5 commands Mac admins should know

Mac admins are responsible for a great deal of equipment maintenance and end-user requests. Jesus Vigo goes over five commands admins can use to work smarter, not harder.

Five commands for Mac admins

Sysadmins are a magical breed. Most are expected to be a jack of all trades for any/all such devices that plug into an electrical socket, manage any number of growing devices on the network, and provide quality face-to-face time with end users experiencing any number of issues.

While the responsibilities grow exponentially with every new device that touches the network, it's a wonder how sysadmins can continue to provide excellent service while still having time to manage the demands placed on them by hardware, software, and staff.

Two words: Command Line.

Regardless of whether you call it CLI, command, PowerShell, terminal, or shell -- it all refers to the same application. The Terminal.app -- as it's called in OS X -- is the third hand, if you will, of the modern day sysadmin. It allows for that special one-to-many type of reach that allows management of multiple objects with just a few short strokes of the keyboard.

No walking (or running around) from machine to machine, no worrying about a server management app not responding or going offline -- just the user and the machine interfacing in a way to make things happen to ensure the systems and end users remain happy.

Below is merely a smattering of some of the most useful commands used by sysadmins to execute common administrative tasks. If you're new to the terminal or Macs in general, one helpful command to assist in the learning process is Man, as when used as a prefix to other commands, will describe what the command is used for, syntax, and list examples for reference.

1. Enable SSH for accessing a remote computers shell securely




[-setremotelogin on|off]


systemsetup -setremotelogin on


Configuration tool for certain machine settings in System Preferences. When the argument is added, the function of the command will be altered to modify only the per-machine setting being targeted.

2. Rename computer name, hostname, and bonjour




--set pref

Valid preferences include:

  • ComputerName: The user-friendly name for the system
  • LocalHostName: The local (Bonjour) hostname
  • HostName: The name associated with hostname and gethostname


  • scutil --set ComputerName NAME_THAT_IDENTIFIES_COMPUTER


Manage system configuration parameters. Adding preferences will allow modification of a specific computer name as the node will be seen to the system, Bonjour protocol, and over the network respectively.

3. Join Active Directory services




  • -show | shows the current AD configuration
  • -add <computer-name> | adds the computer, identified by it's computer name to Active Directory
  • -username | administrator username with rights to bind nodes to AD
  • -ou | Path name of the computer object in AD
  • -domain | FQDN of the domain binding node to
  • -localhome enable|disable
  • -mobile enable|disable
  • -useuncpath enable|disable
  • -groups | Specify the AD groups that are granted access to administer the Mac
  • -alldomains enable|disable


dsconfigad -add <computer-name> -username <username> -ou "OU=Organizational Unit,CN=Container,DC=DomainName,DC=DomainSuffix" -domain <FQDN> -localhome enable -useuncpath enable -groups "Administrators,Domain Admins,Enterprise Admins" -alldomains enable


Retrieves/changes configuration for Active Directory plugin used to hold binding settings in OS X.

4. Install software updates remotely




  • -i | install -r | required updates only
  • -a | all updates


softwareupdate -i -r


System software update tool, when invoked locally or remotely via SSH, will cause the system(s) to install updates. Whether all updates or only those identified as required by Apple are downloaded depend on the command argument used.

5. Logoff, restart, or shutdown systems




  • -h | The system is halted at the specified time.
  • -r | The system is rebooted at the specified time.
  • -s | The system is put to sleep at the specified time.

Time is the time at which shutdown will bring the system down and may be the word now (indicating an immediate shutdown) or specify a future time in one of two formats: +number, or yymmddhhmm, where the year, month, and day may be defaulted to the current system values. The first form brings the system down in number minutes and the second at the absolute time specified.


  • shutdown -h now [Shutdown powers off the computer immediately.]
  • shutdown -r +10 [Shutdown reboots the computer in 10 minutes.]
  • shutdown -s 1503071720 [Shutdown puts the computer to sleep on March 7,2015, at 5:20pm.]


Close down the system at a given time. Depending on the argument used, the computer may be halted (powered off), reboot, or put to sleep based on the number of minutes or at a specific date/time.

OS X contains dozens of commands that may be executed from the Terminal, the modern day sysadmin is not expected to know each and every one of them (Google is your friend) along with hundreds of arguments and variables that may be invoked to modify any number of system processes.

While this is -- by far -- nowhere near a comprehensive listing of commands sysadmins would need to manage their organization, it is generally considered good form to stay up on your Command Line-Fu, so to speak. This ensures a continuing education model that will come to serve anyone in IT quite well through the years.

Also see

By Jesus Vigo

Jesus Vigo is a Network Administrator by day and owner of Mac|Jesus, LLC, specializing in Mac and Windows integration and providing solutions to small- and medium-size businesses. He brings 19 years of experience and multiple certifications from seve...