Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Command-Line
31323334353637383940
Chapter 2 Open Directory Search Policies 35
A computer’s automatic search policy always begins with the computers local
directory domain. If a Mac OS X computer is not connected to a network, the
computer searches its local directory domain for user accounts and other
administrative data.
The automatic search policy then determines whether the computer is congured
to connect to a shared local directory domain. The computer can be connected to a
shared local directory domain, which can in turn be connected to another shared local
directory domain, and so on.
A local directory domain connection, if any, constitutes the second part of the
automatic search policy. For more information, see About the Local Directory
Domain on page 26.
Finally, a computer with an automatic search policy can connect to a shared LDAP
directory. When the computer starts, it can get the address of an LDAP directory server
from DHCP service. The DHCP service of Mac OS X Server can supply an LDAP server
address in the same way it supplies the addresses of DNS servers and a router.
A non-Apple DHCP service can also supply an LDAP server address. This feature is
known as DHCP option 95.
If you want the DHCP service of Mac OS X Server to supply clients with an LDAP
servers address for automatic search policies, congure the LDAP options of DHCP
service. For more information, see the DHCP chapter in Network Services Administration.
If you want a Mac OS X computer to get the address of an LDAP server from DHCP
service:
The computer must be congured to use an automatic search policy. For more Â
information, see “Using Advanced Search Policy Settings on page 12 7.
The computer’s network preferences must be congured to use DHCP or DHCP with Â
a manual IP address. Mac OS X is initially congured to use DHCP. For information
about setting network preferences, search Mac Help.
An automatic search policy oers convenience and exibility, especially for mobile
computers. If a computer with an automatic search policy is disconnected from
the network, connected to a dierent network, or moved to a dierent subnet, the
automatic search policy can change.
If the computer is disconnected from the network, it uses its local directory domain.
If the computer is connected to a dierent network or subnet, it can automatically
change its local directory domain connection and can get an LDAP server address
from the DHCP service on the current subnet.
With an automatic search policy, a computer doesn’t need to be recongured to get
directory and authentication services in its new location.