beautypg.com

Accessing an existing ldapv2 directory, Setting up an ldapv2 server, Creating an ldapv2 server configuration – Apple Mac OS X Server (Administrator’s Guide) User Manual

Page 106

background image

106

Chapter 2

Accessing an Existing LDAPv2 Directory

You can configure a Mac OS X computer to retrieve administrative data from one or more
LDAPv2 servers. For each LDAPv2 server that you want the computer to access, you generally
do the following:

m Prepare the LDAPv2 server data. For instructions, see “Setting Up an LDAPv2 Server” on

page 106.

m Create an LDAPv2 server configuration. For instructions, see “Creating an LDAPv2 Server

Configuration” on page 106.

m Change LDAPv2 server access settings as needed. For instructions, see “Changing LDAPv2

Server Access Settings” on page 107.

m Edit LDAPv2 search bases and data mappings as needed. For instructions, see “Editing

LDAPv2 Search Bases and Data Mappings” on page 108.

m Make sure the LDAPv2 server is included in a custom search policy. For more information,

see “Setting Up Search Policies” on page 94.

Setting Up an LDAPv2 Server

If you want a Mac OS X computer to get administrative data from an LDAPv2 server, the data
must exist on the LDAPv2 server in the format required by Mac OS X. You may need to add,
modify, or reorganize data on the LDAPv2 server. Mac OS X cannot write data to an LDAPv2
directory, so you must make the necessary modifications by using tools on the server that
hosts the LDAPv2 directory.

To set up an LDAPv2 server for Mac OS X:

1

Go to the LDAPv2 server and configure it to support LDAPv2-based authentication and
password checking.

2

Modify LDAPv2 server object classes and attributes as necessary to provide the data needed
by Mac OS X.

For detailed specifications of the data required by Mac OS X directory services, see
Appendix A, “Open Directory Data Requirements.”

Creating an LDAPv2 Server Configuration

You need to create a configuration for an LDAPv2 server from which you want your computer
to get administrative data. Use the Directory Access application to create an LDAPv2
configuration.

To create an LDAPv2 server configuration:

1

In Directory Access, click the Services tab.

2

If the lock icon is locked, click it and type the name and password of a server administrator.

This manual is related to the following products:
See also other documents in the category Apple Software: