[X-Unix] Disable user accounts?
cheryl schneider
cheryl at themacworks.com
Sat May 21 10:37:58 PDT 2005
On May 21, 2005, at 11:59 AM, John Harrold wrote:
> Sometime in May Eric F Crist assaulted the keyboard and produced:
> | I was curious about disabling user accounts. On every other *nix
> | system I administer, I use pw to set the lock attribute, or on
> | systems without pw, I add a * to the user password field.
> Obviously,
> | vipw doesn't really apply to Mac OS X, as user accounts aren't kept
> | in the /etc/master.passwd file.
You can edit /etc/master.passwd file. You also have to configure
Directory Access to enable the 'BSD Flat File and NIS' plugin and to
include the local search path to the config. Disable other
authentication search paths. Otherwise, OS X won't look for them.
One caveat, the password in /etc/master.passwd is stored in crypt
form, not shadow hash, so it's less secure. Another thing is NetInfo
doesn't consult /etc/master.passwd making it is possible to assign
the same uid to different accounts.
> If you just want to disable the user and not delete them, you can
> probably
> find something in Applications-->Utilities-->Netinfo Manager. You
> can try
> changing their shell to /urs/bin/false.
>
> ----------------------------------------------------------
> | /"\
> john harrold | \ / ASCII ribbon campaign
> jmh at member.fsf.org | X against HTML mail
> the most useful idiot | / \
> ----------------------------------------------------------
Cheryl
--------------------------------
Cheryl Schneider
The Mac Works, Inc.
ACSA, ACN, ACT, APP
More information about the X-Unix
mailing list