Inside a directory domain – Apple Mac OS X Server (Administrator’s Guide) User Manual
Page 71
Directory Services
71
m Folder and file access. After logging in successfully, a user can access files and folders.
Mac OS X uses another data item from the user record—the user ID (UID)—to determine
the user’s access privileges for a file or folder that the user wants to access. When a user
accesses a folder or file, the file system compares this user’s UID to the UID assigned to
the folder or file. If the UIDs are the same, the file system grants owner privileges (usually
read and write privileges) to the user. If the UIDs are different, the user doesn’t get owner
privileges.
m Home directories. Each user record in a directory domain stores the location of the user’s
home directory, which is also known as the user’s home folder. This is where the user
keeps personal files, folders, and preferences. A user’s home directory can be located on
a particular computer that the user always uses or on a network file server.
m Automount share points. Share points can be configured to automount (appear
automatically) in the /Network folder (the Network globe) in the Finder windows of client
computers. Information about these automount share points is stored in a directory
domain. Share points are folders, disks, or disk partitions that you have made accessible
over the network.
m Mail account settings. Each user’s record in a directory domain specifies whether the
user has mail service, which mail protocols to use, how to present incoming mail,
whether to alert the user when mail arrives, and more.
m Resource usage. Disk, print, and mail quotas can be stored in each user record of a
directory domain.
m Managed client information. A user’s personal preference settings, as well as preset
preferences that affect the user, are stored in a directory domain.
m Group management. In addition to user records, a directory domain also stores group
records. Each group record affects all users who are in the group. Information in group
records specifies preferences settings for group members. Group records also determine
access to files, folders, and computers.
Inside a Directory Domain
Information in a directory domain is organized into record types, which are specific categories
of records, such as users, machines, and mounts. For each record type, a directory domain may
contain any number of records. Each record is a collection of attributes, and each attribute has
one or more values. If you think of each record type as a spreadsheet that contains a category of
information, then records are like the rows of the spreadsheet, attributes are like spreadsheet
columns, and each spreadsheet cell contains one or more values.