Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
This script will loop through all users and use dseditgroup to check if they are a member of a given group (macOS)
#!/bin/bash
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
# checkusers
#
# written by Armin Briegel, Scripting OS X, 2018
#
# code is provided as is, with no guarantees that it will work etc.
# adapt and use as you will
#
#
#/ loops through all users to see if they are member of a group
#/
#/ usage:
#/ checkusers.sh groupname [node]
#/ - groupname: short name for the group to list users for
#/ - node: directory node path to search for user
#/ defaults to /Local/Default
#/
#/ Note: this script will loop over _every_ user in the system and use
#/ dseditgroup -o checkmember
#/ to see if the system considers this user a member of the given group
#/ in large directory server deployments this will be very slow and create
#/ a lot of traffic to the directory
usage() {
grep '^#/' "$0" | cut -c4-
exit 0
}
# first see if $1 is valid
if [[ -z $1 ]]; then
echo "needs groupname as argument"
usage
exit 1
fi
if ! dscl /Search read /Groups/"$1" 1>/dev/null ; then
echo "no group named $1"
usage
exit 1
fi
node=${2:-"/Local/Default"}
for u in $(dscl "$node" list /Users ); do
if dseditgroup -o checkmember -m "$u" "$1" 1>/dev/null ; then
echo "$u"
fi
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.