It took me a little while to figure out how I could tell what DirectoryService directory nodes are available to a Mac OS X system. I could perform the task interactively, just issuing an “ls” command at the dscl “>” prompt. But for a non-interactive one-liner, I was bedeviled by what I thought was a pretty basic function for the dscl tool.
I wanted to find all of the top-level nodes — because, for example, that could tell me if I really had access to an Active Directory or not.
It turns out that I was missing the use of “localhost” as the datastore parameter, which reliably returns the information I wanted in a parsable form. Rather than “/” (simply doesn’t work) or just a period (only uses the local directory) — or even listing “/Active\ Directory” explicitly — “localhost” specifies all of the directories available to the local host. I was incorrectly assuming “localhost” would tie me to the local directory, as with “localonly,” and I thus avoided trying it until I felt like an utter failure.
$ dscl localhost -list .
This produces the following output on a Leopard-based system which only has local accounts in DSLocal:
$ dscl localhost -list .
BSD
Local
Search
Contact
If your system happens to be bound to a Microsoft Active Directory, you’ll instead see it prepended:
$ dscl localhost -list .
Active Directory
BSD
Local
Search
Contact
Or if you’re on Tiger — again bound to Active Directory — you’ll still see “Bonjour,” “NetInfo,” and “SLP” in the mix:
$ dscl localhost -list .
Active Directory
Bonjour
NetInfo
SLP
Search
Contact