Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Command-Line
51525354555657585960
Chapter 4 Open Directory Planning and Management Tools 59
The Open Directory server can provide LDAP and authentication services to more
client computers, because not all computers need these services at the same
time. Each computer connects to the LDAP directory for up to two minutes, and
connections to the Open Directory Password Server are even more brief.
Determining what the fraction is—the percentage of computers that will make
connections at the same time—can be dicult.
For example, computers that each have a single user who spends all day working on
graphics les will need Open Directory services relatively infrequently.
In contrast, computers in a lab will have many users logging in throughout the day,
each with a dierent set of managed client preference settings, and these computers
will place a relatively high load on Open Directory services.
In general, you can correlate Open Directory usage with login and logout. These
activities generally dominate directory and authentication services for any system.
The more frequently users log in and out, the fewer computers an Open Directory
server (or any directory and authentication server) can support. You need more Open
Directory servers if users log in frequently. You can get by with fewer Open Directory
servers if work sessions are long and login is infrequent.
Identifying Servers for Hosting Shared Domains
If you need more than one shared domain, identify the servers where the shared
domains should reside. Shared domains aect many users, so they should reside on
Mac OS X Server computers that have the following characteristics:
Restricted physical access Â
Limited network access Â
High-availability technologies, such as uninterruptible power supplies Â
Select computers that will not be replaced frequently and that have adequate capacity
for expanding directory domains. Although you can move a shared domain after it
is set up, it might be necessary to recongure the search policies of computers that
connect to the shared domain so users can continue to log in.