Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Command-Line
51525354555657585960
You also congure Mac OS X Server to handle cross-domain authorization if a
Kerberos realm exists.
If you have an existing Active Directory server, you can connect an Open Directory
server to it and you can easily add users from the Active Directory server into your
Open Directory server. These users are referred to as augment users.
For more information about augment records, see “Integrating with Augment
Records on page 68. For more information about adding augments to user records,
see User Management.
 Open Directory Master Server with replicas. You can also create a Mac OS X Open
Directory master server with replicas. The replica servers have a copy of the Open
Directory masters directory domain for load balancing and redundancy.
For example, your organization could have an Open Directory master at your
headquarters and place replicas of that server at each remote location. This prevents
users at remote locations from experiencing delayed logins.
 Cascading replication. You can also use cascading replication, where replicas of an
Open Directory master have replicas. If a replica is a direct member of the Open
Directory master and it has replicas it is called a relay.
For example, If your organization has 32 replicas and you must add another replica,
you can reorganize your network topology and have your replicas become relays by
adding replicas to a replica (or relay).
Cascading replication load-balances the Open Directory master by minimizing the
number of replicas it must directly manage.
Estimating Directory and Authentication Requirements
In addition to considering how you want to distribute directory data among multiple
domains, you must also consider the capacity of each directory domain. The size of
your directory domain depends on your network requirements.
One factor is the performance of the database that stores directory information. The
LDAP directory domain of Mac OS X Server uses the Berkeley DB database, which
remains ecient with 200,000 records. A server hosting a directory domain of that size
must have sucient hard disk space to store all the records.
The number of connections a directory service can handle is harder to measure
because directory service connections occur in the context of the connections of
all services the server provides. With Mac OS X Server, a server dedicated to Open
Directory has a limit of 1,000 simultaneous client computer connections.
58 Chapter 4 Open Directory Planning and Management Tools