Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Version 10.3 or Later
919293949596979899100
96 Chapter 7 Managing Directory Access
Configuring LDAP Searches and Mappings
Using Directory Access, you can edit the mappings, search bases, and search scopes
that specify how Mac OS X finds specific data items in an LDAP directory. You can edit
these settings separately for each LDAP directory configuration listed in Directory
Access. Each LDAP directory configuration specifies how Mac OS X accesses data in an
LDAPv3 or LDAPv2 directory.
You can edit the mapping of each Mac OS X record type to one or more LDAP object
classes.
For each record type, you can also edit the mapping of Mac OS X data types, or
attributes, to LDAP attributes.
You can edit the LDAP search base and search scope that determine where Mac OS X
looks for a particular Mac OS X record type in an LDAP directory.
Important: When mapping Mac OS X user attributes to a read/write LDAP directory
domain (an LDAP domain that is not read-only), the LDAP attribute mapped to
RealName must not be the same as the first attribute in a list of LDAP attributes
mapped to RecordName. For example, the cn attribute must not be the first attribute
mapped to RecordName if cn is also mapped to RealName. If the LDAP attribute
mapped to RealName is the same as the first attribute mapped to RecordName,
problems will occur when you try to edit the full (long) name or the first short name in
Workgroup Manager.
For detailed specifications of Mac OS X record types and attributes, see Appendix A,
“Mac OS X Directory Data.”
To edit the search bases and mappings for an LDAP server:
1 In Directory Access, click Services.
2 If the lock icon is locked, click it and type the name and password of an administrator.
3 Select LDAPv3 in the list of services, then click Configure.
4 If the list of server configurations is hidden, click Show Options.
5 Select a server configuration in the list, then click Edit.
6 Click Search & Mappings.
7 Select the mappings that you want to use as a starting point, if any.
Click the Access this LDAPv3 server using pop-up menu and choose a mapping
template to use its mappings as a starting point, or choose Custom to begin with no
predefined mappings.
Or click “Read from Server to edit the mappings currently stored in the LDAP directory
server whose configuration you are editing.
LL2352.Book Page 96 Friday, August 22, 2003 3:12 PM