Specifications
177
Appendix
C
C Authentication Manager
Mac OS X Server supports users that were configured to
use the legacy Authentication Manager technology in
Mac OS X Server version 10.0–10.2.
Authentication Manager is a legacy technology for securely validating passwords of the
following users:
• Users of Windows services (including support for SMB-NT, SMB-LM, and CRAM-MD5)
• Users of Apple file service whose Mac OS 8 computers have not been upgraded with
AFP client software version 3.8.3 or later
• Users who need to authenticate for mail service by using APOP or CRAM-MD5
Authentication Manager only works with user accounts that were created in a NetInfo
domain of Mac OS X Server version 10.0–10.2. Authentication Manager must have been
enabled for the NetInfo domain.
When you upgrade a server to Mac OS X Server version 10.3 from an earlier version that
has Authentication Manager enabled, it remains enabled. Existing users can continue to
use their same passwords. An existing user account uses Authentication Manager if the
account is in a NetInfo domain for which Authentication Manager has been enabled
and the account is set to use a crypt password.
After upgrading a server to Mac OS X Server version 10.3, you can change existing user
accounts to authenticate using Open Directory. Open Directory authentication is the
preferred authentication option for users of Windows services and is required for
domain login from a Windows workstation to a Mac OS X Server primary domain
controller. New user accounts created in Mac OS X Server version 10.3 are set to use
Open Directory authentication.
LL2352.Book Page 177 Friday, August 22, 2003 3:12 PM