Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Command-Line
171172173174175176177178179180
Chapter 8 Advanced Directory Client Settings 173
Automatic mounting of the Windows home folder Â
Mobile user accounts with cached authentication credentials Â
Discovery of all domains in an Active Directory forest Â
Support for Active Directory replication and failover Â
For more information, see About Active Directory Access on page 15 8 .
To create an Active Directory server conguration:
1 Open System Preferences and click Accounts.
2 If the lock icon is locked, unlock it by clicking it and entering the name and password
of an administrator.
3 Click Login Options, then click Join or Edit.
4 Click Open Directory Utility.
5 If the lock icon is locked, unlock it by clicking it and entering the name and password
of an administrator.
6 Click Services.
7 In the list of services, select LDAPv3 and click the Edit (/) button.
8 Click New and enter the Active Directory servers DNS name or IP address.
9 Select from the following options for accessing the directory, then click Continue to
have Directory Utility get information from the Active Directory server.
Select “Encrypt using SSL if you want Open Directory to use SSL for connections Â
with the Active Directory server. Before you select the SSL checkbox, ask your Open
Directory administrator if SSL is needed.
Select “Use for authentication if this directory contains user accounts that someone Â
will use for logging in or authenticating to services.
Select “Use for contacts if this directory contains mail addresses and other Â
information you want to use in Address Book.
If Directory Utility can’t contact the Active Directory server, a message appears and you
must congure access manually or cancel the setup process. For more information, see
Conguring Access to an LDAP Directory Manually” on page 137.
If you selected “Use for authentication or “Use for contacts,” the LDAPv3 connection to
the Active Directory domain is added to a custom search policy in the Authentication
or Contacts pane of Directory Utility.
Make sure LDAPv3 is enabled in the Services pane so the computer will use the
connection you set up. For more information, see “Enabling or Disabling LDAP
Directory Services on page 13 3.
10 When the dialog expands to display mappings options, choose Active Directory from
the pop-up menu, enter the search base, then click Continue.