Directory Service command line utility
Create, read, and manage Directory Service data. If invoked without any commands, dscl runs in an interactive mode, reading commands from standard input. Interactive processing is terminated by the quit command. (dscl and the GUI 'Directory utility' replace the older 'NetInfo Manager')
inside the NetInfo /users Directory are a bunch of other Directories corresponding to all the users on the machine — human accounts (like my own and the one I’ll be deleting), but also system “users” like daemon, mysql, nobody, root, and www. In fact, here’s a command to give us a list of all the users on the machine:
dscl . list /users
Breaking it down: there’s dscl, a period “.” representing the local machine, the list command, and then the directory we want a listing of. This is also the basic syntax we’ll be dealing with throughout our exercise.
So, I run that on my remote machine and get a long list of users, including the about-to-be-deleted George. To see what NetInfo has to say about good old Georgie:
dscl . read /users/george
Pretty much the same idea as before, except we’re using the read command rather than list. Using the Finder as an analogy, list is like viewing a list of text files in a folder, and read is like viewing the contents of one of those files.
Here’s some (though not all) of what I got in response to my read request:
AppleMetaNodeLocation: /NetInfo/DefaultLocalNode
AuthenticationAuthority: ;ShadowHash;
NFSHomeDirectory: /Users/george
Password: *
PrimaryGroupID: 530
RealName: George Costanza
RecordName: george
UniqueID: 530
This can get overwhelming with all kinds of unfamiliar text flying by, so it can be useful to focus in on one value, e.g. where their home folder is. We find that out by examining NFSHomeDirectory, which is a users Property. Other such Properties include PrimaryGroupID, RealName, UniqueID, and the rest of /users/george.
Much like a variable in algebra, a Property has a corresponding Value. To ask for George’s home directory only, we use:
dscl . read /users/george NFSHomeDirectory
Which returns this line:
NFSHomeDirectory: /Users/george
So, for the Property NFSHomeDirectory the Value is /Users/george
Again, to keep it straight, that’s the /Users/george home folder in the Finder.
Now I have George in my sights, and I’m almost ready to get rid of him. But first, let’s deal with the groups he’s a member of. Similarly to getting a list of users on the local machine, we can do the same thing for groups:
dscl . list /groups
Long list there, but it includes the two groups I need to deal with. I happen to know that George is in only two groups: handmodels and george (a user is by default a member of a group with the same name).
Just for our edification, let’s get a list of the users in handmodels. We can do this by zeroing in on one Property like we did above, GroupMembership:
dscl . read /groups/handmodels GroupMembership
This returns:
GroupMembership: grady mia ramon mike george
A-ha! There he is, along with a few other folks. To kick him out of there, I’ll need to use sudo because you need admin access to make this kind of change to the database:
sudo dscl . delete /groups/handmodels GroupMembership george
A password prompt appears. Enter the admin password, hit Return, and George is gone from handmodels. Let’s just make sure:
dscl . read /groups/handmodels GroupMembership
And we get back:
GroupMembership: grady mia ramon mike
If George were HAL, he would be feeling his mind going right about now.
Getting rid of the george group is handled a bit differently since it’s a whole Directory and not the Value of a Property. To delete his group completely:
sudo dscl . delete /groups/george
And that’s it for George’s groups. George/HAL is singing “Bicycle Built For Two.”
For safety’s sake, please note the similarity between this last command and the one above that deleted his name from handmodels. Imagine how easy it could be to really screw things up by deleting something accidentally. Have you backed up lately?
dscl . -list /groups GroupMembership
It will give you all the groups with their members in a second column, you can then try to grep...
There is something I'd like to add, don't forget to delete the password files in /var/db/shadow/hash
Reference : http://www.oreillynet.com/mac/blog/2006/04/deleting_mac_os_x_users_remote.html