As you've heard in previous chapters, Mac OS X is a true multiuser operating system because everyone who works on the computer has a separate, private area in which to store personal files. While you don't have to make use of the multiuser capabilities of your Mac, they affect the system's structure which may require special attention, in terms of both their benefits and problems.
Understanding User Accounts
In a multiuser system, everyone who works on the computer can have a separate account. In practice, that means when one user saves a document to the desktop, it does not appear on the desktop that the other users see when they sit down to use the same computer. Also, each person can set system preferences that show up only when he or she is logged in. Users can customize the Dock and the desktop appearance and expect them to remain that way.
The home folders for user accounts are located in the Users folder of the Mac OS X hard drive, as shown in Figure 27.1. A house icon is used in the Finder window toolbar to represent the current user's home folder. Inside the home folder are several different folders, which were discussed briefly in our look at the Finder's file system during Chapter 2, "Exploring the Desktop."
Figure 27.1. Every user has a home folder in which to store his or her files.
Although individual users can see the contents of most files on the hard drive, they might not be able to see each other's files. That's because users in a multiuser system can set permissions on their files that restrict access to keep their work private. They can specify whether a file can be read or altered by everyone, by a limited number of other people, or only from within the account in which the files were created.
For example, Figure 27.2 shows what the home folder of the user robyn looks like to another user. Most of the folders have an icon with a red circle containing a minus sign. That means these folders are not accessible from user accounts which did not create, or own, them.
Figure 27.2. By default, other users are restricted from accessing all but the Public and Sites folders.
Adding and Removing Users
When you first installed Mac OS X, an account was created using the name you supplied. The system uses the short name you gave as your account name, but you can use either your full or short name to log in to the system at the console. Because this account can access system settings and install new software, it's referred to as an administrator account .
When logged in with an administrator account, you're granted the privilege of adding other users and you can choose to give them administrative privileges as well. Remember, that means other people can add new accounts and modify the system, so you should be cautious about creating other administrative accounts. Be sure that you trust your users not to delete important files or disrupt the system in other ways before you give them administrator privileges.
New user accounts are added from the Users pane of the Accounts Preferences panel, shown in Figure 27.3.
Figure 27.3. The Users pane of the Accounts Preferences panel lists current users and enables you to edit them or add new ones.
To create a new user account, follow these steps:
The Users Preferences panel now lists your new user, who has a folder in the Users folder.
Through a similar process, you can edit an existing user account, including changing the password. Simply select the user account to be edited and click the Edit User button. Note that although you can change many things about a user account, you can't alter the short name used to log in. Choose wisely the first time.
Now that you know how to add a user, you should learn how to remove a user. This again requires you to open the Users tab of the Accounts Preferences panel. To delete a user account, simply select the account to be deleted and click the Delete User button. In this way, you can delete any user account except the original administrator account. A sheet appears to confirm your choice and to inform you that the deleted user's files are stored as a disk image ( .dmg file) in the Deleted Users folders. If you don't want the contents of the deleted account, you can open that folder and delete the .dmg file.