List of all users and groups

Question

I'm trying to get a list of all users and all groups on Mac OS X 10.5+. How can I do this?

For example, the list of all users on my machine should return: _amavisd, _appowner, _appserver, _ard, _atsserver, _calendar, _carddav, _clamav, _coreaudiod, _cvmsroot, _cvs, _cyrus, _devdocs, _dovecot, _eppc, _installer, _jabber, _lda, _locationd, _lp, _mailman, _mcxalr, _mdnsresponder, _mysql, _pcastagent, _pcastserver, _postfix, _qtss, _sandbox, _screensaver, _securityagent, _serialnumberd, _softwareupdate, _spotlight, _sshd, _svn, _teamsserver, _timezone, _tokend, _trustevaluationagent, _unknown, _update_sharing, _usbmuxd, _uucp, _windowserver, _www, _xgridagent, _xgridcontroller, daemon, dave, nobody, root (that was painstakingly compiled manually).

How can I get that list (and the corresponding list of all groups) programmatically? I'm open to alternative (non-c based) solutions, such as Applescript, commandline, etc.

---

Update a long time later

TALlama's answer prompted me to investigate the API to Open Directory, and I found that this list can be easily acquired programmatically:

#import <OpenDirectory/OpenDirectory.h>
ODSession *s = [ODSession defaultSession];
ODNode *root = [ODNode nodeWithSession:s name:@"/Local/Default" error:nil];
ODQuery *q = [ODQuery queryWithNode:root forRecordTypes:kODRecordTypeUsers attribute:nil matchType:0 queryValues:nil returnAttributes:nil maximumResults:0 error:nil];

NSArray *results = [q resultsAllowingPartial:NO error:nil];
for (ODRecord *r in results) {
    NSLog(@"%@", [r recordName]);
}

That will log the usernames of every user on the system. Substituting in kODRecordTypeGroups will get you the list of all the groups.

The -[ODQuery resultsAllowingPartial:error:] method is a blocking call, so you'd either want to execute this code on a background thread, or use an <ODQueryDelegate> to aggregate the results.

Answer 1

The tool you want is almost certainly dscl. The shortest way to do it was already pointed out:

$ dscl . list /users
$ dscl . list /groups

If you want to output information about each user, though, use readall:

$ dscl . readall /users
$ dscl . readall /groups

And if you need to programatically parse said information, use -plist to make your life easier:

$ dscl -plist . readall /users
$ dscl -plist . readall /groups

Answer 2

Open Directory approach (from: http://rickcogley.blogspot.com/2008/11/listing-open-directory-users-on-os-x.html):

dscacheutil -q user
dscacheutil -q group

Take each line from the respective output that starts with "name:" strip off the "name:" and you have your list. If you do not have dscacheutil, you can use the manual commands:

root# dscl localhost list /Local/Default/Users
root# dscl localhost list /LDAPv3/127.0.0.1/Users

Old school approach for before Open Directory....(sigh): For list of users:

• Grab the /etc/passwd file from the system.
• Split it out by lines
• Split out each line based on ":"
• Take the first symbol for each line

For list of groups:

• Grab the /etc/group file from the system.
• Split it out by lines
• Split out each line based on ":"
• Take the first symbol for each line

Answer 3

Non-garbbled/no-tempfile commands:

# dscl . list /users
# dscl . list /groups

Answer 4

check out, for example, dsexport.

Here are some examples:

dsexport /tmp/export.out /Local/Default dsRecTypeStandard:Groups

dsexport /tmp/export.out /Local/Default dsRecTypeStandard:Users

the outputs are a bit rubbish, but something like sed could clean them up for you.

Answer 5

Back in the old days, we'd do this trivially with the NetInfo Kit, but today there's no tidy Objective-C way to do it. You'll have to dig in to the OpenDirectory API.