Apple - How do I create user accounts from the Terminal in Mac OS X 10.11?
If you are here and your system is running anything from 10.10 and newer, the sysadminctl command is your best friend. It does a lot of magic that DSCL can't do.
Here's the output for sysadminctl:
sysadminctl[21233:29122637] Usage: sysadminctl
-deleteUser <user name> [-secure || -keepHome]
-newPassword <new password> -oldPassword <old password> [-passwordHint <password hint>]
-resetPasswordFor <local user name> -newPassword <new password> [-passwordHint <password hint>]
-addUser <user name> [-fullName <full name>] [-UID <user ID>] [-password <user password>] [-hint <user hint>] [-home <full path to home>] [-admin] [-picture <full path to user image>]
Pass '-' instead of password in commands above to request prompt.
Then you'll want to do:
sudo createhomedir -c 2>&1 | grep -v "shell-init"
To add/remove users use dseditgroup:
sudo dseditgroup -o edit -a usernametoadd -t user admin
sudo dseditgroup -o edit -a usernametoadd -t user wheel
The documentation lacks one important step:
reboot
or
sudo reboot
After the reboot the user enjoys visible admin rights in System Preferences -> Users and Groups.
But: even without rebooting the user is admin already - it's just not visible in the PrefPane. If you login as joeadmin immediately after creating the account (e.g. fast user switching) the admin role is visible from within his account.
After much testing, i have made this script to create user accounts from terminal.
LOCAL_ADMIN_FULLNAME="Joe Admin" # The local admin user's full name
LOCAL_ADMIN_SHORTNAME="joeadmin" # The local admin user's shortname
LOCAL_ADMIN_PASSWORD="password" # The local admin user's password
# Create a local admin user account
sysadminctl -addUser $LOCAL_ADMIN_SHORTNAME -fullName "$LOCAL_ADMIN_FULLNAME" -password "$LOCAL_ADMIN_PASSWORD" -admin
dscl . create /Users/$LOCAL_ADMIN_SHORTNAME IsHidden 1 # Hides the account (10.10 and above)
mv /Users/$LOCAL_ADMIN_SHORTNAME /var/$LOCAL_ADMIN_SHORTNAME # Moves the admin home folder to /var
dscl . -create /Users/$LOCAL_ADMIN_SHORTNAME NFSHomeDirectory /var/$LOCAL_ADMIN_SHORTNAME # Create new home dir attribute
dscl . -delete "/SharePoints/$LOCAL_ADMIN_FULLNAME's Public Folder" # Removes the public folder sharepoint for the local admin