UIDs on MacOS (and MacOS learning more generally)

Mac
#1

Can anyone point me to a good guide on explaining user IDs on macOS. I know you never want to assign the same UID as a user, but I’d like to get an explanation of how UIDs are assigned by the system and when we go trough the GUI user creation process. I’ll be attempting to create some users via command line and put them into pkgs for creation on other systems and I have to set the the option for UID, but I want to know how UIDs are created so the UID I choose is a reasonable one.

That said, I’m kind of tired of trying to google individual items. It was fine as a hobbyist, but now that this is my job, the lack of formal training is really becoming a problem. I’d like to locate some kind of course or textbook or systemic training regimen to go through so that my overall ability to troubleshoot and deploy in a timely manner increases.

…I’m a social studies teacher who, with no formal training in IT, no certifications, and only volunteer and hobbyist experience, has become the “mac person” in an ICT department in a component of the biggest bureaucracy on Earth.

HALP.

#2

It seems to me that macOS follows the UNIX method of UIDs above 500 are for user accounts. When creating a new user, the next available UID above 500 is selected for the new user account (‘useradd’ does this on Linux systems on the CLI and GUI methods do the same thing).

Does the UID need to be the same for each account on each system? Otherwise, a way of choosing the next available UID in bash is …

newuid=$((`dscl . -list /Users UniqueID | awk '{ print $2 }' | sort -n | tail -1`+1))
1 Like
#3

Mac OSX assigns user accounts from 501 onwards.
Ubuntu assigns 1001 onwards.
Must be something in the core of the OS I guess. - I had a look at all the OSX and Unix books I have but no mention of why this is the way its done. - So no help for your original question.

I know that if you have an external drive with permissions assigned to the 501 user say on your Mac, and it gets connected to another Mac then the 501 user on that Mac has access per the original Mac, regardless of the username. - So the system uses the userid, not the username associated with it to determine access. - Security only really applies on the original system !
A paranoid dude might create a large number of dummy users, then add their own user, delete the rest, so they had an ID like 542, to make it harder for someone to crack this backdoor into an external disk easily.

1 Like