beautypg.com

Migrating passwords, Setting up password validation options, Storing passwords in user accounts – Apple Mac OS X Server (Administrator’s Guide) User Manual

Page 193: Enabling basic password validation for a user

background image

Users and Groups

193

m Windows service accepts 7-bit ASCII passwords.

m Server Settings accepts 7-bit or 8-bit ASCII passwords.

Migrating Passwords

When you import user accounts from computers running Mac OS X Server version 10.1 or
earlier, no authentication authority attribute exists. Therefore all these users have basic
password validation enabled initially. When importing users from servers supporting
Windows users, Authentication Manager passwords may have been used to set the
passwords.

While all the existing passwords can continue to be used after importing the users, if you
want to use the Password Server for imported users, you’ll need to reset their passwords
after importing them. “Enabling the Use of a Password Server for a User” on page 196
describes how to change a basic password to a Password Server password.

Setting Up Password Validation Options

The sections that follow describe how to set up the different kinds of password validation for
individual users:

m To store a password in a user’s account, see “Storing Passwords in User Accounts” on

page 193.

m To use a Password Server to validate a user’s password, see “Enabling the Use of a

Password Server for a User” on page 196.

m To use a Kerberos server, see “Integrating Mac OS X With a Kerberos Server” on page 199.

m To use LDAP bind authentication, see “Using LDAP Bind Authentication” on page 201.

Storing Passwords in User Accounts

This password management strategy is the default strategy, but cannot be used to validate
the passwords of clients that require network-secure authentication protocols. (The single
exception is users created using Mac OS X Server version 10.1 in NetInfo domains with
Authentication Manager enabled.) Use the Password Server if you need to support these
kinds of client computers.

Enabling Basic Password Validation for a User

Basic password validation is the simplest form of password validation. It relies on a readable
version of a user’s password, stored in the user account. Only the first 8 characters are used
for password validation.

This manual is related to the following products:
See also other documents in the category Apple Software: