Support Center

Re-enable a disabled user account on macOS

When you remove access to a Mac from a user in JumpCloud, JumpCloud will disable, rather than delete that user. This preserves all user account information and files, but in Mac, disabled users no longer appear at either the login screen or in Users & Groups Preferences.
 
Note:
  • You MUST be root for the below commands to function properly.
  • For any user that also had Filevault configured, they will need to also be readded to FileVault.

To list non-system user accounts (active or disabled):
# dscl . -list /Users | grep -Ev "^_|com.*|root|nobody|daemon|\/"
To determine if a specific user is disabled (Replace USERNAME with the actual username in the below commands). A null result would indicate the user is NOT disabled:
# dscl . -read /Users/USERNAME AuthenticationAuthority | grep DisabledUser
To re-enable the user manually, as root or a sudoer:
# dscl . -read /Users/USERNAME AuthenticationAuthority | sed 's/AuthenticationAuthority: //;s/DisabledUser//g;s/[; ]*$//' | xargs dscl . -create /Users/USERNAME AuthenticationAuthority
# chsh -s ​/bin/bash USERNAME
Note: chsh can be used to set a different default shell rather than bash. It needs only to not be set to /usr/bin/false. Once complete, the disabled user should reappear in both the login screen and Users & Groups Preferences.
 
 

Last Updated: Sep 26, 2018 03:53PM MDT

Related Articles
desk-forwarding@jumpcloud.com
http://assets0.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete