Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Command-Line
101102103104105106107108109110
Chapter 6 Managing User Authentication Using Workgroup Manager 105
Composing a Password
The password associated with a users account must be entered by the user when he
or she authenticates for login or other services. The password is case sensitive (except
for SMB-LAN Manager passwords) and is masked on the screen as it is entered.
Regardless of the password type you choose for a user, here are guidelines for
composing a password for Mac OS X Server user accounts:
A password should contain letters, numbers, and symbols in combinations that Â
won’t be easily guessed by unauthorized users. Passwords should not consist of
words. Good passwords include digits and symbols (such as # or $), or they consist
of the rst letter of all words in a phrase. Use both uppercase and lowercase letters.
Avoid spaces and Option-key combinations. Â
Avoid characters that can’t be entered on computers the user will use or that might Â
require knowing a special keystroke combination to enter correctly on dierent
keyboards and platforms.
Some network protocols do not support passwords that contain leading spaces, Â
embedded spaces, or trailing spaces.
A zero-length password is not recommended. Open Directory and some systems Â
(such as LDAP bind) do not support a zero-length password.
For maximum compatibility with computers and services your users might access, Â
use only ASCII characters for passwords.
Changing a Users Password
You can use Workgroup Manager to change the password of a user account dened in
any directory domain you have read/write access to. For example, you can change the
password of a user account in the LDAP directory of an Open Directory master.
Important: If you change the password of a user account thats used to authenticate
a computer’s LDAP directory connection, you must make the same change to the
aected computers LDAP connection settings or congure the LDAP directory and all
connections to it to use trusted binding.
For more information, see “Changing the Password Used for Authenticating an LDAP
Connection on page 15 5 or “Setting a Binding Policy for an Open Directory Server on
page 187 and “Stopping Trusted Binding with an LDAP Directory on page 150.
To change a users password:
1 Open Workgroup Manager, click the Accounts button, and then click the User button.
2 Open the directory domain that contains the user account whose password you want
to change, and authenticate as an administrator of the domain.