User Manager is a supplement to the Accounts pane in the Mac OS X System Preferences, designed for use with small home networks. User Manager is targeted at "power users" who desire full control over user and group attributes, without the need to resort to using the NetInfo Manager.
With it, you can create, edit, or delete users and groups in any Open Directory node (e.g. a NetInfo domain). The interface allows you to edit nearly all record attributes, including UID, GID, login shell, and home directory. You can also manage Unix group memberships using its drag-and-drop user- and group-centric interfaces.
User Manager is primarily intended for use with small home networks, where the enterprise-grade strength of Mac OS X Server is not needed. It is not intended to handle thousands of users or replace the Server Manager application found in Mac OS X Server. Specifically, it does not support editing "managed client" (MCX) attributes, a la the Limitations tab in the Accounts system preference pane, as Apple does not publish these APIs.
Each of the following images is around 130-230kb: [1] [2] [3] [4] [5]
User Manager is currently under development. You can download the latest build below. You can report bugs and track the status of the project at the following URL:
Compatibility Note: User Manager 0.2.3 and above is designed for use with Mac OS X 10.4 (Tiger) and is not supported for use with Mac OS X 10.3 (Panther). User Manager 0.2.3 is designed for use with Mac OS 10.3+. Previous versions of User Manager are not compatible with 10.3+, nor is User Manager 0.2.x compatible with Mac OS versions 10.0-10.2.
User Manager is open source software. You can download the latest source code from the Subversion repository at the following URL:
The Subversion repository can be accessed by any
WebDAV client.
NOTE: The source code for the 0.2.x release is on the STABLE_0.2 branch.
Contributions are welcome and encouraged. Patches may be submitted in the unified diff format. Write access to the repository will be granted on a case-by-case basis.
This software is licensed to you under the BSD-style license found here. Please read it before downloading the software.
If you would like to report a bug or request a new feature, please proceed to the following URL, after first checking the list of known issues and unimplemented features:
Download User Manager.
|
0.2.3
(Tangerine)
Mac OS X 10.4.x
|
Released on July 8, 2007.
- New Features
- Universal binary. Note: This has not yet been tested on Intel. Please report any issues you find.
- Updated Help for proper display on OS X 10.4.
- Minor updates to Help content.
- Added initial support for undo. Note: This is work in progress and may not work as expected in all cases.
- Unimplemented Features
- Known Issues
- Same as version 0.2.2, except where noted.
- Undo support is not fully implemented.
- Requires OS X 10.4. Use on OS X 10.3 is not supported. For OS X 10.3, use version 0.2.2.
|
|
0.2.2
(Plum)
Mac OS X 10.3.x
|
Released on September 12, 2004.
- New Features
- Added initial on-line help.
- "Verify Password" field now works.
- Added preference for default group ID of new users.
- UI improvements:
- Added ability to set user picture. Images are taken from /Library/User Pictures/
- Added field for setting primary group ID directly.
- Selected tab in user/group atttributes display is now preserved accross application restarts.
- Main window now has a close box. The application will exit when the main window is closed.
- Added File > Authenticate to Node... item & keyboard shortcut that has the same behavior as the lock button.
- Directory node chooser dialog now only shows nodes that can actually be opened.
- Error dialogs are now displayed when Save or Delete fails.
- Improved validity checking of Unix user names and passwords.
- Removed the ability to disable the record deletion warning sheet from the preferences setting for warning sheets. The preference setting now applies only to warnings about unsaved changes. This should make it a little less useless.
- Groups are now updated when Unix name (short name) is changed. Changes to groups must be saved separately, however. Normally, you should avoid changing the Unix user name.
- Fixes numerous problems from 0.2.1 (see notes for 0.2.1).
- Unimplemented Features
- Known Issues
- The program doesn't work with NetInfo nodes that have no /users or /groups directories. Console will show "Directory Services Error: Requested record was not found."
- You may not be able to make modifications to a new user/group record until you save it once. Console will show "Directory Services Error: Specified reference is invalid." Attempting to set the short name of a new, unsaved user record will also trigger this problem; when this happens, it is necessary to restart the program to recover.
- I have experienced an application (not system) lock-up problem on my development machine, typically associated with error dialogs. I can't reproduce it reliably; I believe it is a problem with my system, not the application. Let me know if you see the problem.
- The View > Hide System Accounts/Groups menu items perform a reload, causing unsaved edits to be lost. A warning sheet is not displayed.
- Authentication Authority is not updated if password is not changed (non-local accounts only?)
- Changes to a group's member list are not always immediately reflected in the currently selected record under the Users tab. This can be worked around by selecting a different user record temporarily, then re-selecting the original record.
- Current record selection is lost on a reload, even if the record is still in the table (this is currently disabled, to avoid another problem).
- No warning is given if you change a User/Group ID. This does not change the ownership of files in the file system, and you may lose access to your files by doing this. As with everything the application lets you do, don't change a UID/GID unless you know what you're doing.
- Doesn't display user's full name in group memberships table.
- Group memberships table is not sortable.
- The OS only allows "Shadow Hash" passwords for local users, but the UI doesn't prevent a user from selecting Crypt.
- Online help is not complete.
- The response time for the File > Change Directory Node... menu item is now a few seconds slower. This is because making the determination of which directory nodes can be opened takes some time. Be patient. I'll let you know if I figure out a way to speed this up.
- Multiple user/group selection was not working properly and has been disabled until it is fixed.
|
|
0.2.1
(Banana-2)
Mac OS X 10.3.x
|
Released on February 10, 2004.
- Known Issues
- Same as version 0.2.0, except where noted.
- New Features
- None. Fixes default preferences issues found with version 0.2.0.
- Unimplemented Features
|
|
0.2.0
(Banana)
Mac OS X 10.3.x
|
Released on February 9, 2004.
- Known Issues
- Don't Show Warnings preference is enabled by default. The first thing you should do is uncheck this box in the preferences. Having this box checked is very dangerous, because it means user/group deletions are immediate. [this is unchecked by default in version 0.2.1]
- Password is clobbered if not changed at same time as Authentication Authority. [fixed in 0.2.2]
- Authentication Authority is not updated if password is not changed.
- The program allows you to authenticate using an account that does not have Administrator privileges, even though it is not possible to make changes to the directory when you do this (you'll see an error dialogue: "Directory Services Error: Permission error occurred.").
- Password Verify field is not checked. [fixed in 0.2.2]
- No warning is given if you change a User/Group ID. This does not change the ownership of files in the file system, and you may lose access to your files by doing this. As with everything the application lets you do, don't change a UID/GID unless you know what you're doing.
- User/group IDs for new records always start at 1000, each time the program is started. Workaround: You must manually set the ID to ensure that it does not conflict with existing an existing user/group. In a future release, the program will determine the next available ID automatically. [fixed in 0.2.2]
- Changes may not be available immediately to the Unix layer. You should run "lookupd -flushcache" from the Terminal to be sure. [fixed in 0.2.2]
- Username changes are not reflected in group member lists. [fixed in 0.2.2]
- The "Allow user to administer this computer" checkbox under the Groups tab adds/removes the user to/from the "admin" group, but the group memberships list above it is not updated until the user record is de-selected and re-selected. [fixed in 0.2.2]
- Revert/save buttons do not always update (enable) after modifications are made to a record without changing the record selection. [bogus issue?? I haven't been able to reproduce this. Let me know if you see the problem.]
- Doesn't display user's full name in group memberships table.
- User picture cannot be set. [fixed in 0.2.2]
- Group memberships table is not sortable.
- The OS only allows "Shadow Hash" passwords for local users, but the UI doesn't prevent a user from selecting Crypt.
- User/group IDs for new records may not be unique (probably are not). [In 0.2.2 the ID is unique within the directory domain, but possibly not within the parent domain(s). This is an administrative issue that the tool can't address completely.]
- Setting primary group doesn't remove user from the group's members list (it should). [fixed in 0.2.2]
- Changing a user's primary group doesn't preserve the user's membership in that group (it should). [fixed in 0.2.2]
- Failure to create/delete user/group doesn't display error message. [fixed in 0.2.2]
- There is currently no field for setting the primary group ID directly. [fixed in 0.2.2]
- There is no note stating that primary group can't be deleted from a user's groups list (it can't be, and it shouldn't be). [fixed in 0.2.2]
- Current record selection is lost on a reload, even if the record is still in the table (this is currently disabled, to avoid another problem).
- View menu item states are not correct until you explicitly set them the first time. [Fixed in 0.2.1].
- Occasionally, at startup, the summary view will be not display properly. Resizing the window fixes the problem. [Bogus issue?? I have not observed this problem recently. It may have been due to a problem with my system. Let me know if you see the problem.]
- New Features
- Rewritten for Mac OS X 10.3.x.
- New user interface inspired by Mac OS X Server's Server Manager.
- Group editing.
- Drag & Drop group membership management (via drawers).
- Warning sheets for (most?) operations that can cause lost edits. Preference to disable warnings [IMPORTANT: Default setting is dangerous (Disabled). See Known Problems above.]
- Unimplemented Features
- Save/revert with a multiple selection.
- Create home directory for new users.
- Delete or archive home directory for deleted users.
- Kill running processes belonging to deleted users.
|
0.1.0
(Mint)
Mac OS X 10.2.x
|
Released on June 20, 2003.
- Known Issues
- Does not work with Mac OS X 10.3.x. Use version 0.2.0 (not yet released).
- Does not work with Mac OS X 10.1.x. Use version 0.0.3.
- Doesn't check that password matches "verify" field
- User names are not checked for validity.
- When creating a new user, the next free user ID is not always chosen correctly.
- Cannot Create/Edit Groups (Group editor is not functional).
- User editor doesn't provide access to Windows login functionality.
- The network directory editing functionality has only been tested with NetInfo.
- New Features
- Rewritten for Mac OS X 10.2.x.
- Preferences for hidden system users & groups, default Users directory & login shell.
- Login shells now read from /etc/shells.
- User picture functionality is now identical to that of System Preferences.
- Delete groups (can create a new group but cannot change its name, currently)
- Manage users in network directory nodes (e.g. NetInfo, LDAP)
- Show/Hide system accounts in users list
- Unimplemented Features
- Edit Group not implemented
- Doesn't allow changing primary group ID (new users get default of 20/staff)
- Doesn't create home directory for new users
- Doesn't delete home directory for deleted users
- Doesn't edit finger(1) information
|
|
0.0.3
Mac OS X 10.1.x
|
Released on November 5, 2001.
- Known Issues
- Does not work with Mac OS X 10.2 !
- Must authenticate as 'root' for NetInfo updates to succeed
- Drag/Drop login picture from Finder doesn't work
- Gratuitous debug output is sent to the console
- Doesn't check that password matches "verify" field
- User names are not checked for validity.
- Features
- Create/Edit/Delete users (including system accounts)
- Edit the following user properties:
- Real name
- Login picture
- Admin status
- Password
- Password hint
- Auxiliary group memberships
- Home directory
- Login shell
- Manage users in non-local NetInfo domains
- Show/Hide system accounts in users list
- Unimplemented Features
- New/Edit/Delete Group not implemented
- Doesn't allow changing primary group ID (new users get default of 20/staff)
- Doesn't create home directory for new users
- Doesn't delete home directory for deleted users
- Doesn't read /etc/shells for valid login shells
- Doesn't edit finger(1) information
|
![[1]](images/user.png){kind=link}
![[2]](images/memberships.png){kind=link}
![[3]](images/pass.png){kind=link}
![[4]](images/summary.png){kind=link}
![[5]](images/prefs.png){kind=link}