Apple OS X Server User Manual


 
Directory function that requires such a reference. Once a remote Open Directory session is successfully
opened,Open Directory automatically sends all calls to Open Directory functions that use the remote directory
reference to the DirectoryService daemon over the encrypted TCP/IP connection. Other than calling
dsOpenDirServiceProxy, there is nothing the application has to do in order for its actions to take effect
on the remote system.
Open Directory, lookupd, and NetInfo
The process lookupd can be used to look up various categories of data, typically configuration information,
such as users, groups, networks, services, protocols, remote procedure calls, (RPC), mounts, printers, boot
parameters, aliases and netgroups, but also DNS information. This section describes how Open Directory
works with lookupd and NetInfo.
The lookupd process works through the use of agents, with each agent designed to obtain a particular type
of information. For example, there is an agent for resolving DNS queries, an agent for querying the local
NetInfo database and its parents, and agent for querying LDAP directories, an agent for querying the Network
Information System (NIS), and an agent for querying UNIX flat files in the file system. There is also an agent
for querying the lookupd cache, in which lookupd stores information that has recently been looked up.
The agents and the order in which the agents are used to look up information are configured through
command-line utilities. By default, the lookupd cache is searched first, followed by NetInfo, and then Open
Directory.
Like lookupd, Open Directory has a flexible architecture, provided by Open Directory plug-ins, for finding a
wide variety of information. Unlike lookupd, Open Directory is configured by the graphical tool, Directory
Access. While UNIX-based programs use lookupd to get information from external sources, Mac OS X
applications use Open Directory.
The lookupd process can be configured to work with Open Directory through the use of the DSAgent. When
a process that uses lookupd requires a piece of information, lookupd searches its cache and any other
configured agents. If no results are found, the DSAgent queries Open Directory. Take, for example, the
searching that occurs when “tjones” logs in using SSH, as shown in Figure 1-3 (page 23). In this example,
the lookupd cache is searched first. The user “tjones” is not in the cache, so lookupd queries NetInfo, which
finds “tjones” in the local NetInfodatabase (local.nidb). Open Directory does not participate in this particular
login process.
22
Open Directory, lookupd, and NetInfo
2007-01-08 | © 2007 Apple Inc. All Rights Reserved.
CHAPTER 1
Concepts