Setup guide

3.5.11 Software Update

Software updates should not be performed automatically. All update downloads

should be conducted on a machine other than the one being configured. The

Software Update feature should be configured as follows:

1. Open System Preferences and click on the Software Update icon.

2. Uncheck the box in front of Check for updates.

3.6 Configuring Directory Access

The Directory Access program in /Applications/Utilities can be used to

control how and where the system searches for authentication information, and what

network service discovery protocols to use. To configure recommended settings:

1. Open the Directory Access Program.

2. Unlock the window if necessary.

3. Uncheck all unnecessary boxes. The AppleTalk, SLP, SMB, and

Rendezvous protocols allow automatic network service discovery, which is

not recommended. Providers of network services should always be

manually specified. NetInfo and BSD Flat File/NIS are not recommended

because they are legacy directory service protocols; LDAP is preferred.

Active Directory should only used if required.

4. If LDAPv3 is required, select the item and click Configure. A dialog box

will appear.

a. If necessary, expand the window by clicking “Show Options.”

b. Uncheck the box for “Use DHCP-supplied LDAP Server.”

c. Click New to create a new entry describing the LDAP server.

d. In the “Server Name of IP Address” column, enter the IP address of

the server.

e. Check the box for SSL to enable encrypted network

communications. (Information on installing SSL certificates is

provided in the section “Creating an SSL Certificate for LDAP

Services.”)

f. When the entry is complete, click OK to close the dialog box and

return to the main window.

5. If Active Directory is required, select the item and click Configure. A

dialog box will appear.

a. If necessary, expand the window by clicking “Show Advanced

Options.”

UNCLASSIFIED