Specifications
Contents 9
207 Using kadmin to Kerberize a Service
207 Kerberizing Services with an Active Directory Server
208 Using Directory Service Tools
208 Operating on Directory Service Domains
208 Manipulating a Single Named Group Record
209 Adding or Removing LDAP Server Congurations
209 Conguring the Active Directory Connector
210 Chapter 10: Solving Open Directory Problems
210 Solving Open Directory Master and Replica Problems
210 If Kerberos Is Stopped on an Open Directory Master or Replica
211 If You Can’t Create an Open Directory Replica
211 If You Can’t Create an Open Directory Master or Replica from a Conguration File
211 If You Can’t Connect a Replica to Your Relay
211 If You Can’t Join an Open Directory Replica to an Open Directory That Is a
Subordinate of an Active Directory Server
212 Solving Directory Connection Problems
212 If a Delay Occurs During Startup
212 Solving Authentication Problems
212 If You Can’t Change a User’s Open Directory Password
212 If a User Can’t Access Some Services
213 If a User Can’t Authenticate for VPN Service
213 If You Can’t Change a User’s Password Type to Open Directory
213 If Users Relying on a Password Server Can’t Log In
213 If Users Can’t Log In with Accounts in a Shared Directory Domain
214 If You Can’t Log In as an Active Directory User
214 If Users Can’t Authenticate Using Single Sign-On Kerberos
216 If Users Can’t Change Their Passwords
216 If You Can’t Join a Server to an Open Directory Kerberos Realm
217 If You Must Reset an Administrator Password
218 Appendix A: Command-Line Parameters for Open Directory
218 Open Directory Service Settings
219 OpenLDAP Standard Distribution Tools
220 Appendix B: Mac OS X Directory Data
221 Open Directory Extensions to LDAP Schema
222 Object Classes in Open Directory LDAP Schema
231 Attributes in Open Directory LDAP Schema
253 Mapping Standard Record Types and Attributes to LDAP and Active Directory
253 Mappings for Users
258 Mappings for Groups
259 Mappings for Mounts