Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Version 10.3 or Later
919293949596979899100
Chapter 7 Managing Directory Access 99
8 Change “Map to __ items in list to All and change the list on the right to the exact set
of LDAP object classes to which you want the Users record type mapped.
For example, you could delete shadowAccount from the list so that Users maps to only
posixAccount and inetOrgPerson. Or you could map Users to account, posixAccount,
and shadowAccount.
To change an item on the list, double-click it.
To add an item to the list, click Add.
To delete the selected item from the list, click Delete.
To change the order of listed items, drag items up or down in the list.
You can find out the object classes of existing user records in the LDAP directory by
using the UNIX tool ldapsearch in a Terminal window. The following example would
display the object classes for a user record whose cn attribute is “Leonardo da Vinci:”
ldapsearch -x -h ldapserver.example.com -b "dc=example, dc=com"
'cn=Leonardo da Vinci' objectClass
The output displayed for this example command could be something similar to the
following:
# Leonardo da Vinci, example.com
dn: cn=Leonardo da Vinci, dc=example, dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
Preparing a Read-Only LDAP Directory for Mac OS X
If you want a Mac OS X computer to get administrative data from a read-only LDAP
directory, the data must exist in the read-only LDAP directory in the format required by
Mac OS X. You may need to add, modify, or reorganize data in the read-only LDAP
directory. Mac OS X cannot write data to a read-only LDAP directory, so you must make
the necessary modifications by using tools on the server that hosts the read-only LDAP
directory.
To prepare a read-only LDAP directory for Mac OS X:
1 Go to the server that hosts the read-only LDAP directory and configure it to support
LDAP-based authentication and password checking.
2 Modify the LDAP directorys object classes and attributes as necessary to provide the
data needed by Mac OS X.
For detailed specifications of the data required by Mac OS X directory services, see
Appendix A, “Mac OS X Directory Data.”
LL2352.Book Page 99 Friday, August 22, 2003 3:12 PM