Filter
Top Products
15
251
15 Working with Open Directory
In this chapter you will find commands used to configure and
manage the Open Directory service.
Open Directory is the standards-based directory and network authentication services
architecture used by Mac OS X and Mac OS X Server. In Mac OS X Server, Open
Directory relies on open source technologies such as OpenLDAP and Kerberos to
provide directory and authentication services, but Open Directory does much more.
It supports conventional authentication methods in addition to Kerberos. Open
Directory also integrates with other directory services including Microsoft Active
Directory, Novell eDirectory, and other standards-based LDAP directory services. This
chapter discusses the tools and commands used when working with Open Directory.
Understanding Open Directory
Mac OS X Server relies on the Lightweight Directory Access Protocol (LDAP) to provide
access to directory service data. LDAP is provided on Mac OS X Server by OpenLDAP, a
best-of-breed open source LDAP service. Apple has made very few changes to the
stock distribution of OpenLDAP. For most functions, you should be able to treat LDAP
on Mac OS X Server as a standard OpenLDAP distribution.
In addition to Open Directory, a wide variety of third-party directory services use LDAP
for identification. This allows Mac OS X to interoperate easily with these systems.
This chapter includes descriptions of tools for working with LDAP, NetInfo, and the
Open Directory Password Server.
Using General Directory Tools
This section describes how to test Open Directory configurations, modify Open
Directory directory domains, and test Open Directory plug-ins.
Testing Your Open Directory Configuration
You can use the dscl tool to test your directory services configuration. See the dscl
man page for more information.