beautypg.com

Defining user ids – Apple Mac OS X Server (Administrator’s Guide) User Manual

Page 144

background image

144

Chapter 3

When Tom attempts to access MyDoc, Mac OS X searches the login hierarchy for user
records with short names that match those associated with AllStudents. Tom’s user record is
found because it resides in the login hierarchy, and the UID in the record is compared with
Tom’s login UID. They match, so Tom is allowed to read MyDoc, even though he’s not
actually a member of AllStudents.

Defining User IDs

A user ID (UID) is a number that uniquely identifies a user. Mac OS X computers use the UID
to keep track of a user’s directory and file ownership. When a user creates a directory or file,
the UID is stored as the creator ID. A user with that UID has read and write privileges to the
directory or file by default.

The UID should be a unique string of digits from 500 through 2,147,483,647. Assigning the
same UID to different users is risky, since two users with the same UID have identical
directory and file access privileges.

The UID 0 is reserved for the root user. UIDs below 100 are reserved for system use; users
with these UIDs can’t be deleted and shouldn’t be modified except to change the password
of the root user.

You can use Workgroup Manager to edit the UID of an account stored in a NetInfo or LDAPv3
directory domain or to review the UID in any directory domain accessible from the server
you are using.

To work with the UID using Workgroup Manager:

1

In Workgroup Manager, open the account you want to work with if it is not already open.

To open an account, click the Account button, then use the At pop-up menu to open the
directory domain where the user’s account resides. To change the UID, click the lock to be
authenticated. Select the user in the user list.

2

If you specify a value in the User ID field on the Basic tab, make sure it will be unique in the
search policy of computers the user will log in to. When creating new user accounts in any
shared directory domain, UIDs are automatically assigned; the value assigned is an unused
UID (1025 or greater) in the server’s search path. (New users created using the Accounts
Preferences pane on Mac OS X Desktop computers are assigned UIDs starting at 501.)

Once UIDs have been assigned and users start creating files and directories throughout a
network, you shouldn’t change UIDs. One possible scenario in which you may need to
change a UID is when merging users created on different servers into one new server or
cluster of servers. The same UID may have been associated with a different user on the
previous server.

This manual is related to the following products:
See also other documents in the category Apple Software: