User`s guide
90 Chapter 4 Initial Server Setup
Setting Up a Server as an Open Directory Master
When you want a server you’re setting up to host an LDAP directory for use by itself
and other computers, make sure the server is connected to the network when you set
it up and choose the directory usage option called Open Directory Master in Server
Assistant. This option:
 Sets up an LDAP directory on the server.
 Creates a directory domain administrator for the directory. This is the administrator
who has the privileges required to change information stored in the directory, such
as accounts and managed network views.
 Turns on Open Directory authentication for validating all users defined in the local
NetInfo domain and the LDAP directory.
 Sets up a Kerberos KDC on the server. Before an Open Directory master can provide
Kerberos and single sign-on authentication, DNS must be properly configured. DNS
must resolve the fully qualified DNS names of all servers, including the Open
Directory master itself, to their IP addresses and provide the corresponding reverse
lookups.
 Optionally enables a Windows Primary Domain Controller on the server, letting your
server authenticate and provide home directories for users of computers with
Windows NT4.x, Windows 9x, and Windows XP.
To set up another server as an Open Directory replica and optional backup domain
controller (BDC) for a PDC, use Server Admin after setup is complete. To configure
additional directory connectivity, use Directory Access. See the Open Directory
administration guide for more information about directory configuration.