Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentXserve Up Mac OS X Server
919293949596979899100
100 Chapter 8 Managing User and Group Accounts
Administering and Creating User Accounts
This section describes how to administer user accounts stored in directory domains.
A user account stores data that Mac OS X Server needs to validate the user’s identity
and provide services for the user.
User and group accounts, as well as computer and computer group accounts, can be
stored in any Open Directory domain accessible from any Mac OS X computer. A
directory domain can reside on a Mac OS X computer (for example, the LDAP folder of
an Open Directory master or another read/write directory domain) or it can reside on a
non-Apple server (for example, a non-Apple LDAP or Active Directory server).
Creating a Local Administrator User Account for a Server
Users with server or directory domain administration privileges are known as
administrators. An administrator can be a server administrator, domain administrator,
or both. Server administrator privileges determine whether a user can view information
about or change the settings of a specific server.
Domain administrator privileges determine the extent to which the user can view or
change account settings for users, groups, computers, and computer groups in the
directory domain.
To create local administrator users for a server, use the
serversetup tool. The
serversetup tool is located in /System/Library/ServerSetup/ and is not in the local
path, so you must provide the path to it. You must also run it with root privileges.
To create nonadministrator users, see “Creating a Nonadministrator User Account” on
page 102.
To create administrator users in a network directory domain, see “Creating a Domain
Administrator User Account” on page 101.
To create a local administrator user account:
$ sudo /System/Library/ServerSetup/serversetup -createUser
fullname
shortname
password
Enter the name, short name, and password in the order shown. If the full name
includes spaces, enter it in quotes.
The command displays a 0 if successful, or a 1 if the full name or short name is already
in use.