beautypg.com

Enabling kerberos authentication for telnet, Solving problems with kerberos, Using ldap bind authentication – Apple Mac OS X Server (Administrator’s Guide) User Manual

Page 201: Backing up and restoring files, Backing up a password server

background image

Users and Groups

201

Enabling Kerberos Authentication for Telnet

To set up Telnet support, edit the /etc/inetd.conf file to enable Telnet.

Solving Problems With Kerberos

See “Kerberos Users Can’t Authenticate” on page 204 for troubleshooting tips.

Using LDAP Bind Authentication

When you use this password validation technique, you rely on an LDAPv2 or LDAPv3 server
to authenticate a user’s password. Because it supports the Secure Socket Layer (SSL)
protocol, LDAPv3 is preferred.

You can use Workgroup Manager to enable the use of LDAP bind authentication for user
accounts stored in a NetInfo or LDAPv3 directory domain.

To enable LDAP bind user authentication using Workgroup Manager:

1

Make sure the account for a user whose password you want to validate using LDAP bind
resides on an LDAPv3 server in the search path of the Mac OS X computer that needs to
validate the password.

See Chapter 2, “Directory Services,” for information about configuring LDAPv3 server
connections. Avoid mapping the password attribute when configuring the connection; bind
authentication will occur automatically. Also, set up the connection so it uses SSL in order to
protect the password, passed in clear text, while it is in transit.

2

In Workgroup Manager, open the account you want to work with if it is not already open.

To open an account, click the Account button, then use the At pop-up menu to open the
LDAPv3 directory domain where the user’s account resides. Click the lock to be
authenticated, then select the user in the user list.

3

On the Advanced tab, choose Basic from the “Use Password Type” pop-up menu.

4

On the Basic tab, make sure the Password field is empty.

Backing Up and Restoring Files

Regularly back up your Password Server as well as your root and administrator user accounts.

Backing Up a Password Server

Back up your Password Server frequently. When you do so, also back up any directory
domain(s) that use the Password Server:

This manual is related to the following products:
See also other documents in the category Apple Software: