Filter
Top Products
Chapter 15 Working with Open Directory 253
Managing OpenLDAP
Open Directory uses OpenLDAP, the open source implementation of LDAP, to provide
directory services for mixed-platform environments. A common language for directory
access lets you consolidate information from different platforms and define a single
name space for all network resources. Whether you have Mac, Windows, or Linux
computers on your network, you can set up and manage a single directory eliminating
the need to maintain a separate directory or separate user records for each platform.
Configuring LDAP
The OpenLDAP server daemon is slapd, located in /usr/libexec/. slapd is launched
automatically by the LDAP startup item. The primary configuration files for OpenLDAP
are kept in /etc/openldap/. There you will find the slapd.conf file, which contain basic
configuration information. Most of the configuration for Open Directory is stored in the
slapd_macosxserver.conf file. An include statement in the slapd.conf file includes
slapd_macosxserver.conf.
Although the directives in these files can be modified using the administration
applications, it’s advisable that you not modify these directives. Instead, use your own
configuration file by adding an include directive for it in the slapd.conf file.
passwordOptionsString Default = "usingHistory=0 usingExpirationDate=0
usingHardExpirationDate=0 requiresAlpha=0
requiresNumeric=0 expirationDateGMT=12/31/69
hardExpireDateGMT=12/31/69
maxMinutesUntilChangePassword=0
maxMinutesUntilDisabled=0 maxMinutesOfNonUse=0
maxFailedLoginAttempts=0 minChars=0 maxChars=0
passwordCannotBeName=0"
NetInfoRunStatus Default = ""
LDAPSSLCertificatePath Default = ""
masterServer Default = ""
LDAPServerType Default = "standalone"
NetInfoDomain Default = ""
replicationWhen Default = "periodic"
useSSL Default = "YES"
LDAPDefaultPrefix Default = "dc=<domain>,dc=com"
LDAPTimeoutUnits Default = "minutes"
LDAPServerBackend Default = "BerkeleyDB"
Parameter (dirserv:) Description