Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Version 10.3 or Later
51525354555657585960
56 Chapter 5 Setting Up Open Directory Services
Setting Up an Open Directory Master
Using Server Admin, you can set up Mac OS X Server to be an Open Directory master
so it can provide directory information and authentication information to other
systems. Mac OS X Server provides directory information by hosting a shared LDAP
directory domain. In addition, the server authenticates users whose accounts are stored
in the shared LDAP directory domain.
Important: If you change a Mac OS X Server computer that was connected to another
directory system to be an Open Directory master instead, the server remains connected
to the other directory system. The server will search for user records and other
information in its shared LDAP directory domain before searching in other directory
systems to which it is connected.
To configure a server to host a shared LDAP domain:
1 Open Server Admin and select Open Directory for a server in the Computers & Services
list.
A server must have Mac OS X Server version 10.3 or later to be an Open Directory
master.
2 Click Settings (near the bottom of the window), then click General (near the top).
3 Choose Open Directory Master from the Role pop-up menu and enter the requested
information.
Administrator short name: The short name of an administrator account in the servers
local directory domain that you want to have copied to the new shared LDAP directory.
This account will be an administrator of the LDAP directory domain.
Administrator password: The password for the administrator account whose short
name you entered.
Kerberos realm name: By convention, the Kerberos realm name is the same as the
server’s DNS name but in all uppercase letters. For example, a server whose DNS name
is example.com would have a Kerberos realm name of EXAMPLE.COM.
Search base (optional): The search base suffix for the new LDAP directory. Typically,
the search base suffix is derived from the servers DNS name. For example, the search
base suffix could be dc=example, dc=com for a server whose DNS name is
server.example.com.
4 Click OK, then click Save.
After setting up a Mac OS X Server computer to be an Open Directory master, you can
configure other computers with Mac OS X or Mac OS X Server to access the servers
shared LDAP directory domain:
LL2352.Book Page 56 Friday, August 22, 2003 3:12 PM