Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Command-Line
191192193194195196197198199200
11 If you chose “Decommission replica and connect to another directory” from the Open
Directory Assistant, click the Open Directory Utility button to congure access to one
or more directory systems.
For more information about conguring access to a directory service, see
Chapter 8,Advanced Directory Client Settings.”
Archiving an Open Directory Master
You can use Server Admin to archive a copy of an Open Directory masters directory
and authentication data. You can archive a copy of the data while the Open Directory
master is in service.
The following les are archived:
LDAP directory database and conguration les Â
Open Directory password server database Â
Kerberos database and conguration les Â
Local directory domain and shadow password database Â
If you have a reliable archive of an Open Directory master, you eectively have an
archive of all its replicas. If a replica develops a problem, you can change its Open
Directory role to standalone server and then set up the server as if it were a new
server, with a new host name, and set it up as a replica of the same master as before.
Important: Carefully safeguard the archive media that contains a copy of the Open
Directory password database, the Kerberos database, and the Kerberos keytab le. The
archive contains passwords of all users who have an Open Directory password, both
in the shared LDAP directory domain and in the local directory domain. Your security
precautions for the archive media should be as stringent as for the Open Directory
master server.
To archive an Open Directory master:
1 Open Server Admin and connect to Open Directory master server.
2 Click the triangle at the left of the server.
The list of services appears.
3 From the expanded Servers list, select Open Directory.
4 Click Archive.
5 In the Archive in eld, enter the path to the folder where you want the Open Directory
data archived, then click the Archive button.
You can enter the folder path or click Choose to select it.
6 Enter a name and password to use in encrypting the archive, then click OK.
19 6 Chapter 9 Maintaining Open Directory Services