beautypg.com

Administering user accounts, Where user accounts are stored – Apple Mac OS X Server (Administrator’s Guide) User Manual

Page 137

background image

Users and Groups

137

m Decide who you want to be able to administer users and groups and make sure they have

administrator privileges. “Administration Privileges” on page 125 describes administrator
privileges.

When you use Server Assistant to initially configure your server, you specify a password for
the owner/administrator. The password you specify also becomes the root password for
your server. Use Workgroup Manager to create an administrator user with a password that
is different from the root password. Server administrators do not need root privileges.

The root password should be used with extreme caution and stored in a secure location.
The root user has full access to the system, including system files. If you need to, you can
use Workgroup Manager to change the root password.

m Decide how you want to configure client computers so that the users you want to support

can effortlessly log in and work with your server. Chapter 2, “Directory Services,” provides
some information about this topic.

Administering User Accounts

This section describes how to administer user accounts stored in various kinds of directory
domains.

Where User Accounts Are Stored

User accounts, as well as group accounts and computer accounts, can be stored in any Open
Directory domain accessible from the Mac OS X computer that needs to access the account.
A directory domain can reside on a Mac OS X computer (for example, a NetInfo or LDAPv3
domain) or it can reside on a non-Apple server (for example, an LDAP or Active Directory
server).

You can use Workgroup Manager to work with accounts in all kinds of directory domains, but
you can update only NetInfo and LDAPv3 directory domains using Workgroup Manager.

See Chapter 2, “Directory Services,” for complete information about the different kinds of
Open Directory domains.

Creating User Accounts in Directory Domains on Mac OS X Server

You need administrator privileges for a directory domain to create a new user account in it.

To create a user account:

1

Ensure that the directory services of the Mac OS X Server you are using has been configured
to access the domain of interest. See Chapter 2, “Directory Services,” for instructions.

2

In Workgroup Manager, click the Accounts button.

3

Use the At pop-up menu to open the domain in which you want the user’s account to reside.

This manual is related to the following products:
See also other documents in the category Apple Software: