Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Version 10.3 or Later
61626364656667686970
66 Chapter 5 Setting Up Open Directory Services
To set up SSL communications for LDAP service:
1 Open Server Admin and in the Computers & Services list, select Open Directory for a
server that is an Open Directory master or an Open Directory replica.
2 Click Settings (near the bottom of the window), then click Protocols (near the top).
3 Choose LDAP Settings from the Configure pop-up menu, then select Use SSL.
4 Enter the location and name for the SSL Certificate, SSL Key, and CA Certificate.
Instead of typing or pasting the location and name of the SSL Certificate, SSL Key, or CA
Certificate, you can locate it by clicking the Browse button next to the field.
5 Click Save.
Migrating a Directory Domain From Netinfo to LDAP
You can use Server Admin to migrate a shared NetInfo directory domain to LDAP. The
migration process irreversibly replaces the directory domain’s NetInfo back-end
database with a Berkeley DB back-end database. After migration, client computers that
were configured to use NetInfo to access the directory domain will be able to continue
accessing it.
After migration, you can configure DHCP service to provide the migrated directory
domain as an LDAP server to client computers with Mac OS X or Mac OS X Server
version 10.2 and later that have automatic authentication search policies.
You can have client computers with Mac OS X version 10.3 or Mac OS X Server version
10.3 automatically switch to using LDAP to access the migrated directory domain. The
migration process can store auto-switch information in the directory domain. When
Mac OS X and Mac OS X Server version 10.3 and later use NetInfo to access a directory
domain that has been migrated to LDAP, they pick up the auto-switch information from
the directory domain and reconfigure themselves to access the directory domain using
LDAP henceforth.
When you set up migration, you can specify a date on which NetInfo access to the
migrated directory domain will be disabled. Alternatively, you can disable NetInfo
access at any time by clicking a button. After NetInfo is disabled, client computers can’t
switch automatically to LDAP.
The migration process moves all standard record types and data types from the NetInfo
database to an LDAP database. If the NetInfo directory domain was modified to contain
custom record types or data types, they are not moved to the LDAP database.
LL2352.Book Page 66 Friday, August 22, 2003 3:12 PM