beautypg.com

Setting up a password server, Enabling the use of a password server for a user, S password, see “enabling the use of a – Apple Mac OS X Server (Administrator’s Guide) User Manual

Page 196

background image

196

Chapter 3

m Data about the user that is useful in log records, such as the short name.

m Password policy data.

Setting Up a Password Server

The account for a user validated using the Password Server is stored in a NetInfo or LDAPv3
directory domain that resides on Mac OS X Server. Before you set up a user’s account to use
a Password Server, you need to set up the Password Server.

See Chapter 2, “Directory Services,” for instructions on how to set up a Password Server. It
describes how to use Open Directory Assistant to

m create a Password Server

m associate a directory domain with a Password Server

m designate an administrator for the Password Server

Any user you designate to be an administrator for the Password Server becomes the domain
administrator for the directory domain with which the server is associated. This
administrator’s password is validated using that Password Server, so that the administrator is
able to update passwords for user accounts that use that Password Server.

Enabling the Use of a Password Server for a User

Use Workgroup Manager to enable the use of a Password Server for validating passwords for
user accounts stored in a NetInfo or LDAPv3 directory domain residing on Mac OS X Server.

To enable the use of a Password Server for a user:

1

Make sure a Password Server has been associated with the directory domain in which the
user’s account resides.

2

In Workgroup Manager, open the account you want to work with if it is not already open.

To open an account, click the Account button, then use the At pop-up menu to open the
directory domain where the user’s account resides. Click the lock to be authenticated, then
select the user in the list.

3

On the Advanced tab, choose “Password Server” from the “Use Password Type” pop-up
menu.

4

If the user’s password is currently being validated using a different strategy, you will be
prompted to enter and verify a new password. If you are working with a new user, enter the
password on the Basic tab in the Password field, then reenter it in the Verify field. The
password must contain no more than 512 characters, although there may be different limits
imposed by the network authentication protocol; for example, 128 characters for SMB NT, 14
for SMB LAN Manager, 8 for AFP 2-way random, and 8 for Crypt (basic). “Choosing a
Password” on page 192 provides guidelines for choosing passwords.

This manual is related to the following products:
See also other documents in the category Apple Software: