Specifications
Chapter 5 Setting Up Open Directory Services 79
Users whose information can be managed most easily on a server should be
dened in the shared LDAP directory of a Mac OS X Server that is an Open Directory
master. Some of these users can be dened in directory domains on other servers,
such as an Active Directory domain on a Windows server.
These concepts are discussed in Chapter 1, “ Directory Services with Open Directory.”
Assess whether you need more than one shared domain. If so, decide which users Â
will be dened in each shared domain. For more information, see “Multilevel Search
Policies” on page 33.
Determine which authentication options users need. For available options, see Â
Chapter 3, “Open Directory Authentication.” Decide whether to have replicas of your
Open Directory master or to have a BDC of your PDC. Chapter 4, “Open Directory
Planning and Management Tools” provides guidelines.
Select server administrators carefully. Provide administrator passwords only Â
to people you trust. Have as few administrators as possible. Don’t delegate
administrator access for minor tasks, such as changing settings in a user record.
Directory information vitally aects everyone whose computers use it.
Managing Open Directory on a Remote Server
You can install Server Admin on a computer with Mac OS X v10.6 or later and use it to
manage Open Directory on any server on your local network and elsewhere. You can
also manage Open Directory remotely by using command-line tools from a Mac OS X
computer or a non-Macintosh computer.
For more information, see the Server Administration chapter of Getting Started.
Turning Open Directory On
Before you can congure Open Directory settings, you must turn on Open Directory
service in Server Admin.
To turn Open Directory service on:
1 Open Server Admin and connect to the server.
2 Click Settings.
3 Click Services.
4 Select the Open Directory checkbox.
5 Click Save.