Specifications
Although existing crypt passwords can continue to be used after importing or
upgrading, you can change user accounts to have Open Directory or shadow passwords.
You can change individual user accounts or multiple user accounts by using
Workgroup Manager. Changing a user account’s password type resets the password.
For more information, see “Changing the Password Type to Open Directory” on
page 107 and “Changing the Password Type to Shadow Password” on page 109.
Some user accounts created with Mac OS X Server v10.1 or earlier may use
Authentication Manager. It is a legacy technology for authenticating users of Windows
le service and users of AFP service whose Mac OS 8 computers have not been
upgraded with AFP client software v3.8.3 or later.
When migrating Authentication Manager users, you have the following options:
If you upgrade rst from Mac OS X Server v10.1 to v10.2 and then to v10.5 and then Â
you migrate to v10.6, existing users can continue to use their same passwords.
You can change some or all upgraded user accounts to have Open Directory Â
passwords or shadow passwords, which are more secure than crypt passwords.
For more information, see “About Password Types” on page 37.
If the upgraded server has a shared NetInfo domain and you migrate it to an LDAP Â
directory, user accounts are converted to Open Directory passwords.
Each user account in the server’s local directory domain is converted from crypt Â
password to shadow password when the user or administrator changes the
password or when the user authenticates to a service that can use a recoverable
authentication method.
If you import user accounts that use Authentication Manager into the LDAP Â
directory, they are converted during importing to have Open Directory passwords.
11 8 Chapter 6 Managing User Authentication Using Workgroup Manager