Filter
Top Products
Chapter 1 System Overview and Supported Standards 21
A standards-based directory services architecture oers centralized management of
network resources using any LDAP server–even proprietary servers such as Microsoft
Active Directory. The open source UNIX foundation makes it easy to port and deploy
existing tools to Mac OS X Server.
The following standards-based technologies power Mac OS X Server:
 Kerberos: Mac OS X Server integrates an authentication authority based on MIT’s
Kerberos technology (RFC 1964) to provide users with single sign-on access to
secure network resources.
Using strong Kerberos authentication, single sign-on maximizes the security of
network resources while providing users with easier access to a broad range of
Kerberos-enabled network services.
For services that have not yet been Kerberized, the integrated SASL service
negotiates the strongest possible authentication protocol.
 OpenLDAP: Mac OS X Server includes a robust LDAP directory server and a secure
Kerberos password server to provide directory and authentication services to Mac,
Windows, and Linux clients.
Apple has built the Open Directory server around OpenLDAP, the most widely
deployed open source LDAP server, so it can deliver directory services for both
Mac-only and mixed-platform environments.
LDAP provides a common language for directory access, enabling administrators to
consolidate information from dierent platforms and dene one namespace for all
network resources. This means there is a single directory for all Mac, Windows, and
Linux systems on the network.
 RADIUS: Remote Authentication Dial-In User Service (RADIUS) is an authentication,
authorization, and accounting protocol used by the 802.1x security standard for
controlling network access by clients in mobile or xed congurations. Mac OS X
Server uses RADIUS to integrate with AirPort Base Stations serving as a central MAC
address lter database. By conguring RADIUS and Open Directory, you can control
who has access to your wireless network.
Mac OS X Server uses the FreeRADIUS Server Project. FreeRADIUS supports
the requirements of a RADIUS server, shipping with support for LDAP, MySQL,
PostgreSQL, Oracle databases, EAP, EAP-MD5, EAP-SIM, EAP-TLS, EAP-TTLS, EAP-PEAP,
and Cisco LEAP subtypes. Mac OS X Server supports proxying, with failover and load
balancing.
 Mail Service: Mac OS X Server uses robust technologies from the open source
community to deliver comprehensive, easy-to-use mail server solutions. Full support
for Internet mail protocols—Internet Message Access Protocol (IMAP), Post Oce
Protocol (POP), and Simple Mail Transfer Protocol (SMTP)—ensures compatibility
with standards-based mail clients on Mac, Windows, and Linux systems.