Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Report if any macOS user accounts with admin privileges exist.
# list all users with UIDs above 501
usersList=$( /usr/bin/dscl . -list /Users uid | /usr/bin/awk '$2 >= 501 { print $1 }' )
# test for admin
while IFS= read aUser
/usr/sbin/dseditgroup -o checkmember -u "$aUser" admin 1>/dev/null
if [[ $? = "0" ]] ; then
echo "<result>Yes</result>"
exit 0
done <<< "$usersList"
echo "<result>No</result>"
exit 0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment