Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Command-Line
81828384858687888990
To congure a server to be an Open Directory master:
1 Open Server Admin and connect to the server.
2 Click the triangle at the left of the server.
The list of services appears.
3 From the expanded Servers list, select Open Directory.
4 Click Settings, then click General.
If the Role option is set to Open Directory Replica and you want to make a new
Open Directory master, you must change the server role to Standalone. For more
information, see “Setting Up a Standalone Directory Service on page 80.
If you want to change an Open Directory replica to a master, promote the replica to
be a master instead of making a new master. For more information, see Promoting an
Open Directory Replica on page 192.
5 Click Change.
This opens the Open Directory Assistant.
6 Select “Set up an Open Directory Master,” then click Continue.
If your DNS Server is not congured, a message about single sign-on being unavailable
appears. If you want to use single sign-on, close the assistant and congure your
DNS. If you don’t want to use single sign-on, click Continue to congure your Open
Directory master without single sign-on.
7 Enter the following Master Directory Administrator information, then click Continue:
 Name, Short Name, User ID, Password: You must create a user account for the primary
administrator of the LDAP directory. This account is not a copy of the administrator
account in the servers local directory domain.
Make the names and user ID of the LDAP directory administrator dierent from the
names and user IDs of user accounts in the local directory domain.
Also, to prevent the directory administrator account from being listed in the login
window, assign the directory administrator account a user ID below 100. Accounts
with user IDs below 100 are not listed in the login window.
Note: If you plan to connect your Open Directory Master to other directory domains,
specify a unique name and user ID for each domain. Don’t use the suggested diradmin
user ID. Use a name that helps you distinguish the directory domain that the directory
administrator controls.
8 Enter the following Master Domain information, then click Continue:
 Kerberos Realm: This eld is set to be the servers DNS name, converted to capital
letters. This is the convention for naming a Kerberos realm. You can enter a dierent
name if necessary.
82 Chapter 5 Setting Up Open Directory Services