Instantly share code, notes, and snippets.

Embed
What would you like to do?
This script will loop through all users and use dseditgroup to check if they are a member of a given group (macOS)
#!/bin/bash
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
# checkusers
#
# written by Armin Briegel, Scripting OS X, 2018
#
# code is provided as is, with no guarantees that it will work etc.
# adapt and use as you will
#
#
#/ loops through all users to see if they are member of a group
#/
#/ usage:
#/ checkusers.sh groupname [node]
#/ - groupname: short name for the group to list users for
#/ - node: directory node path to search for user
#/ defaults to /Local/Default
#/
#/ Note: this script will loop over _every_ user in the system and use
#/ dseditgroup -o checkmember
#/ to see if the system considers this user a member of the given group
#/ in large directory server deployments this will be very slow and create
#/ a lot of traffic to the directory
usage() {
grep '^#/' "$0" | cut -c4-
exit 0
}
# first see if $1 is valid
if [[ -z $1 ]]; then
echo "needs groupname as argument"
usage
exit 1
fi
if ! dscl /Search read /Groups/"$1" 1>/dev/null ; then
echo "no group named $1"
usage
exit 1
fi
node=${2:-"/Local/Default"}
for u in $(dscl "$node" list /Users ); do
if dseditgroup -o checkmember -m "$u" "$1" 1>/dev/null ; then
echo "$u"
fi
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment