Specifications
Chapter 8 Advanced Directory Client Settings 13 9
If you choose Custom, you must set up mappings between Mac OS X record Â
types and attributes and the classes and attributes of the LDAP directory you’re
connecting to. For more information, see “Conguring LDAP Searches and
Mappings” on page 14 6.
12 Before you select the “Encrypt using SSL” checkbox, check with your Open Directory
administrator to determine if SSL is needed.
13 To change the following settings for this LDAP conguration, click Edit to display the
options for the selected LDAP conguration, make changes, and click OK when you
nish editing the LDAP conguration options.
Click Connection to set timeout options, specify a custom port, ignore server Â
referrals, or force use of the LDAPv2 (read-only) protocol. For more information,
see “Changing the Connection Settings for an LDAP Directory” on page 143.
Click Search & Mappings to set up searches and mappings for an LDAP server. Â
For more information, see “Setting Up Trusted Binding for an LDAP Directory”
on page 149.
Click Security to set up an authenticated connection (instead of trusted binding) Â
and other security policy options. For more information, see “Changing the Security
Policy for an LDAP Connection” on page 145.
Click Bind to set up trusted bindings (if the LDAP directory supports it). For more Â
information, see “Setting Up Trusted Binding for an LDAP Directory” on page 149.
14 Click OK to nish manually creating the conguration to access an LDAP directory.
15 If you want the computer to access the LDAP directory you created a conguration
for, add the directory to a custom search policy in the Authentication pane and the
Contacts pane of Search Policy in Directory Utility, then make sure LDAPv3 is enabled
in the Services pane.
For more information, see “Enabling or Disabling LDAP Directory Services” on page 133
and “Dening Custom Search Policies” on page 129.
Note: Before you can use Workgroup Manager to create users on a non-Apple LDAP
server that uses RFC 2307 (UNIX) mappings, you must edit the mapping of the Users
record type. For more information, see “Editing RFC 2307 Mapping to Enable Creating
Users” on page 155.
Important: If you change your IP address and computer name using changeip while
you are connected to a directory server, you must disconnect and reconnect to the
directory server to update the directory with the new computer name and IP address.
If you do not disconnect and reconnect to the directory server, the directory will not
update and will continue to use the old computer name and IP address.