Specifications
9 In the list, select a server conguration and click Edit.
10 Click Connection and select “Ignore server referrals.”
Authenticating an LDAP Connection
Using Directory Utility, you can set up an authenticated connection to an LDAP
directory. This authentication is one-way. The computer proves its identity to an LDAP
directory but the LDAP directory doesn’t prove its authenticity to the computer. For
mutual authentication, see “Setting Up Trusted Binding for an LDAP Directory” on
page 149.
Note: If trusted binding is set up between the computer and the LDAP directory, an
authenticated connection would be redundant and you can’t set one up.
To set up an authenticated LDAPv3 connection:
1 Open System Preferences and click Accounts.
2 If the lock icon is locked, unlock it by clicking it and entering the name and password
of an administrator.
3 Click Login Options, then click Join or Edit.
4 Click Open Directory Utility.
5 If the lock icon is locked, unlock it by clicking it and entering the name and password
of an administrator.
6 Click Services.
7 In the list of services, select LDAPv3 and click the Edit (/) button.
8 If the list of server congurations is hidden, click Show Options.
9 In the list, select a server conguration and click Edit.
10 Click Security.
11 Select “Use authentication when connecting,” and then enter a user’s distinguished
name and password.
The distinguished name can specify any user account that has permission to see data
in the directory. For example, a user account whose short name is “authenticator” on
an LDAP server and whose address is ods.example.com has the distinguished name ui
d=authenticator,cn=users,dc=ods,dc=example,dc=com.
Important: If the distinguished name or password are incorrect, no one can log in to
the computer using user accounts from the LDAP directory.
15 4 Chapter 8 Advanced Directory Client Settings