Apple OS X Server User Manual

Open as PDF

of 44

In this example, lookupd queries its local cache and NetInfo, and gets negative responses — “tjones” could

not be found in either location. Now, lookupd tells its DSAgent to query Open Directory. Searching the local

NetInfo database is the first step in every Open Directory search, so Open Directory tells its NetInfo plug-in

to search the local NetInfo database. Again, “tjones” is not found. In this case, Open Directory is configured

to conduct LDAP searches next, so Open Directory tells its LDAP plug-in to search for “tjones” in the remote

LDAP servers that it knows about. This time, “tjones” is found in ldap.myplace.com.

In summary, lookupd calls Open Directory when its local cache and NetInfo cannot find an answer. Whether

Open Directory is called by lookupd or called by another application, Open Directory always searches its

local NetInfo database first and then conducts other searches using whatever search technology it has been

configured to use. Most of the time, that search technology is LDAP.

Directory Service Command Line Utility

The directory service command line utility, dscl, operates on Open Directory nodes. It is similar to the nicl

utility, which only operates on NetInfo nodes. The dscl utility’soptions allow you to create, read, and manage

Open Directory data. For more information on the dscl utility, see the man page for dscl.

Debugging

Youmust be root to enter the DirectoryService killall commands that enable and disable debug logging.

The following command, run by root, enables debug logging if debug logging is currently off and disables

debug logging if debug logging is currently on:

killall -USR1 DirectoryService

Debugging output is sent to /Library/Logs/DirectoryService/DirectoryService.debug.log.

Debugging output includesinput toOpen Directory API calls, results, and timing, plus anydebug information

output by Open Directory plug-ins.

The following command, run by root, enables debug logging to /var/log/system.log if debug logging

is currently off and disables debug logging if debug logging is currently on:

killall -USR2 DirectoryService

When debug logging is enabled by -USR2, debug output includes API call results and timing. Debug logging

enabled by -USR2 is turned off automatically after five minutes.

Directory Service Command Line Utility

CHAPTER 1

Concepts

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Apple OS X Server User Manual