Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Version 10.3 or Later
51525354555657585960
60 Chapter 5 Setting Up Open Directory Services
Setting Up a Connection to a Directory System
Using Server Admin, you can set up Mac OS X Server to get user records and other
directory information from another servers shared directory domain. The other server
also provides authentication for its directory information. Mac OS X Server will still get
directory information from its own local directory domain and will provide
authentication for this directory information.
Important: Changing Mac OS X Server to be connected to another directory system
instead of being an Open Directory master will deactivate its shared LDAP directory
domain, with the following ramifications:
User records and other directory information will still exist in the deactivated
directory domain but will be unavailable to the servers users and services.
If other servers were connected to the master directory domain, their services may
be disrupted when the user accounts and other information in the deactivated
directory domain become unavailable.
Users who had accounts in the deactivated directory domain may no longer be able
to access files and folders on the Open Directory master and on other servers that
were connected to the master directory domain.
To configure a server to get directory services from an existing system:
1 Open Server Admin and select Open Directory for a server in the Computers & Services
list.
2 Click Settings (near the bottom of the window), then click General (near the top).
3 Choose “Connected to a Directory System from the Role pop-up menu.
4 If the server was an Open Directory master and you are sure that users and services no
longer need access to the directory data stored in the shared directory domain that the
server has been hosting, click Save.
5 Click the Open Directory Access button to configure access to one or more directory
systems.
For instructions on configuring access to a particular kind of directory service, see
Chapter 7, “Managing Directory Access.”
Note: If you connect Mac OS X Server version 10.3 or later to a directory domain of
Mac OS X Server version 10.2 or earlier, be aware that users defined in the older
directory domain cannot be authenticated with the MS-CHAPv2 method. This method
may be required to securely authenticate users for the VPN service of Mac OS X Server
version 10.3 and later. Open Directory in Mac OS X Server version 10.3 supports MS-
CHAPv2 authentication, but Password Server in Mac OS X Server version 10.2 does not
support MS-CHAPv2.
LL2352.Book Page 60 Friday, August 22, 2003 3:12 PM