Specifications
If you’re experienced with UNIX, you probably know about the les in the /etc
directory—group, hosts, hosts.equiv, master.passwd, and so forth. For example, a
UNIX process that needs a user’s password consults the /etc/master.passwd le.
The /etc/master.passwd le contains a record for each user account. A UNIX process
that needs group information consults the /etc/group le.
Open Directory consolidates administrative information, simplifying the interaction
between processes and the administrative data they create and use:
Mac OS X processes
Open
Directory
Processes no longer need to know how and where administrative data is stored.
Open Directory gets the data for them. If a process needs the location of a user’s
home folder, the process has Open Directory retrieve the information.
Open Directory nds the requested information and then returns it, insulating the
process from the details of how the information is stored, as shown in the following
illustration.
Directory
domain
Directory
domain
Open
Directory
Mac OS X processes
If you set up Open Directory to access administrative data from more than one
directory domain, Open Directory consults the domains as needed.
Some data stored in a directory domain is identical to data stored in UNIX
conguration les. For example, the home folder location, real name, user ID, and
group ID are stored in user records of a directory domain instead of the standard
/etc/passwd le.
20 Chapter 1 Directory Services with Open Directory