beautypg.com

Apple Mac OS X Server (version 10.2.3 or later) User Manual

Page 203

background image

Users and Groups

203

5

On the Advanced tab, click Options to set up the user’s password policy. If you select the
“Disable login as of ” option, enter a date in mm/dd/yyyy format; for example, 02/22/2004.
Click OK when you are finished specifying options.

If you use a policy that requires user password changing, remember that not all protocols
support changing passwords. For example, IMAP does not support changing a password, and
Windows and NT don’t let you set passwords using the SMB protocol.

The password ID is a unique 128-bit number assigned when the password is created on the
Password Server. It may be helpful in troubleshooting, since it appears in the Password
Server log when a problem occurs. View this log in the directory services section of Server
Status.

Exporting and Importing Users With Password Server Passwords

The Password Server does not let you read passwords. Therefore when you export user
accounts that have Password Server passwords, passwords are not exported.

When you import these users or others whose passwords you want to be validated using a
Password Server:

m You can modify the import file so it specifies a clear-text authentication method. “Writing

a Record Description” on page 191 describes how.When you import the file using
Workgroup Manager or dsimportexport, make sure you are logged in as a Password Server
administrator.

m You can use Workgroup Manager to simultaneously select all the user accounts to use

Password Server. Use Command-click or Shift-click to select all the users whose password
strategy needs to be changed. Then use the Advanced tab to select Password Server and
enter a password when prompted. Now all the users can log in using the password you
specify, but reset their passwords using the My Account System Preferences pane after
login. Alternatively, you can change the user passwords on the Basic tab for individual
users.

Resetting Passwords Before Discontinuing Use of a Password Server

If you want to no longer use a Password Server, change the password validation strategy of
the Password Server administrator and any users whose passwords are validated using the
Password Server to basic. Doing so ensures that these users can continue to log in to
Mac OS X Server.

To reset passwords of Password Server users:

1

Open Workgroup Manager on a server from which you can access the domain with which the
Password Server and user are associated.

2

Use the At pop-up menu to open the directory domain. Click the lock to be authenticated as
a Password Server administrator.

LL0395.Book Page 203 Wednesday, November 20, 2002 11:44 AM

See also other documents in the category Apple Software: