Use dscl instead of netinfo 

su root

sudo vi /private/var/db/dslocal/nodes/Default/users/dgerman.plist

./Default/groups users aliases config machines networks

files as of Oct 2007 Default 

./Default: aliases config groups machines networks users 
                   .plist
./Default/aliases: MAILER-AGENT MAILER-DAEMON administrator dumper manager nobody operator postmaster 
./Default/config: KerberosKDC SharePoints

./Default/config/SharePoints:
 Dennis German's Public Folder
 admin's Public Folder
 rut's Public Folder

./Default/groups:
_amavisd        _appowner       _appserveradm   _appserverusr   _ard            _atsserver 
_calendar       _clamav         _cvs
_devdocs        _guest          _installer      _jabber         _keytabusers    
_lp             _lpadmin        _mailman        _mcxalr         _mdnsresponder  _mysql
_pcastagent     _pcastserver    _postdrop       _postfix        _qtss 
_sandbox        _securityagent  _serialnumberd  _spotlight      _sshd           _svn     
_teamsserver    _tokend         _unknown        _update_sharing _uucp           _windowserver _www 
_xgridagent     _xgridcontroller

 accessibility  admin       authedusers bin     certusers       consoleusers
 daemon         dialer      everyone    group   interactusers   kmem      localaccounts
 mail           netaccounts netusers    network nobody          nogroup   operator        owner
 procmod        procview    smmsp       staff   sys             tty       utmp            wheel

 com.apple.sharepoint.group.1   com.apple.sharepoint.group.2          com.apple.sharepoint.group.3

./Default/machines: broadcasthost localhost 
./Default/networks: loopback

./Default/users:
  _amavisd      _appowner       _appserver      _ard            _atsserver      _calendar   _clamav         _cvs _cyrus     _devdocs   
  _eppc         _installer      _jabber         _lp _mailman    _mcxalr         _mdnsresponder  _mysql      _pcastagent     _pcastserver    
  _postfix      _qtss           _sandbox        _securityagent  _serialnumberd  _spotlight      _sshd _svn  _teamsserver    _tokend
  _unknown      _update_sharing _uucp           _windowserver   _www            _xgridagent _xgridcontroller

  admin     dgerman    root     rut     nobody  daemon
use dscl instead of netinfo Directory Service 
dscl (v10.5.3)
[options ] [datasource [command]]

datasource:
    localhost    (default)                                    or
    localonly    (activates a DirectoryService daemon process   
                  with Local node only - daemon quits after use 
    <hostName>   (requires DS proxy support, >= DS-158)       or
    <nodeName>   (Directory Service style node name)          or
    <domainName> (NetInfo style domain name)

    -u <user>      (required when using DS Proxy)
    -P  [<password> ]
    -f <filepath>  targeted file path for DS daemon running in localonly mode
                   example: /Volumes/Build100/var/db/dslocal/nodes/Default
                    Nodename to use is fixed at /Local/Target
    -raw           don't strip off prefix from DS constants
    -plist         XML plist format
    -url           attribute values in URL-style encoding
    -q             quiet - no interactive prompt

    -read      <path> [<key>…]                     -readall   <path> [<key>…]
    -readpl    <path> <key> <plist path>             -readpli   <path> <key> <value index> <plist path>

    -create    <record path> [<key> [<val>…]]
    -createpl  <record path> <key> <plist path> <val1> [<val2>…]
    -createpli <record path> <key> <value index> <plist path> <val1> [<val2>…]

    -delete    <path> [<key> [<val>…]]
    -deletepl  <record path> <key> <plist path> [<val>…]
    -deletepli <record path> <key> <value index> <plist path> [<val>…]

    -list      <path> [<key>]
    -append    <record path> <key> <val>…
    -merge     <record path> <key> <val>…
    -change    <record path> <key> <old value> <new value> -changei   <record path> <key> <value index> <new value>
    -diff      <first path> <second path>
    -search    <path> <key> <val>
    -auth      [<user> [<password>]]
    -authonly  [<user> [<password>]]
    -passwd    <user path> [<new password>  | <old password> <new password>]

MCX Extensions:
    -mcxread    <record path> [optArgs] [<appdomain> [<keyName>]]
    -mcxset     <record path> [optArgs] <appdomain> <keyName> [<mcxdomain> [<keyvalue>]]
    -mcxedit    <record path> [optArgs] <appdomain> <keyPath> [<keyvalue>]
    -mcxdelete  <record path> [optArgs] [<appdomain> [<keyName>]]
    -mcxexport  <record path> [optArgs] [<appdomain> [<keyName>]]
    -mcximport  <record path> [optArgs]
dscl -- Directory Service command line utility

dscl [options] [datasource [command]]

Directory Service directory nodes.

Creates, reads, and manage Directory Service data. Invoked without any commands, dscl runs in an interactive mode, reading commands from standard input. Interactive processing is terminated by quit .
Leading dashes (-) are optional for all commands.

dscl operates on a datasource specified on the command line, a node name or a Mac OS X Server (10.2 or later) host specified by DNS hostname or IP address.
Node names may be absolute paths beginning with a slash (/) or relative domain paths beginning with a dot (.) the local domain, or "..", the local domain's parent.
If the hostname or IP address form is used -u and either -P or -p to specify an administrative user and password on the remote host to authenticate with to the remote host. The exception to this is localhost.

The datasource may also be specified as localonly in which case a separate DirectoryService daemon process is activated which contains only the Local plugin for use by dscl.
If no file path is provided access goes only to the registered local nodes on the system.
If -f is specified access is added to the local node Local/Target which points to the database located at the provided filepath. One example is to provide the filepath of Volumes/Build100/var/db/dslocal/nodes/Default and then access to that database is provided via the nodename Local/Target

PATH SPECIFICATION

The modes of operation when specifying paths to operate on correspond to whether the datasource is a node or a host.
In the case of specifying a node, the top level of paths will be record types. Example top level paths would be:

/Users/alice
/Groups/admin

In the case of specifying a host as a data source, the top level of paths correspond to Open Directory plug-ins and Search Paths. One can specify the plug-in to traverse to a node name, after which the paths are equivalent to the former usage. The following might be the equivalent paths as the above paths:

/NetInfo/root/Users/alice
/LDAPv3/10.0.1.42/Groups/admin

If path components contain keys or values with embedded slash characters, the slash characters must be escaped with a leading backslash character. Since the shell also processes escape characters, an extra backslash is required to correctly specify an escape. For example, to read a mount record with the name "ldapserver:/Users" in the "/Mounts" path, the following path would be used:

dscl . -read /Mounts/ldaphost:\/Users

Command aliases are listed in parentheses.

read (cat .) [path [key …]]

Displays a directory, properties are displayed one per line. The property key is followed by a colon, then a space-separated list of the values.
A value which contains embedded spaces will appear as a pair of value!.

-raw specifies that read will display the full DirectoryService API constant for record and attribute types.

-url specifies that record path attribute values are encoded in the style of URLs, useful if a script or program is trying to process the output since values will not have any spaces or other control characters.

readall [path [key …]]

Displays all the records of a given type. The output of readall is formatted in the same way as read with a "-" on a line as a delimeter between records.

readpl path key plist_path

Displays the contents of plist_path, followed by a colon, a whitespace, and the value for the path.

If the plist_path is the key for a dictionary or array, the contents of it are displayed in plist form after the plist_path. If plist_path is the key for a string, number, bool, date, or data object, only the value is displayed out after the plist_path.

readpli path key value_index plist_path

Displays the contents of plist_path for the plist at value_index of the key, followed by a colon, a whitespace, and the value for the path.

If the plist_path is the key for a dictionary or array, the contents of it are displayed in plist form after the plist_path.
If plist_path is the key for a string, number, bool, date, or data object, only the value is displayed out after the plist_path.

list (ls) [path]

Lists subdirectories In the case of listing a search path, names are preceded by an index shortcut can be used in place of the name when specifying a path.

When used in interactive mode, the path is optional. With no path given, the current directory will be used.

BSD
Local

Search
Contact
search path key val
Searches for records that match a pattern. The search is rooted at the given path.
The path may be a node path or a record type path. Valid keys are Directory Service record attribute types.

create (mk) record_path [key [val]] Creates a record, property, or value. If only a record path is given, create the record if it does not exist. If a key is given, then a property with that key will be created.
To add values to an existing property, use append or merge .
WARNING - an existing property with the given key will be destroyed.

If values are included in the command, these values will be set for the given key.
Not all directory nodes support a property without a value.

createpl record_path key plist_path val1 [val2] Creates a string, or array of strings at plist_path.
To create at the root of a plist that is an array, use "0" as the plist_path.
If only val1 is specified, a string will be created at plist_path.
If val1 val2 … are specified, an array of strings will be created at plist_path.

WARNING - Existing value with the given plist_path will be destroyed .

createpli record_path key value_index plist_path val1 [val2] Creates a string, or array of strings at plist_path for the plist at value_index of the key.
If you are creating a value at the root of a plist that is an array, use "0" as the plist_path.
If only val1 is specified, a string will be created at plist_path.
If val1 val2 … are specified, an array of strings will be created at plist_path.

WARNING - Existing value with the given plist_path will be destroyed .

append record_path key val Appends one or more val to key in record_path. The property is created if it does not exist.

merge record_path key val Appends one or more val to a property in record_path. if the property does not already have those values.
The property is created if it does not exist.

change record_path key old_val new_val Replaces old_val in the list of values of key with the new_val in record_path.

changei path key index val Replaces the value at index in the list of values of the key with val . index is an integer value.
An index of 1 specifies the first value.

diff path1 path2 [key] Compares the data from path1 and path2

delete (rm) path [key [val …]] Delete a directory, property, or value. If a directory path is given, the delete command will delete the directory.
Can only be used on record type and record paths.
If a key is given, then a property with that key will be deleted.
If one or more values are given, those values will be removed from the property with the key.

deletepl record_path key plist_path [val …] Deletes a value in a plist. If no values are given deletepl deletes the plist_path.
If one or more values are given, deletepl deletes the values within plist_path.

deletepli record_path key value_index plist_path [val …] Deletes a value for the plist at value_index of the key.
If no values are given deletepli deletes the plist_path.
If one or more values are given, deletes the values within plist_path.

passwd user_path [new_pasword | old_password new_pasword] Changes a password for a user by full path, not just a username.
If you are authenticated to the node (either by specifying -u and -P or by using the auth command when in interactive node) then specify a new password.
If you are not authenticated then the user's old password must be specified.

INTERACTIVE COMMANDS

cd dir Sets the current directory

pushd (pd) [pathr][
When a path is specified sets the current directory while pushing the previous directory on to the directory stack.
If no path is specified exchanges the top two elements of the directory stack.
Displays the final directory stack.

popd Pops the directory stack, returns to the new top directory and displays the final directory stack.

auth (su)[user [password]]
Authenticate as the named user, default root .
If running in host mode, the current directory must be in the subdirectories of a node.

authonly [user [password]]
Verify the password of a user, default root.
If dscl is run in host mode, then when this command is run the current directory must be in the subdirectories of a node.

quit (q)

command history The up and down arrow keys will scan through the command history.

tab completion When pathnames are being typed, pressing the tab key will search to auto-complete the partial name, showing posible matches and attempting to correct capitilization .


EXAMPLES

-view a record in the local directory node 
dscl . -read /Users/www

AppleMetaNodeLocation: /Local/Default
NFSHomeDirectory: /Library/WebServer
Password: *
PrimaryGroupID: 70
RealName: World Wide Web Server
RecordName: _www www
RecordType: dsRecTypeStandard:Users
UniqueID: 70
UserShell: /usr/bin/false
dscl
 ls
 cd

-create or replace the UserShell attribute value for the www user record dscl . -create /Users/www UserShell /usr/bin/false

-create or replace the test key of the mcx_application_data:loginwindow plist value for the MCXSettings attribute of the user1 user record dscl . -createpl /Users/user1 MCXSettings mcx_application_data:loginwindow:test value

-list the uniqueID values for all user records on a given node dscl /LDAPv3/ldap.company.com -list /Users UniqueID

-append a value that has spaces in it dscl . -append /Users/www Comment "This is a comment"

dscl will return -1 (255) on error.

> -read /Users/dgerman Cannot open remote host, error: DSOpenDirServiceErr Don't forget the dot! 

#  dscl . -read /Users/dgerman
dsAttrTypeNative:_writers_hint: dgerman
dsAttrTypeNative:_writers_jpegphoto: dgerman
dsAttrTypeNative:_writers_LinkedIdentity: dgerman
dsAttrTypeNative:_writers_passwd: dgerman
dsAttrTypeNative:_writers_picture: dgerman
dsAttrTypeNative:_writers_realname: dgerman
dsAttrTypeNative:_writers_UserCertificate: dgerman

AppleMetaNodeLocation: /Local/Default
AuthenticationAuthority: ;Kerberosv5;
;dgerman@LKDC:SHA1.E08104A89DD6B9076C3EAFDB36F44C0C27EAB1A3;
LKDC:SHA1.E08104A89DD6B9076C3EAFDB36F44C0C27EAB1A3;
;ShadowHash;HASHLIST:
AuthenticationHint: initals 2x hex
Building: Real-world-Systems.com
GeneratedUID: D974AB7E-DDD1-4F89-823F-B65965D43013
HomePhoneNumber: 973/226-6672
JPEGPhoto: ffd8ffe0 00104a46  … many words of hex …
NFSHomeDirectory: /Users/dgerman
Password: ********
Picture: /Library/User Pictures/Animals/Butterfly.tif
PrimaryGroupID: 20
RealName: Dennis German
RecordName: dgerman
RecordType: dsRecTypeStandard:Users
UniqueID: 501
UserShell: /bin/bash 

            

    >  dscl . -read /users/dgerman
<dscl_cmd>  DS Error: -14009 (eDSUnknownNodeName)     Case sensitive!
   
ls xxxxxx (does not report anything) Maybe it's not a directory, try  read xxxxxx


SEE ALSO
     DirectoryService(8), DirectoryServiceAttributes(7)
mactech.com/articles/mactech/Vol.22/22.10/2210MacInTheShell/index.html
            

MacOSX                          August 25, 2003                         MacOSX