Specifications
Mapping the UID to an Active Directory Attribute
On a computer that’s congured to use Directory Utility’s Active Directory connector,
you can specify an Active Directory attribute that you want mapped to Mac OS X’s
unique user ID (UID) attribute.
Usually, the Active Directory schema must be extended to include an attribute that’s
suitable for mapping to the UID:
If the Active Directory administrator extends the Active Directory schema by Â
installing Microsoft’s Services for UNIX, you can map the UID to the msSFU-30-Uid-
Number attribute.
If the Active Directory administrator manually extends the Active Directory schema Â
to include RFC 2307 attributes, you can map the UID to uidNumber.
If the Active Directory administrator manually extends the Active Directory schema Â
to include the Mac OS X UniqueID attribute, you can map the UID to it.
If UID mapping is disabled, the Active Directory connector generates a UID based on
Active Directory’s standard GUID attribute.
WARNING: If you change the mapping of the UID later, users might lose access to
previously created les.
To map the UID to an attribute in an extended Active Directory schema:
1 Open System Preferences and click Accounts.
2 If the lock icon is locked, unlock it by clicking it and entering the name and password
of an administrator.
3 Click Login Options, then click Edit.
4 Click Open Directory Utility.
5 If the lock icon is locked, unlock it by clicking it and entering the name and password
of an administrator.
6 Click Services.
7 In the list of services, select Active Directory and click the Edit (/) button.
8 If the advanced options are hidden, click Show Advanced Options.
9 Click Mappings.
10 Select “Map UID to attribute” and enter the name of the Active Directory attribute you
want mapped to the UID.
11 Click OK.
166 Chapter 8 Advanced Directory Client Settings