What does the macOS user deletion script do?

The script completely removes a local user account, its home directory, and its associated group record from a macOS device.

What are the requirements for using the macOS user deletion script?

The script requires macOS, root privileges, and the username (short name) of the account to be deleted as an argument. The Applivery Agent for macOS must also be installed.

How do I provide the username to the macOS user deletion script?

You can provide the username as an argument when assigning the script to a device or policy in Applivery, or hardcode it directly in the script.

How do I create the user deletion script in Applivery?

In the Applivery Dashboard, create a new Script, select Bash as the language, paste the script code, give it a name, and click Create.

What execution method should I use for the user deletion script?

The 'Once' or 'On demand' execution methods are recommended, as account deletion is a one-time action. Avoid the 'Loop' method.

Where can I find the macOS user deletion script?

The script is available in the Applivery Public Script Repository on GitHub.

What happens if the user's home directory is not found?

If the script doesn't find a home directory for the user, it will skip the deletion of the directory and continue with the rest of the process.

Delete Local User Account

Properly deleting a user account on macOS involves more than clicking "Delete User" in System Settings. That approach can leave behind home directory data, Directory Services records, and orphaned group entries that accumulate over time.

This Script goes further: it removes the user record from Directory Services, wipes the home directory from disk (/Users/username), and cleans up the associated group entry — a complete, irreversible removal that leaves no residual data on the machine. It's designed for offboarding flows where a clean slate matters.

Warning

The Applivery Agent for macOS must be installed and active on the Device. Learn more about the macOS Agent.

Requirements

Requirement	Detail
Platform	macOS
Execution privileges	Root (default in Applivery)
Username	The short name of the account to delete, passed as an argument

Warning

This action is irreversible. Once the home directory is deleted, the user's data cannot be recovered unless a backup exists. Always verify the username before deploying.

Setup

Create the Script

Once in the Applivery Dashboard, follow the steps described here to create a Script. Paste the following Script into the editor, select Bash as the language, give it a descriptive name (e.g., Delete Local User Account), and click Create.

#!/bin/bash

# ---
# Title: Delete Local User & Home Directory
# Description: Completely removes a local user account, its home directory, and its group record.
# Author: Applivery
# Version: 1.0.0
# ---

# ==========================================
# CONFIGURATION
# ==========================================
# The username can be passed as an argument ($1) or hardcoded below
USER_NAME=$1

# ==========================================
# 1. INITIAL CHECKS
# ==========================================

if [[ $EUID -ne 0 ]]; then
  echo "Error: This script must be run as root."
  exit 1
fi

if [ -z "$USER_NAME" ]; then
  echo "Error: No username provided. Usage: $0 <username>"
  exit 1
fi

CURRENT_USER=$(stat -f "%Su" /dev/console)
if [ "$USER_NAME" == "$CURRENT_USER" ]; then
  echo "Error: Cannot delete the currently logged-in user ($USER_NAME)."
  exit 1
fi

id "$USER_NAME" &>/dev/null
if [ $? -ne 0 ]; then
  echo "Error: User '$USER_NAME' does not exist."
  exit 1
fi

# ==========================================
# 2. DELETION PROCESS
# ==========================================
echo "Starting deletion process for user: $USER_NAME..."

dscl . -delete "/Users/$USER_NAME"
if [ $? -eq 0 ]; then
  echo "[SUCCESS] User record removed from Directory Services."
else
  echo "[FAILURE] Failed to remove user record."
  exit 1
fi

if [ -d "/Users/$USER_NAME" ]; then
  rm -rf "/Users/$USER_NAME"
  echo "[SUCCESS] Home directory /Users/$USER_NAME has been deleted."
else
  echo "[INFO] No home directory found at /Users/$USER_NAME."
fi

dscl . -delete "/Groups/$USER_NAME" &>/dev/null

echo "Process complete. User '$USER_NAME' has been fully removed."
exit 0

Assign the Script to a Device

Now, navigate to any of your Devices, select the Scripts tab, click on the + Assign Script button, and select the one you just created.

Note

You can also assign Scripts to Policies. To do this, navigate to the Policies section, select the desired Policy, and click on the Scripts tab. The process will be the same as when assigning it directly to an individual Device.

Choose the execution method

Select the execution method that matches your use case:

Method	Behaviour	Recommended?
Once	Runs one time per Device when the Policy is assigned.	✅ Recommended — account deletion is a one-time offboarding action.
Loop	Runs repeatedly at the configured interval (15m, 1h, 6h, 1d, 7d).	❌ Not recommended — deletion is irreversible and should not be repeated.
On demand	Only runs when manually triggered from the Applivery Self-Service App or the dashboard.	✅ Also suitable for ad-hoc offboarding initiated by IT.

Enter the username as an argument

The Script requires the short name of the account to delete. Enter it in the Arguments field (e.g., jsmith). The field also supports variable interpolations, such as {{device.displayName}}.

Click Add to save the assignment.

Tip

As an alternative to using the Arguments field, you can hardcode the username directly in the Script by replacing USER_NAME=$1 with USER_NAME="the_username". This is useful when you need to delete the same account across an entire fleet of Devices.

Available on GitHub

This Script is part of the Applivery Public Script Repository — a collection of ready-to-use macOS Scripts for common IT management tasks. You can use it as-is or adapt it to your specific offboarding workflow.

How to completely delete a local user account

Requirements

Setup

Available on GitHub

Key Takeaways