Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Version 10.3 or Later
81828384858687888990
82 Chapter 6 Managing User Authentication
Migrating Passwords to Open Directory Authentication
User accounts can be migrated from earlier versions of Mac OS X Server by importing
the account records or upgrading the server where they reside. User accounts created
with Mac OS X Server version 10.1 or earlier have no authentication authority attribute
but do have crypt passwords. For compatibility with such user accounts, Mac OS X
Server version 10.2 and later assumes a user account without an authentication
authority attribute has a crypt password.
If you import user accounts from Mac OS X Server version 10.1 or earlier, the user
accounts have no authentication authority attribute. Therefore these user accounts are
initially configured to have crypt passwords. An appendix in the user management
guide describes how to import user accounts.
Likewise, if you upgrade from Mac OS X Server version 10.1 or earlier, user accounts that
were created before upgrading have no authentication authority attribute. After
upgrading, these user accounts are assumed to have crypt passwords.
While all the existing crypt passwords can continue to be used after importing or
upgrading, you can change the user accounts to use Open Directory authentication.
You can change individual user accounts or multiple user accounts by using Workgroup
Manager. Changing a user account’s password type will reset the password. For
instructions, see “Changing the Password Type to Open Directory on page 76.
Some user accounts created with Mac OS X Server version 10.1 or earlier may use
Authentication Manager. It is a legacy technology for authenticating users of Windows
file service and users of Apple file service whose Mac OS 8 computers have not been
upgraded with AFP client software version 3.8.3 or later.
When migrating Authentication Manager users, you have the following options:
If you upgrade server version first from Mac OS X Server version 10.1 to version 10.2
and then to version 10.3, existing users can continue to use their same passwords.
You can change some or all upgraded user accounts to use Open Directory
authentication, which is the preferred option for authenticating Windows users. Users
of both types can coexist in the same directory domain.
If you import user accounts that use Authentication Manager, they will be converted
to Open Directory authentication during importing.
LL2352.Book Page 82 Friday, August 22, 2003 3:12 PM