Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Command-Line
171172173174175176177178179180
Chapter 9 Maintaining Open Directory Services 179
5 Select Allow only users and groups below and edit the list of users and groups that
you want to have SSH access to the server:
Add users or groups that can open SSH connections by clicking the Add (+) button Â
and dragging users or groups from the User & Groups window to the list.
Remove users or groups from the list by selecting one or more and clicking the Â
Remove (–) button.
6 Click Save.
If Allow all users and groups” is selected when you select “For selected services below
in step 4, all services except SSH will permit access to all users and groups.
If you want to restrict who can access a listed service besides SSH, select the service in
the list, select Allow only users and groups below,” and add user and groups to the list.
If you want all users to be able to open an SSH connection to the server, select SSH,
then select Allow all users and groups.”
Conguring Open Directory Service Access Control
You can congure Open Directory service access control by conguring service
access control lists (SACLs) using Server Admin. SACLs enable you to specify which
administrators have access to Open Directory.
SACLs provide you with greater control over which administrators can monitor and
manage a service.
Only users and groups listed in an SACL have access to the corresponding service. For
example, to give administrator access to users or groups for the Open Directory service
on your server, add them to the Open Directory SACL.
To set administrator SACL permissions for Open Directory service:
1 Open Server Admin and connect to the server.
2 Click Settings, then click Access.
3 Click Administrators.
4 Select the level of restriction you want for the services:
To restrict access to all services, select “For all services.” Â
To set access permissions for individual services, select “For selected services below” Â
and then select Open Directory from the Service list.
5 Click the Add (+) button to open the Users & Groups window.
6 Drag users and groups from the Users & Groups window to the list.