Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Command-Line
101102103104105106107108109110
Joining a Server to a Kerberos Realm
Using Server Admin, a Kerberos administrator or a user whose account has the
properly delegated authority can join Mac OS X Server to a Kerberos realm.
The server can join only one Kerberos realm. It can be an Open Directory Kerberos
realm, an Active Directory Kerberos realm, or an existing realm based on MIT Kerberos.
To join an Open Directory Kerberos realm, you need a Kerberos administrator account
or a user account with delegated Kerberos authority. For more information, see
“Delegating Authority to Join an Open Directory Kerberos Realm on page 100.
To join a server to a Kerberos realm:
1 Make sure the server you want to join to the Kerberos realm is congured to access
the shared directory domain of the Kerberos server.
To conrm, open Directory Utility (located under Account preferences) on the server
you want to join to the Kerberos realm or connect to the server using Directory Utility
on another computer. Click Search Policy, then click Authentication and make sure the
Kerberos servers directory domain is listed.
If it is not listed, see Chapter 7,Managing Directory Clients Using Accounts
Preferences for instructions on conguring access to the directory.
2 Open Server Admin and connect to the server you want to join to the Kerberos realm.
3 Click the triangle at the left of the server.
The list of services appears.
4 From the expanded Servers list, select Open Directory.
5 Click Settings, then click General.
6 Conrm that the role is connected to a directory server, then click Join Kerberos and
enter the following information:
For an Open Directory Kerberos realm or an Active Directory Kerberos realm, choose Â
the realm from the pop-up menu and enter the name and password of a Kerberos
administrator or a user with delegated Kerberos authority for the server.
For an MIT-based Kerberos realm, enter the name and password of a Kerberos Â
administrator, the Kerberos realm name, and the DNS name of the Kerberos
KDC server.
102 Chapter 5 Setting Up Open Directory Services