Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
This script will loop through all users and use dseditgroup to check if they are a member of a given group (macOS)
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
# checkusers
# written by Armin Briegel, Scripting OS X, 2018
# code is provided as is, with no guarantees that it will work etc.
# adapt and use as you will
#/ loops through all users to see if they are member of a group
#/ usage:
#/ groupname [node]
#/ - groupname: short name for the group to list users for
#/ - node: directory node path to search for user
#/ defaults to /Local/Default
#/ Note: this script will loop over _every_ user in the system and use
#/ dseditgroup -o checkmember
#/ to see if the system considers this user a member of the given group
#/ in large directory server deployments this will be very slow and create
#/ a lot of traffic to the directory
usage() {
grep '^#/' "$0" | cut -c4-
exit 0
# first see if $1 is valid
if [[ -z $1 ]]; then
echo "needs groupname as argument"
exit 1
if ! dscl /Search read /Groups/"$1" 1>/dev/null ; then
echo "no group named $1"
exit 1
for u in $(dscl "$node" list /Users ); do
if dseditgroup -o checkmember -m "$u" "$1" 1>/dev/null ; then
echo "$u"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.