Specifications
Chapter 8 Advanced Directory Client Settings 157
Preparing a Read-Only LDAP Directory for Mac OS X
If you want a Mac OS X computer to get administrative data from a read-only LDAP
directory, the data must exist in the format required by Mac OS X. You might need to
add, change, or reorganize data in the read-only LDAP directory.
Because Mac OS X cannot write data to a read-only directory, you must use other tools
to make the changes. The tools must reside on the server that hosts the read-only
LDAP directory.
To prepare a read-only LDAP directory for Mac OS X:
1 Go to the server that hosts the read-only LDAP directory and congure it to support
LDAP-based authentication and password checking.
2 Change the LDAP directory’s object classes and attributes as necessary to provide the
data needed by Mac OS X.
For specications of the data required by Mac OS X directory services, see
Appendix B, “Mac OS X Directory Data.”
Populating LDAP Directories with Data for Mac OS X
After conguring access to LDAP directory domains and setting up data mapping,
you can populate them with records and data for Mac OS X. For LDAP directories that
permit remote administration (read/write access), you can use Workgroup Manager,
which is included with Mac OS X Server, as follows:
Identify share points and shared domains that you want to mount automatically Â
in users’ Network browsers (what users see when they click Network in a Finder
window sidebar).
Use the Sharing in Server Admin and the Network modules of Workgroup Manager.
For more information, see File Server Administration.
Dene user and group records and congure their settings. Â
Use the Accounts module of Workgroup Manager. For more information, see
User Management.
Dene lists of computers that have the same preference settings and are available Â
to the same users and groups.
Use the Computers module of Workgroup Manager. For more information,
see User Management.
In all cases, click the small globe icon above the list of users and choose from the
pop-up menu in Workgroup Manager to open the LDAP directory domain. If the LDAP
directory is not listed in the pop-up menu, choose Other from this menu to select the
LDAP directory.
Note: To add records and data to a read-only LDAP directory, you must use tools on
the server that host the LDAP directory.