RubyGems - open_directory_utils - Versions diffs - 0.1.0 - Mend

open_directory_utils 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

checksums.yaml +7 -0
data/.gitignore +15 -0
data/.rspec +3 -0
data/.travis.yml +5 -0
data/CODE_OF_CONDUCT.md +74 -0
data/Gemfile +6 -0
data/Gemfile.lock +37 -0
data/LICENSE.txt +21 -0
data/README.md +111 -0
data/Rakefile +6 -0
data/bin/console +14 -0
data/bin/setup +8 -0
data/lib/open_directory_utils.rb +6 -0
data/lib/open_directory_utils/clean_check.rb +30 -0
data/lib/open_directory_utils/commands_group.rb +216 -0
data/lib/open_directory_utils/commands_user.rb +680 -0
data/lib/open_directory_utils/connection.rb +127 -0
data/lib/open_directory_utils/dscl.rb +53 -0
data/lib/open_directory_utils/pwpolicy.rb +48 -0
data/lib/open_directory_utils/user_command_pattern.rb +188 -0
data/lib/open_directory_utils/version.rb +5 -0
data/open_directory_utils.gemspec +38 -0
metadata +123 -0

data/lib/open_directory_utils/commands_user.rb ADDED Viewed

@@ -0,0 +1,680 @@
+require "open_directory_utils/dscl"
+require "open_directory_utils/clean_check"
+module OpenDirectoryUtils
+  # this is a long list of pre-built dscl commands affecting users to accomplish common actions
+  # @note - these commands were derived from the following resrouces:
+  # * https://developer.apple.com/legacy/library/documentation/Darwin/Reference/ManPages/man1/dscl.1.html
+  # * https://superuser.com/questions/592921/mac-osx-users-vs-dscl-command-to-list-user/621055?utm_medium=organic&utm_source=google_rich_qa&utm_campaign=google_rich_qa
+  module CommandsUser
+    include OpenDirectoryUtils::Dscl
+    include OpenDirectoryUtils::CleanCheck
+    def user_record_name_alternatives(attribs)
+      attribs[:record_name] = nil
+      attribs[:record_name] = attribs[:user_name]
+      attribs[:record_name] = attribs[:record_name] || attribs[:short_name]
+      attribs[:record_name] = attribs[:record_name] || attribs[:shortname]
+      attribs[:record_name] = attribs[:record_name] || attribs[:username]
+      attribs[:record_name] = attribs[:record_name] || attribs[:uid]
+      return attribs
+    end
+    # GET INFO
+    ##########
+    # get user record -- dscl . -read /Users/<username>
+    # get user value  -- dscl . -read /Users/<username> <key>
+    # search od user  -- dscl . -search /Users RealName "Andrew Garrett"
+    # return as xml   -- dscl -plist . -search /Users RealName "Andrew Garrett"
+    def user_get_info(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      check_critical_attribute( attribs, :record_name )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'read', scope: 'Users', attribute: nil, value: nil}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    alias_method :user_info, :user_get_info
+    # get all usernames -- dscl . -list /Users
+    # get all user details -- dscl . -readall /Users
+    def user_exists?(attribs, dir_info)
+      user_get_info(attribs, dir_info)
+    end
+    # CHANGE OD
+    ###########
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$USER RealName "$VALUE"
+    def user_set_real_name(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:cn]
+      attribs[:value] = attribs[:value] || attribs[:realname]
+      attribs[:value] = attribs[:value] || attribs[:real_name]
+      attribs[:value] = attribs[:value] || attribs[:fullname]
+      attribs[:value] = attribs[:value] || attribs[:full_name]
+      if attribs[:last_name]
+        attribs[:value] = attribs[:value] || "#{attribs[:first_name]} #{attribs[:last_name]}"
+      end
+      attribs[:value] = attribs[:value] || attribs[:record_name]
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :real_name )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'create', scope: 'Users', attribute: 'RealName'}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$USER cn "$NAME"
+    def user_set_common_name(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:cn]
+      attribs[:value] = attribs[:value] || attribs[:realname]
+      attribs[:value] = attribs[:value] || attribs[:real_name]
+      attribs[:value] = attribs[:value] || attribs[:fullname]
+      attribs[:value] = attribs[:value] || attribs[:full_name]
+      attribs[:value] = attribs[:value] || "#{attribs[:first_name]} #{attribs[:last_name]}"
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :common_name )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'create', scope: 'Users', attribute: 'cn'}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    alias_method :user_set_cn, :user_set_common_name
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME FirstName "$VALUE"
+    def user_set_first_name(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:given_name]
+      attribs[:value] = attribs[:value] || attribs[:first_name]
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :first_name )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'create', scope: 'Users', attribute: 'FirstName'}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME givenName "$VALUE"
+    def user_set_given_name(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:given_name]
+      attribs[:value] = attribs[:value] || attribs[:first_name]
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :given_name )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'create', scope: 'Users', attribute: 'givenName'}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME LastName "$VALUE"
+    def user_set_last_name(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:sn]
+      attribs[:value] = attribs[:value] || attribs[:surname]
+      attribs[:value] = attribs[:value] || attribs[:last_name]
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :last_name )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'create', scope: 'Users', attribute: 'LastName'}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME sn "$VALUE"
+    def user_set_surname(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:sn]
+      attribs[:value] = attribs[:value] || attribs[:surname]
+      attribs[:value] = attribs[:value] || attribs[:last_name]
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :surname )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'create', scope: 'Users', attribute: 'sn'}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    alias_method :user_set_sn, :user_set_surname
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME NameSuffix "$VALUE"
+    def user_set_name_suffix
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME apple-namesuffix "$VALUE"
+    def user_set_apple_name_suffix
+    end
+    # sudo dscl . -create /Users/someuser UniqueID "1010"
+    def user_set_unique_id(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:uniqueid]
+      attribs[:value] = attribs[:value] || attribs[:unique_id]
+      attribs[:value] = attribs[:value] || attribs[:uidnumber]
+      attribs[:value] = attribs[:value] || attribs[:usernumber]
+      attribs[:value] = attribs[:value] || attribs[:user_number]
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :unique_id )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'create', scope: 'Users', attribute: 'UniqueID'}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # # sudo dscl . -create /Users/someuser uidnumber "1010"
+    def user_set_uidnumber(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:uniqueid]
+      attribs[:value] = attribs[:value] || attribs[:unique_id]
+      attribs[:value] = attribs[:value] || attribs[:uidnumber]
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :unique_id )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'create', scope: 'Users', attribute: 'uidnumber'}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # sudo dscl . -create /Users/someuser PrimaryGroupID 80
+    def user_set_primary_group_id(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:group_id]
+      attribs[:value] = attribs[:value] || attribs[:gidnumber]
+      attribs[:value] = attribs[:value] || attribs[:groupnumber]
+      attribs[:value] = attribs[:value] || attribs[:group_number]
+      attribs[:value] = attribs[:value] || attribs[:primary_group_id]
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :group_id )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'create', scope: 'Users', attribute: 'PrimaryGroupID'}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # sudo dscl . -create /Users/someuser PrimaryGroupID 80
+    def user_set_gidnumber(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:group_id]
+      attribs[:value] = attribs[:value] || attribs[:gidnumber]
+      attribs[:value] = attribs[:value] || attribs[:group_number]
+      attribs[:value] = attribs[:value] || attribs[:primary_group_id]
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :group_id )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'create', scope: 'Users', attribute: 'gidnumber'}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/someuser NFSHomeDirectory /Users/someuser
+    def user_set_nfs_home_directory(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:home_directory]
+      attribs[:value] = attribs[:value] || attribs[:nfs_home_directory]
+      attribs[:value] = attribs[:value] || '/Volumes/Macintosh HD/Users/someone'
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :home_directory )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'create', scope: 'Users', attribute: 'NFSHomeDirectory'}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME homedirectory "$VALUE"
+    def user_set_home_directory(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:home_directory]
+      attribs[:value] = attribs[:value] || attribs[:nfs_home_directory]
+      attribs[:value] = attribs[:value] || '/Volumes/Macintosh HD/Users/someone'
+      command = {action: 'create', scope: 'Users', attribute: 'homedirectory'}
+      attribs = attribs.merge(command)
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :home_directory )
+      user_attrs = tidy_attribs(attribs)
+      dscl( user_attrs, dir_info )
+    end
+    # /usr/bin/pwpolicy -a diradmin -p "TopSecret" -u username -setpassword "AnotherSecret"
+    # /usr/bin/dscl -plist -u diradmin -P #{adminpw} /LDAPv3/127.0.0.1/ -passwd /Users/#{shortname} "#{passwd}"
+    def user_set_password(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:password]
+      attribs[:value] = attribs[:value] || attribs[:passwd]
+      attribs[:value] = attribs[:value] || '*'
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :password )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'passwd', scope: 'Users'}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # /usr/bin/dscl /LDAPv3/127.0.0.1 -auth #{shortname} "#{passwd}"
+    def user_verify_password(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:password]
+      attribs[:value] = attribs[:value] || attribs[:passwd]
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :password )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'auth', scope: 'Users'}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # sudo dscl . -create /Users/someuser UserShell /bin/bash
+    def user_set_shell(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:user_shell]
+      attribs[:value] = attribs[:value] || attribs[:shell]
+      attribs[:value] = attribs[:value] || '/bin/bash'
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :shell )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'create', scope: 'Users', attribute: 'UserShell'}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME loginShell "$VALUE"
+    def user_set_login_shell(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs[:user_shell]
+      attribs[:value] = attribs[:value] || attribs[:shell]
+      attribs[:value] = attribs[:value] || '/bin/bash'
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :shell )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'create', scope: 'Users', attribute: 'loginShell'}
+      user_attrs  = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # OTHER FIELDS
+    #####################
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME mail "$VALUE"
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME email "$VALUE"
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME apple-user-mailattribute "$VALUE"
+    def user_set_first_email(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs['apple-user-mailattribute']
+      attribs[:value] = attribs[:value] || attribs[:apple_user_mailattribute]
+      attribs[:value] = attribs[:value] || attribs[:email]
+      attribs[:value] = attribs[:value] || attribs[:mail]
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :email )
+      attribs    = tidy_attribs(attribs)
+      answer     = []
+      command    = {action: 'create', scope: 'Users', attribute: 'mail'}
+      user_attrs = attribs.merge(command)
+      answer    << dscl( user_attrs, dir_info )
+      command    = {action: 'create', scope: 'Users', attribute: 'email'}
+      user_attrs = attribs.merge(command)
+      answer    << dscl( user_attrs, dir_info )
+      command    = {action: 'create', scope: 'Users', attribute: 'apple-user-mailattribute'}
+      user_attrs = attribs.merge(command)
+      answer    << dscl( user_attrs, dir_info )
+      return answer
+    end
+    alias_method :user_set_email, :user_set_first_email
+    def user_append_email(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      attribs[:value] = attribs[:value] || attribs['apple-user-mailattribute']
+      attribs[:value] = attribs[:value] || attribs[:apple_user_mailattribute]
+      attribs[:value] = attribs[:value] || attribs[:email]
+      attribs[:value] = attribs[:value] || attribs[:mail]
+      check_critical_attribute( attribs, :record_name )
+      check_critical_attribute( attribs, :value, :email )
+      attribs    = tidy_attribs(attribs)
+      answer     = []
+      command    = {action: 'append', scope: 'Users', attribute: 'mail'}
+      user_attrs = attribs.merge(command)
+      answer    << dscl( user_attrs, dir_info )
+      command    = {action: 'append', scope: 'Users', attribute: 'email'}
+      user_attrs = attribs.merge(command)
+      answer    << dscl( user_attrs, dir_info )
+      return answer
+    end
+    # dscl . -delete /Users/yourUserName
+    # https://tutorialforlinux.com/2011/09/15/delete-users-and-groups-from-terminal/
+    def user_delete(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      check_critical_attribute( attribs, :record_name )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'delete', scope: 'Users', value: nil, attribute: nil}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # https://images.apple.com/server/docs/Command_Line.pdf
+    # https://serverfault.com/questions/20702/how-do-i-create-user-accounts-from-the-terminal-in-mac-os-x-10-5?utm_medium=organic&utm_source=google_rich_qa&utm_campaign=google_rich_qa
+    # https://superuser.com/questions/1154564/how-to-create-a-user-from-the-macos-command-line
+    def user_create_min(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      check_critical_attribute( attribs, :record_name )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'create', scope: 'Users', value: nil, attribute: nil}
+      user_attrs = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+      answer          = []
+      attribs[:value] = nil
+      answer         << dscl( user_attrs, dir_info )
+      attribs[:value] = nil
+      answer         << user_set_password(attribs, dir_info)
+      attribs[:value] = nil
+      answer         << user_set_real_name(attribs, dir_info)
+      return answer
+    end
+    # https://images.apple.com/server/docs/Command_Line.pdf
+    # https://serverfault.com/questions/20702/how-do-i-create-user-accounts-from-the-terminal-in-mac-os-x-10-5?utm_medium=organic&utm_source=google_rich_qa&utm_campaign=google_rich_qa
+    # https://superuser.com/questions/1154564/how-to-create-a-user-from-the-macos-command-line
+    def user_create_full(attribs, dir_info)
+      attribs = user_record_name_alternatives(attribs)
+      check_critical_attribute( attribs, :record_name )
+      attribs    = tidy_attribs(attribs).dup
+      answer          = []
+      attribs[:value] = nil
+      answer         << user_create_min(attribs, dir_info)
+      attribs[:value] = nil
+      answer         << user_set_shell(attribs, dir_info)
+      attribs[:value] = nil
+      answer         << user_set_first_name(attribs, dir_info)
+      attribs[:value] = nil
+      answer         << user_set_last_name(attribs, dir_info)
+      attribs[:value] = nil
+      answer         << user_set_unique_id(attribs, dir_info)
+      attribs[:value] = nil
+      answer         << user_set_primary_group_id(attribs, dir_info)
+      attribs[:value] = nil
+      answer         << user_set_nfs_home_directory(attribs, dir_info)
+      # skip email if non-sent
+      unless attribs[:email].nil? and attribs[:mail].nil? and attribs[:apple_user_mailattribute].nil?
+        attribs[:value] = nil
+        answer         << user_set_email(attribs, dir_info)
+      end
+      return answer.flatten
+    end
+    # ADD USER TO GROUPS
+    ####################    #
+    # add 1st user   -- dscl . -read /Groups/ladmins
+    def user_in_group?(attribs, dir_info)
+      attribs[:record_name] = attribs[:record_name] || attribs[:group_name]
+      attribs[:record_name] = attribs[:record_name] || attribs[:groupname]
+      attribs[:record_name] = attribs[:record_name] || attribs[:gid]
+      check_critical_attribute( attribs, :record_name, :groupname )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'read', scope: 'Groups', attribute: nil, value: nil}
+      user_attrs  = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # http://krypted.com/mac-os-x/create-groups-using-dscl/
+    # https://superuser.com/questions/214004/how-to-add-user-to-a-group-from-mac-os-x-command-line?utm_medium=organic&utm_source=google_rich_qa&utm_campaign=google_rich_qa
+    # sudo dseditgroup -o edit -a $username_to_add -t user admin
+    # sudo dseditgroup -o edit -a $username_to_add -t user wheel
+    # http://osxdaily.com/2007/10/29/how-to-add-a-user-from-the-os-x-command-line-works-with-leopard/
+    #
+    # add 1st user   -- dscl . -create /Groups/ladmins GroupMembership localadmin
+    # add more users -- dscl . -append /Groups/ladmins GroupMembership 2ndlocaladmin
+    def user_first_in_group(attribs, dir_info)
+      attribs[:record_name] = attribs[:record_name] || attribs[:group_name]
+      attribs[:record_name] = attribs[:record_name] || attribs[:groupname]
+      attribs[:record_name] = attribs[:record_name] || attribs[:gid]
+      attribs[:value]       = attribs[:value]       || attribs[:user_name]
+      attribs[:value]       = attribs[:value]       || attribs[:username]
+      attribs[:value]       = attribs[:value]       || attribs[:uid]
+      check_critical_attribute( attribs, :record_name, :groupname )
+      check_critical_attribute( attribs, :value, :username )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'create', scope: 'Groups', attribute: 'GroupMembership'}
+      user_attrs  = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    def user_append_to_group(attribs, dir_info)
+      attribs[:record_name] = attribs[:record_name] || attribs[:group_name]
+      attribs[:record_name] = attribs[:record_name] || attribs[:groupname]
+      attribs[:record_name] = attribs[:record_name] || attribs[:gid]
+      attribs[:value]       = attribs[:value]       || attribs[:user_name]
+      attribs[:value]       = attribs[:value]       || attribs[:username]
+      attribs[:value]       = attribs[:value]       || attribs[:uid]
+      check_critical_attribute( attribs, :record_name, :groupname )
+      check_critical_attribute( attribs, :value, :username )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'append', scope: 'Groups', attribute: 'GroupMembership'}
+      user_attrs  = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    alias_method :user_add_to_group, :user_append_to_group
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -delete /Groups/$VALUE GroupMembership $shortname_USERNAME
+    def user_remove_from_group(attribs, dir_info)
+      attribs[:record_name] = attribs[:record_name] || attribs[:group_name]
+      attribs[:record_name] = attribs[:record_name] || attribs[:groupname]
+      attribs[:record_name] = attribs[:record_name] || attribs[:gid]
+      attribs[:value]       = attribs[:value]       || attribs[:user_name]
+      attribs[:value]       = attribs[:value]       || attribs[:username]
+      attribs[:value]       = attribs[:value]       || attribs[:uid]
+      check_critical_attribute( attribs, :record_name, :groupname )
+      check_critical_attribute( attribs, :value, :username )
+      attribs    = tidy_attribs(attribs)
+      command    = {action: 'delete', scope: 'Groups', attribute: 'GroupMembership'}
+      user_attrs  = attribs.merge(command)
+      dscl( user_attrs, dir_info )
+    end
+    # 1st keyword    -- /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME apple-keyword "$VALUE"
+    # other keywords --  /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -append /Users/$shortname_USERNAME apple-keyword "$VALUE"
+    def user_set_keywords
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -append /Users/$shortname_USERNAME apple-keyword "$VALUE"
+    def user_add_keywords
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME mobile "$VALUE"
+    def user_set_mobile_phone
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME telephoneNumber "$VALUE"
+    def user_set_work_phone
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME homePhone "$VALUE"
+    def user_set_home_phone
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME apple-company "$VALUE"
+    def user_set_company
+    end
+    alias_method :las_program_info, :user_set_company
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME title "$VALUE"
+    def user_set_title
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME departmentNumber "$VALUE"
+    def user_set_department
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME street "$VALUE"
+    def user_set_street
+    end
+    alias_method :las_set_dorm, :user_set_street
+    alias_method :las_set_housing, :user_set_street
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname l "$VALUE"
+    def user_set_city
+    end
+    alias_method :las_, :user_set_city
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME st "$VALUE"
+    def user_set_state
+    end
+    alias_method :las_cultural_trip, :user_set_state
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME postalCode "$VALUE"
+    def user_set_postcode
+    end
+    alias_method :las_faculty_family, :user_set_postcode
+    #  /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$USER c "$VALUE"
+    def user_set_country
+    end
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME apple-webloguri "$VALUE"
+    def user_set_blog
+    end
+    alias_method :user_set_weblog, :user_set_blog
+    alias_method :las_sync_date, :user_set_blog
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME apple-organizationinfo "$VALUE"
+    def user_set_org_info
+    end
+    alias_method :las_set_organizational_info, :user_set_org_info
+    alias_method :las_link_student_to_parent, :user_set_org_info
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME apple-relationships "$VALUE"
+    def user_set_relationships
+    end
+    alias_method :las_link_parent_to_student, :user_set_relationships
+    # first  - /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$USER apple-imhandle "$VALUE"
+    # others - /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -append /Users/$USER apple-imhandle "$VALUE"
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$USER apple-imhandle "AIM:created: $CREATE"
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -append /Users/$USER apple-imhandle "ICQ:start: $START"
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -append /Users/$USER apple-imhandle "MSN:end: $END"
+    def user_set_chat
+    end
+    alias_method :user_set_chat_channels, :user_set_chat
+    alias_method :las_created_date, :user_set_chat
+    alias_method :las_start_date, :user_set_chat
+    alias_method :las_end_date, :user_set_chat
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$shortname_USERNAME labeledURI "$VALUE"
+    def user_set_homepage
+    end
+    alias_method :user_set_webpage, :user_set_homepage
+    alias_method :las_enrollment_date, :user_set_homepage
+    alias_method :las_begin_date, :user_set_homepage
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$USER description "$NAME"
+    def user_set_comments
+    end
+    alias_method :user_set_description, :user_set_comments
+    # /usr/bin/dscl -u diradmin -P A-B1g-S3cret /LDAPv3/127.0.0.1/ -create /Users/$USER description "$NAME"
+    def user_comments
+    end
+    alias_method :user_description, :user_comments
+  end
+end