Specifications
Chapter 7 Managing Directory Access 105
To specify a server you prefer the Active Directory plug-in to access:
1 In Directory Access, click Services.
2 If the lock icon is locked, click it and type the name and password of an administrator.
3 Select Active Directory in the list of services, then click Configure.
4 If the advanced options are hidden, click Show Advanced Options.
5 Select “Prefer this domain server” and enter the DNS name of the Active Directory
server.
Mapping the UID to an Active Directory Attribute
Using Directory Access, you can specify an Active Directory attribute that you want the
Active Directory plug-in to map to the unique user ID (UID) attribute of Mac OS X.
Usually the Active Directory schema must be extended to include an attribute that’s
suitable for mapping to the UID.
If UID mapping is disabled, the Active Directory plug-in automatically generates a UID
based on Active Directory’s standard GUID attribute.
Important: If you change the mapping of the UID at a later date, users may lose access
to previously created files.
To map the UID to an attribute in an extended Active Directory schema:
1 In Directory Access, click Services.
2 If the lock icon is locked, click it and type the name and password of an administrator.
3 Select Active Directory in the list of services, then click Configure.
4 If the advanced options are hidden, click Show Advanced Options.
5 Select “Map UID to attribute” and enter the name of the Active Directory attribute you
want mapped to the UID.
Changing the Active Directory Groups That Can Administer the
Computer
Using Directory Access, you can grant administrator privileges to groups of user
accounts accessed by the Active Directory plug-in. These Active Directory user
accounts can be used to perform administrative tasks such as installing software on the
Mac OS X computer that you are configuring.
LL2352.Book Page 105 Friday, August 22, 2003 3:12 PM