beautypg.com

Step 4: implement search policies, Before you begin – Apple Mac OS X Server (Administrator’s Guide) User Manual

Page 91

background image

Directory Services

91

Step 4:

Implement search policies

Set up search policies so that all computers have access to the shared directory domains they
need. Note that if all computers have Mac OS X version 10.2 and can use the automatic
search policy, there is nothing to set up. Otherwise, see “Setting Up Search Policies” on
page 94.

If your network includes computers with Mac OS X versions earlier than 10.2, configure the
local domain on each of them so that it binds to a shared NetInfo domain. See “Using
NetInfo Domains” on page 110.

Step 5:

Configure Open Directory service protocols (optional)

You may want to disable some of the protocols that Open Directory uses to access directory
domains and to discover network services. See “Configuring Open Directory Service
Protocols” on page 93.

Before You Begin

Before setting up directory services for the first time:

m Understand why clients need directory data, as discussed in the first several sections of

this chapter.

m Assess your server access requirements.

Identify which users need to access your Mac OS X Servers.

Users whose information can be managed most easily on a server should be defined in a
shared Open Directory domain on a Mac OS X Server. Some of these users may instead be
defined in Active Directory domains or LDAP domains on other servers.

For more information, see “Local and Shared Directory Domains” on page 74 and
“Directory Domain Hierarchies” on page 78.

m Understand search policies, as described in “Search Policies for Directory Domain

Hierarchies” on page 82.

m Design the hierarchy of shared directory domains.

Determine whether user information should be stored in a local directory domain or in a
directory domain that can be shared among servers. Design your directory domain
hierarchy, identifying the shared and local domains you want to use, the servers on which
the shared domains should reside, and the relationships between shared domains. In
general, try to limit the number of users associated with any directory domain to no more
than 10,000.

“Directory Domain Planning” on page 85 provides some guidelines that will help you
decide what your directory domain hierarchy should look like.

m Assess your authentication needs.

This manual is related to the following products:
See also other documents in the category Apple Software: