Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Command-Line
101102103104105106107108109110
Click the lock and authenticate as a directory domain administrator, then select the
user in the list.
2 Click Advanced.
3 From the User Password Type pop-up menu, choose Shadow Password.
Note: You can only assign local user accounts to use shadow passwords.
4 When prompted, enter and verify a password, then click Ok.
A long password is truncated for some authentication methods. Up to 128 characters
of the password are used for NTLMv2 and NTLM, and the rst 14 characters are used
for LAN Manager.
For guidelines on choosing passwords, see “Composing a Password on page 105.
5 In the Advanced pane, click Options to set up the users password policy, then click OK
after you nish specifying options.
If you select “Disable login: on specic date,” use the up and down arrows to set the date.
If you use a policy that requires user password changing, remember that not all
protocols support changing passwords. For example, users can’t change their
passwords when authenticating for IMAP mail service.
6 In the Advanced pane, click Security to enable or disable authentication methods for
the user, then click OK after you nish.
For more information, see “Setting Password Policies for Individual Users on page 11 2 .
7 Click Save.
Enabling Single Sign-On Kerberos Authentication for a User
You enable single sign-on Kerberos authentication for a user account in an LDAP
directory of Mac OS X Server by setting the accounts password type to Open Directory
in the Advanced pane of Workgroup Manager.
Changing the Global Password Policy
Using Server Admin, you can set a global password policy for user accounts in a
Mac OS X Server directory domain.
The global password policy aects user accounts in the server’s local directory domain.
If the server is an Open Directory master or replica, the global password policy also
aects user accounts that have an Open Directory password type in the servers LDAP
directory domain.
If you change the global password policy on an Open Directory replica, the policy
settings become synchronized with the master and any other replicas of it.
11 0 Chapter 6 Managing User Authentication Using Workgroup Manager