Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Command-Line
141142143144145146147148149150
Chapter 8 Advanced Directory Client Settings 149
Templates saved in the default location are listed in pop-up menus of LDAP mapping
templates the next time you open Directory Utility. The default location for saved
templates is in your home folder at this path:
~/Library/Application Support/Directory Access/LDAPv3/Templates
15 To store the mappings in the LDAP directory so it can supply them automatically to
its clients, click Write to Server and then enter a search base to store the mappings,
a distinguished name of an administrator or other user with write permission for the
search base (for example, uid=diradmin,cn=users,dc=ods,dc=example,dc=com), and a
password.
If you are writing mappings to an Open Directory LDAP server, the correct search
base is cn=cong,sux (where sux is the server’s search base sux, such as
dc=ods,dc=example,dc=com).
The LDAP directory supplies its mappings to Mac OS X clients whose custom search
policy includes a connection thats congured to get mappings from the LDAP server.
The LDAP directory also supplies its mappings to all Mac OS X clients that have an
automatic search policy. For more information, see Conguring Access to an LDAP
Directory on page 13 5 and “Using Advanced Search Policy Settings on page 12 7.
Setting Up Trusted Binding for an LDAP Directory
You can use Directory Utility to set up trusted binding between the computer and an
LDAP directory that supports trusted binding. The binding is mutually authenticated
by an authenticated computer record that’s created in the directory when you set up
trusted binding.
The computer can’t be congured to use trusted LDAP binding and a DHCP-supplied
LDAP directory. Trusted LDAP binding is inherently static, but DHCP-supplied LDAP is
dynamic.
For more information, see “Setting a Binding Policy for an Open Directory Server on
page 187.
To set up trusted binding to an LDAP directory:
1 Open System Preferences and click Accounts.
2 If the lock icon is locked, unlock it by clicking it and entering the name and password
of an administrator.
3 Click Login Options, then click Join or Edit.
4 Click Open Directory Utility.
5 If the lock icon is locked, unlock it by clicking it and entering the name and password
of an administrator.
6 Click Services.