How to create a 'Sharing Only' account via terminal in OS X?

Solution 1:

Based on bispymusic's answer to a previous question:

#!/bin/sh

dscl . create /Users/sharinguser    # use whatever account name you want
dscl . create /Users/sharinguser RealName "Sharing-only Account"
dscl . create /Users/sharinguser hint "Password Hint"
dscl . create /Users/sharinguser picture "/Path/To/Picture.png"
dscl . passwd /Users/sharinguser thisistheaccountpassword
dscl . create /Users/sharinguser UniqueID 550    # Pick something unique
dscl . create /Users/sharinguser PrimaryGroupID 20    # Staff group
dscl . create /Users/sharinguser UserShell /usr/bin/false    # No shell access allowed!
dscl . create /Users/sharinguser NFSHomeDirectory /dev/null    # No home directory!

As with the script it's based on, you'll either need to run it with sudo, or prefix each dscl command with sudo. Be sure to adjust the account name, RealName, password, and UniqueID (and probably the hint and picture). Note that the critical attributes to make this a sharing-only account are the UserShell and NFSHomeDirectory attributes -- leave these as I have them.

It's a bit confusing that all of the lines refer to /Users/sharinguser (or whatever account name you choose) despite this not existing in the filesystem -- this is because it doesn't refer to a file path, but to the path to a record in OS X's directory service. The filesystem and OS X directory services both use the same path notation, but actually have very little to do with each other. Thus, the home directory path can be set to /dev/null while the account's path directory service stays normal.