Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Command-Line
919293949596979899100
24 Click OK.
25 From the Servers list, select SMB.
26 Click Settings, then click General.
27 Verify that the server is now a member of the Active Directory domain.
You can change the server’s optional description, which appears in the Network Places
window on Windows computers.
After setting up an Active Directory domain member, you might want to change
access restrictions, logging detail level, code page, domain browsing, or WINS
registration. Then if Windows services aren’t already running, you can start them.
For more information, see Network Services Administration.
Setting Up Single Sign-On Kerberos Authentication
Setting up single sign-on Kerberos authentication involves these tasks:
Make DNS available on the network and congure it to resolve the fully qualied Â
DNS name of the Open Directory master server (or other Kerberos server) to its IP
address. Also, congure DNS to resolve the IP address to the server’s fully qualied
DNS name.
Have an administrator set up a directory system to host a Kerberos realm. For more Â
information about setting up Mac OS X Server to host a Kerberos realm, see “Setting
Up an Open Directory Kerberos Realm on page 97.
Have a Kerberos administrator of an Open Directory master delegate the authority Â
to join servers to the Open Directory master’s Kerberos realm.
The administrator does not need delegated authority. A Kerberos administrator has
implicit authority to join any server to the Kerberos realm.
See “Delegating Authority to Join an Open Directory Kerberos Realm on page 100.
Have a Kerberos administrator or users with delegated authority join servers to the Â
Kerberos realm, which then provides single sign-on Kerberos authentication for
services provided by the servers that have joined. See Joining a Server to a Kerberos
Realm on page 102.
Set all computers using Kerberos to the correct date, time, and time zone, and Â
congure them to use the same network time server. Kerberos depends on the
clocks of all participating computers being in sync.
When you are conguring an Open Directory master, make sure DNS is correctly
congured and running before you start Open Directory service for the rst time.
If DNS is not congured properly or is not running when you start Open Directory,
Kerberos will not function properly.
96 Chapter 5 Setting Up Open Directory Services