List of all users and groups

I'm trying to get a list of all users and all groups on Mac OS X 10.5+. How can I do this?

For example, the list of all users on my machine should return: _amavisd, _appowner, _appserver, _ard, _atsserver, _calendar, _carddav, _clamav, _coreaudiod, _cvmsroot, _cvs, _cyrus, _devdocs, _dovecot, _eppc, _installer, _jabber, _lda, _locationd, _lp, _mailman, _mcxalr, _mdnsresponder, _mysql, _pcastagent, _pcastserver, _postfix, _qtss, _sandbox, _screensaver, _securityagent, _serialnumberd, _softwareupdate, _spotlight, _sshd, _svn, _teamsserver, _timezone, _tokend, _trustevaluationagent, _unknown, _update_sharing, _usbmuxd, _uucp, _windowserver, _www, _xgridagent, _xgridcontroller, daemon, dave, nobody, root (that was painstakingly compiled manually).

How can I get that list (and the corresponding list of all groups) programmatically? I'm open to alternative (non-c based) solutions, such as Applescript, commandline, etc.

---

Update a long time later

TALlama's answer prompted me to investigate the API to Open Directory, and I found that this list can be easily acquired programmatically:

#import <OpenDirectory/OpenDirectory.h>
ODSession *s = [ODSession defaultSession];
ODNode *root = [ODNode nodeWithSession:s name:@"/Local/Default" error:nil];
ODQuery *q = [ODQuery queryWithNode:root forRecordTypes:kODRecordTypeUsers attribute:nil matchType:0 queryValues:nil returnAttributes:nil maximumResults:0 error:nil];

NSArray *results = [q resultsAllowingPartial:NO error:nil];
for (ODRecord *r in results) {
    NSLog(@"%@", [r recordName]);
}

That will log the usernames of every user on the system. Substituting in kODRecordTypeGroups will get you the list of all the groups.

The -[ODQuery resultsAllowingPartial:error:] method is a blocking call, so you'd either want to execute this code on a background thread, or use an <ODQueryDelegate> to aggregate the results.

I don't think this works - grepping /etc/passwd on my mac doesn't yield my username.

+1 same here, but it seems like it has everything else. Thanks! I'll keep this open in case there's a better way.

I believe that Directory Services replaces /etc/passwd. The file is probably only there for legacy reasons.

Excellent! Just a simple pass with a regular expression has cleaned them right up! Thank you!

Wow, even better! I love this site! =)

For some reason, this does not list all users, even if I run with sudo. It doesn't show any of the "real" users, just the system-ish ones.

Works on my Lion install; what OS are you seeing it fail with?

1.5.8. I figured it out. I didn't realize there were several different ways that osx can authenticate. Turns out I needed JacobTaylor's "Open Directory" approach.

Note: dscl -list is limited to 256 results, so this is not guaranteed to list all user accounts.

Note: dscl -list is limited to 256 results, so this is not guaranteed to list all user accounts.

Note: dscacheutil -q user and dscl -list are limited to 256 results, so this is not guaranteed to list all user accounts.

Note: dsexport is limited to 256 results, so this is not guaranteed to list all user accounts.

that's hardly a programmatic way to do it from my application. Any API?

Here too (MacOS 10.15.7) - "normal" Mac users, created via the "Users & Groups" UI (in System Preferences) don't appear in /etc/passwd file. Maybe there's another such file (same format) that extends it for the "Mac users" ?

Is there a programmatic API to get to the same functionality? I don't wish to create an external process via NSTask, collect and parse its text output every time my Cocoa application needs the list of users... maybe that's normal for UniX style programming, but not for Mac programming.