Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Version 10.3 or Later
919293949596979899100
100 Chapter 7 Managing Directory Access
Populating LDAP Directories With Data for Mac OS X
After configuring access to LDAP directory domains and setting up their data mapping,
you can populate them with records and data for Mac OS X. For directory domains that
allow remote administration (read/write access), you can use the Workgroup Manager
application, which is included with Mac OS X Server, as follows:
Identify share points and shared domains that you want to mount automatically in a
users /Network directory (the Network globe in Finder windows). Use the Sharing
module of Workgroup Manager. For instructions, see the file services administration
guide.
Define user records and group records and configure their settings. Use the Accounts
module of Workgroup Manager. For instructions, see the user management guide.
Define lists of computers that have the same preference settings and are available to
the same users and groups. Use the Computers module of Workgroup Manager. For
instructions, see the user management guide.
In all cases, click the small globe icon above the list of users and choose from the pop-
up menu in Workgroup Manager to open the LDAP directory domain. If the LDAP
directory is not listed in the pop-up menu, choose Other from this menu to select the
LDAP directory.
Note: To add records and data to a read-only LDAP directory, you must use tools on the
server that hosts the LDAP directory.
Accessing an Active Directory Domain
You can configure a server with Mac OS X Server or a computer with Mac OS X to
access an Active Directory domain on a Windows 2000 or Windows 2003 server. For
task descriptions and instructions, see:
“Learning About the Active Directory Plug-in” (next)
“Configuring Access to an Active Directory Domain” on page 102
“Enabling or Disabling Active Directory Credential Caching” on page 104
“Mapping the UID to an Active Directory Attribute” on page 105
“Changing the Active Directory Groups That Can Administer the Computer on
page 105
“Editing User Accounts and Other Records in Active Directory on page 106
Alternative methods for accessing an Active Directory domain are appropriate for some
networks. The alternatives include the following:
“Setting Up LDAP Access to Active Directory Domains” on page 106
LL2352.Book Page 100 Friday, August 22, 2003 3:12 PM