリー

Acrobat Acrobat Annotation Acrobat Dialog Acrobat Form Acrobat JS Acrobat Open Acrobat Plugin Acrobat python Acrobat Reader Acrobat Sequ Acrobat Stamps Admin Admin Account Admin Apachectl Admin configCode Admin Device Management Admin LaunchServices Admin Locationd Admin loginitem Admin Maintenance Admin Permission Admin Pkg Admin Power Management Admin Printer Admin SetUp Admin SMB Admin System Information Admin Tools Admin Users Admin Volumes Adobe Apple AppleScript AppleScript Guide AppleScript Accessibility AppleScript AppKit AppleScript Applications AppleScript AppStore AppleScript Archive AppleScript Attributes AppleScript Automator AppleScript AVAsset AppleScript AVconvert AppleScript AVFoundation AppleScript AVURLAsset AppleScript BackUp AppleScript Barcode AppleScript Bash AppleScript Basic AppleScript Basic Path AppleScript Bluetooth AppleScript BOX AppleScript Browser AppleScript Calendar AppleScript CD/DVD AppleScript Choose AppleScript Chrome AppleScript CIImage AppleScript CloudStorage AppleScript Color AppleScript com.apple.LaunchServices.OpenWith AppleScript Console AppleScript Contacts AppleScript CotEditor AppleScript CURL AppleScript current application AppleScript Date&Time AppleScript delimiters AppleScript Desktop AppleScript Device AppleScript Disk AppleScript do shell script AppleScript Dock AppleScript DropBox AppleScript eMail AppleScript Encode Decode AppleScript Error AppleScript EXIFData AppleScript ffmpeg AppleScript File AppleScript Finder AppleScript Firefox AppleScript Folder AppleScript Fonts AppleScript GIF AppleScript HTML AppleScript Icon AppleScript Illustrator AppleScript Image Events AppleScript Image2PDF AppleScript ImageOptim Applescript iWork AppleScript Javascript AppleScript Jedit AppleScript Json AppleScript Label AppleScript List AppleScript locationd AppleScript LRC AppleScript LSSharedFileList AppleScript m3u8 AppleScript MakePDF AppleScript Map AppleScript Math AppleScript Microsoft AppleScript Microsoft Edge AppleScript Microsoft Excel AppleScript Mobileconfig AppleScript Mouse AppleScript Movie AppleScript Music AppleScript NetWork AppleScript Notes AppleScript NSArray AppleScript NSBitmapImageRep AppleScript NSBundle AppleScript NSCFBoolean AppleScript NSCharacterSet AppleScript NSColor AppleScript NSColorList AppleScript NSData AppleScript NSDictionary AppleScript NSError AppleScript NSEvent AppleScript NSFileAttributes AppleScript NSFileManager AppleScript NSFont AppleScript NSFontManager AppleScript NSImage AppleScript NSIndex AppleScript NSKeyedArchiver AppleScript NSKeyedUnarchiver AppleScript NSLocale AppleScript NSMutableArray AppleScript NSMutableDictionary AppleScript NSMutableString AppleScript NSNotFound AppleScript NSNumber AppleScript NSOpenPanel AppleScript NSPasteboard AppleScript NSPDFImageRep AppleScript NSpoint AppleScript NSPredicate AppleScript NSRange AppleScript NSRegularExpression AppleScript NSRunningApplication AppleScript NSScreen AppleScript NSSize AppleScript NSString AppleScript NSStringCompareOptions AppleScript NSTask AppleScript NSTimeZone AppleScript NSURL AppleScript NSURL File AppleScript NSURLBookmark AppleScript NSURLComponents AppleScript NSURLResourceKey AppleScript NSUserDefaults AppleScript NSUUID AppleScript NSView AppleScript NSWorkspace AppleScript Numbers AppleScript OAuth AppleScript ObjC AppleScript OneDrive AppleScript Osax AppleScript PDF AppleScript PDFAnnotationWidget AppleScript PDFContext AppleScript PDFDisplayBox AppleScript PDFDocumentPermissions AppleScript PDFKit AppleScript PDFnUP AppleScript PDFOutline AppleScript Photos AppleScript Photoshop AppleScript Plist System Events AppleScript PostScript AppleScript prefPane AppleScript Preview AppleScript Python AppleScript QR AppleScript QR Decode AppleScript QuickLook AppleScript QuickTime AppleScript record AppleScript Regular Expression AppleScript Reminders AppleScript ReName AppleScript Repeat AppleScript RTF AppleScript Safari AppleScript SaveFile AppleScript ScreenCapture AppleScript ScreenSaver AppleScript Script Editor AppleScript Script Menu AppleScript Shortcuts AppleScript Shortcuts Events AppleScript Sort AppleScript Sound AppleScript Spotlight AppleScript SRT AppleScript StandardAdditions AppleScript stringByApplyingTransform AppleScript System Events AppleScript System Settings AppleScript TemporaryItems AppleScript Terminal AppleScript Text AppleScript Text CSV AppleScript Text TSV AppleScript TextEdit AppleScript Translate AppleScript Trash AppleScript Twitter AppleScript UI AppleScript Unit Conversion AppleScript UTType AppleScript valueForKeyPath AppleScript Video AppleScript VisionKit AppleScript Visual Studio Code AppleScript webarchive AppleScript webp AppleScript Wifi AppleScript XML AppleScript XML EPUB AppleScript XML OPML AppleScript XML Plist AppleScript XML RSS AppleScript XML SVG AppleScript XML TTML AppleScript XML webloc AppleScript YouTube AppleScript Zero Suppress Applications Barcode OnLine Tools CityCode Design iPhone List Logs lsappinfo Memo Music perl PlistBuddy pluginkit postalcode ReadMe SF Symbols character id SF Symbols Entity sips Skype Slack sqlite TCC Tools Typography Video Wacom zoom