bobwillsturkeytx

Q: Command line delete a user from a group

Using a command line/Terminal, how can I delete a user from a group?  Thanks!

OS X Mavericks (10.9.1)

Posted on Mar 13, 2014 3:00 PM

Close

Q: Command line delete a user from a group

  • All replies
  • Helpful answers

  • by baltwo,

    baltwo baltwo Mar 13, 2014 3:36 PM in response to bobwillsturkeytx
    Level 9 (62,256 points)
    Mar 13, 2014 3:36 PM in response to bobwillsturkeytx

    Just a WAG, but something like this should do the trick, with the proper substitutions for the quoted entries:

    sudo dscl . -delete /Groups/"group name" GroupMembership "username"

    E.g., to remove fred from admin group:

    sudo dscl . -delete /Groups/admin GroupMembership fred

  • by bobwillsturkeytx,

    bobwillsturkeytx bobwillsturkeytx Mar 15, 2014 5:33 PM in response to baltwo
    Level 1 (0 points)
    Mar 15, 2014 5:33 PM in response to baltwo

    Howdy. Thanks for your answer. Here is what I have when I try:

     

     

    administrator$  id -nG wills.bob

    504 everyone localaccounts com.apple.sharepoint.group.5 com.apple.sharepoint.group.4 com.apple.sharepoint.group.2 _lpoperator com.apple.sharepoint.group.6 com.apple.sharepoint.group.1 com.apple.access_loginwindow com.apple.sharepoint.group.3

     

     

    administrator$  sudo dscl . -delete  /Groups/com.apple.sharepoint.group.6  wills.bob

     

    administrator$  sudo dseditgroup -o  checkmember -m wills.bob com.apple.sharepoint.group.6

       yes wills.bob is a member of com.apple.sharepoint.group.6

     

    Questions: Why did it not work? How can I get a member deleted/removed from a group?

  • by bobwillsturkeytx,

    bobwillsturkeytx bobwillsturkeytx Mar 15, 2014 8:25 PM in response to Bill Scott
    Level 1 (0 points)
    Mar 15, 2014 8:25 PM in response to Bill Scott

    Howdy Bill. Thanks for the script. I called it "Mac-DeleteUser.sh" and I ran it and here's what I got:

     

    administrator$   sudo zsh ./Mac-DeleteUser.sh  com.apple.sharepoint.group.6  wills.bob

    ./Mac-DeleteUser.sh:54: command not found: nireport

    ./Mac-DeleteUser.sh:57: command not found: nifind

    ./Mac-DeleteUser.sh:59: command not found: nireport

    ./Mac-DeleteUser.sh:61: command not found: nireport

     

    Group com.apple.sharepoint.group.6 does not exist 


     

    administrator$  sudo dseditgroup -o  checkmember -m wills.bob com.apple.sharepoint.group.6

     

    yes wills.bob is a member of com.apple.sharepoint.group.6

     

    administrator$ id -nG wills.bob

     

    504 everyone localaccounts com.apple.sharepoint.group.5 com.apple.sharepoint.group.4 com.apple.sharepoint.group.2 _lpoperator com.apple.sharepoint.group.6 com.apple.sharepoint.group.1 com.apple.access_loginwindow com.apple.sharepoint.group.3

     

    I still have "wills.bob" as a member in these groups!!!  Bummer. It appears to be having a problem with "nireport" and "nifind".  BTW: I'm running MAC 10.9.1 (Maverick). I wonder if that is the problem here. I just need to find a way to completely delete any user from the system when needed.

  • by bobwillsturkeytx,Solvedanswer

    bobwillsturkeytx bobwillsturkeytx Mar 16, 2014 9:31 AM in response to bobwillsturkeytx
    Level 1 (0 points)
    Mar 16, 2014 9:31 AM in response to bobwillsturkeytx

    Howdy All.  I had a duh-huh moment here. And, I think I know why. But it appears I have resolved this issue.

     

    When using the System Preferences GUI, and going to the "Users & Groups" area, if you add a user it puts the new user's home directory in the "/Users" directory. It is unfortunate that you cannot change the user's home directory before creating the new user!!! After creating this new user, you must "right click" on the new user's name(located on the left side of the "Users & Groups panel") to get "Advanced Options" where you can change this new user's home directory to some other location. I needed to do this because this mini-tower will only be used as a internal web server and no user except the administrator will ever use this computer as a desktop! The users will only have "ftp" access to practice building web pages and only need to "ftp" their web pages onto the web server to see their work.

     

    But, when you change the user's home directory to another location MAC does not move their directory folder to the new location! As a result, the user's named directory is still located in the "/Users" directory. And you must create a new folder at the new location for the user to use. In this case I then did these;

    "sudo mkdir /opt/local/apache2/htdocs/wills.bob"  ,

    "sudo chown wills.bob /opt/local/apache2/htdocs/wills.bob" ,

    "sudo chgrp Students /opt/local/apache2/htdocs/wills.bob" ,

    "sudo chmod 0755 /opt/local/apache2/htdocs/wills.bob"

    and I still need to add an "index.html" inside of "wills.bob" for him to have and "ftp" access into. And of course it needs a change of ownership, group, and file permissions to match.

     

    Trying to remove this user/Student(wills.bob) became the issue that caused the problem. I first used the "Users & Groups" GUI to remove the student. Here is part of the problem. The "GUI" does not remove the user from the location of "/Users", nor does it remove it from here, "/opt/local/apache2/htdocs/" perhaps because of the relocation this user's home directory. I left the computer on overnight because of an overnight update. The next morning I was finding this user was still a member of many groups using the command, "sudo id -nG wills.bob", and I could not delete this user using the processes talked about in the above discussions! When I issued the command, "sudo dscl . list /Users" I found the user was still there!!! When I looked back in the "Users & Group" GUI was I surprised to find this user/Student(wills.bob) was there once again!!! It appears that MAC, during the overnight update, reinstalled this user back into the "Users & Groups" GUI !!!

     

    I confirmed it with this: "sudo dscl . list /Users" . He was there. In seeing this, I issued the command, "sudo dscl . delete /Users/wills.bob" .  Then I checked it again with this, "dscl . list /Users" and found my user/Student(wills.bob) was gone. After this, I issued this command to see if this user(wills.bob) was in any groups: "sudo id -nG wills.bob" and got this reply -> "id: wills.bob: no such user"  YEEHAW!!!

     

    Just in case, I looked in the "/Users" directory by issuing this command: "cd /" and then "ls -al". I found the user/Student(wills.bob) was still there!!! So I issued a new command, "sudo rm -rf wills.bob" .  Then followed with this command to check and see if it worked: "ls -al" and this user(wills.bob) was gone!  I also then needed to issue a command to remove this user from the apache2 location with this command: "sudo rm -rf /opt/local/apache2/htdocs/wills.bob" and of course followed up to make sure with this , "ls -al /opt/local/apache2/htdocs" .  ALL is good now!!!

     

    What a pain of discovery here!!!  Now I know I will make a script to add new users/Students and another to remove/delete them. I don't trust the "Users & Groups" GUI for this operation because this set-up is different than most uses.    I.E. I only want to install "ftp" users with no desktop usage and remove them as needed.

     

    Thanks for everyone's help!

  • by baltwo,

    baltwo baltwo Mar 16, 2014 3:13 PM in response to bobwillsturkeytx
    Level 9 (62,256 points)
    Mar 16, 2014 3:13 PM in response to bobwillsturkeytx

    thumbsup.gifGlad you sorted things out.

  • by baltwo,

    baltwo baltwo Mar 16, 2014 3:14 PM in response to Bill Scott
    Level 9 (62,256 points)
    Mar 16, 2014 3:14 PM in response to Bill Scott

    That script uses the same command:

     

    dscl . delete /groups/$group users $user

     

    so there's something else going on and the OP identified it.