How do I create user accounts from the Terminal in Mac OS X 10.11?

I would like to be able to create new users in Mac OS X 10.11 remotely after ssh'ing into the machine. On Mountain Lion, these steps were listed.

Running

dscl . -create /Users/joeadmin
dscl . -create /Users/joeadmin UserShell /bin/bash
dscl . -create /Users/joeadmin RealName "Joe Admin" 
dscl . -create /Users/joeadmin UniqueID "510"
dscl . -create /Users/joeadmin PrimaryGroupID 20
dscl . -create /Users/joeadmin NFSHomeDirectory /Users/joeadmin
dscl . -passwd /Users/joeadmin password 

dscl . -append /Groups/admin GroupMembership joeadmin

After the above, the user doesn't become admin. What next?


The documentation lacks one important step:

reboot

or

sudo reboot

After the reboot the user enjoys visible admin rights in System Preferences -> Users and Groups.

But: even without rebooting the user is admin already - it's just not visible in the PrefPane. If you login as joeadmin immediately after creating the account (e.g. fast user switching) the admin role is visible from within his account.


If you are here and your system is running anything from 10.10 and newer, the sysadminctl command is your best friend. It does a lot of magic that DSCL can't do.

Here's the output for sysadminctl:

sysadminctl[21233:29122637] Usage: sysadminctl
    -deleteUser <user name> [-secure || -keepHome]
    -newPassword <new password> -oldPassword <old password> [-passwordHint <password hint>]
    -resetPasswordFor <local user name> -newPassword <new password> [-passwordHint <password hint>]
    -addUser <user name> [-fullName <full name>] [-UID <user ID>] [-password <user password>] [-hint <user hint>] [-home <full path to home>] [-admin] [-picture <full path to user image>]

Pass '-' instead of password in commands above to request prompt.

Then you'll want to do:

sudo createhomedir -c 2>&1 | grep -v "shell-init"

To add/remove users use dseditgroup:

sudo dseditgroup -o edit -a usernametoadd -t user admin
sudo dseditgroup -o edit -a usernametoadd -t user wheel

After much testing, i have made this script to create user accounts from terminal.

LOCAL_ADMIN_FULLNAME="Joe Admin"     # The local admin user's full name
LOCAL_ADMIN_SHORTNAME="joeadmin"     # The local admin user's shortname
LOCAL_ADMIN_PASSWORD="password"      # The local admin user's password

# Create a local admin user account
sysadminctl -addUser $LOCAL_ADMIN_SHORTNAME -fullName "$LOCAL_ADMIN_FULLNAME" -password "$LOCAL_ADMIN_PASSWORD"  -admin
dscl . create /Users/$LOCAL_ADMIN_SHORTNAME IsHidden 1  # Hides the account (10.10 and above)
mv /Users/$LOCAL_ADMIN_SHORTNAME /var/$LOCAL_ADMIN_SHORTNAME # Moves the admin home folder to /var
dscl . -create /Users/$LOCAL_ADMIN_SHORTNAME NFSHomeDirectory /var/$LOCAL_ADMIN_SHORTNAME # Create new home dir attribute
dscl . -delete "/SharePoints/$LOCAL_ADMIN_FULLNAME's Public Folder" # Removes the public folder sharepoint for the local admin