beautypg.com

Step 1: before you begin, do some planning, Step 3: set up open directory password server – Apple Mac OS X Server (version 10.2.3 or later) User Manual

Page 129

background image

Users and Groups

129

Step 1:

Before you begin, do some planning

See “Before You Begin” on page 132 for a list of items to think about before you start creating
a large number of users and groups.

Step 2:

Set up directory domains in which user and group accounts

will reside

Make sure you have created any directory domain in which you’ve decided to store user and
group accounts. See Chapter 2, “Directory Services,” for instructions on creating shared, or
network-visible, domains.

Make sure that any user who will be using Workgroup Manager to add and change users and
groups has directory domain administration privileges in the domains for which the user is
responsible. You can use Workgroup Manager to add and change user and group accounts
that reside in NetInfo or LDAPv3 directory domains.

If you will be using LDAPv2, read-only LDAPv3, BSD configuration file, or other read-only
directory domains, make sure the domains are configured to support Mac OS X Server access
and that they provide the data you need for user and group accounts. It may be necessary to
add, modify, or reorganize information in a directory to provide the information in the
format needed:

m Chapter 2, “Directory Services,” describes how to configure Mac OS X Server to access

remote servers on which these domains reside to retrieve information.

m Appendix A, “Data Requirements of Mac OS X Directory Services,” describes the user and

group account data formats that Mac OS X expects. When you configure your Mac OS X
Server directory services to use directory domains that do not reside on Mac OS X Server,
you may need to refer to this appendix to determine the data mapping requirements for
particular kinds of directory domains.

m Appendix B, “Integrating Mac OS X Directory Services With Active Directory,” describes

how you can use the information stored in Microsoft’s Active Directory to authenticate
Macintosh users and provide services for them on Mac OS X Server.

Step 3:

Set up Open Directory Password Server

If you will be using Open Directory Password Server to validate passwords for users in any
directory domain, set up the Password Server as soon as you can. When you switch from a
different password validation strategy to Password Server validation, you must reset the
passwords for all users affected.

See “Open Directory Password Server” on page 63 and “Setting Up an Open Directory
Domain and Password Server” on page 71 for setup instructions.

LL0395.Book Page 129 Wednesday, November 20, 2002 11:44 AM

See also other documents in the category Apple Software: