Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Version 10.3 or Later
41424344454647484950
46 Chapter 4 Open Directory Planning
The Open Directory server may actually be able to provide LDAP and authentication
services to more client computers, because all the client computers will not need these
services at once. Each client computer connects to the LDAP directory for up to two
minutes, and connections to the Open Directory Password Server are even shorter
lived. For example, an Open Directory server may be able to support 750 client
computers because the odds are that only a fraction of the client computers that could
make a connection with Open Directory will actually make connections at the same
time. Determining what the fraction is—what percentage of the potential client
computers will make connections at the same time—can be difficult. For example,
client computers that each have a single user who spends all day working on graphics
files will need Open Directory services relatively infrequently. In contrast, computers in
a lab will have many users logging in throughout the day, each with a different set of
managed client preference settings, and these computers will place a relatively high
load on Open Directory services.
In general, you can correlate Open Directory usage with login and logout. These
activities will generally dominate directory and authentication services in any system.
The more frequently users log in and out, the fewer client computers an Open
Directory server (or any directory and authentication server) can support. You need
more Open Directory servers if users log in very frequently. You can get by with fewer
Open Directory servers if work sessions are long duration and login is infrequent.
Identifying Servers for Hosting Shared Domains
If you need more than one shared domain, you need to identify the servers on which
shared domains should reside. Shared domains affect many users, so they should reside
on Mac OS X Server computers that have the following characteristics:
Restricted physical access
Limited network access
Equipped with high-availability technologies, such as uninterruptible power supplies
You should select computers that will not be replaced frequently and that have
adequate capacity for growing directory domains. While you can move a shared
domain after it has been set up, you may need to reconfigure the search policies of
computers that bind to the shared domain so that their users can continue to log in.
LL2352.Book Page 46 Friday, August 22, 2003 3:12 PM