Local and shared directory domains, Local data, Local and shared directory domains 50 – Apple Mac OS X Server (version 10.2.3 or later) User Manual

50

Chapter 2

m Lightweight Directory Access Protocol (LDAP), an open standard commonly used in

mixed environments

m NetInfo, the Apple directory services protocol for Mac OS X

The directory services of Mac OS X version 10.2—Open Directory—can also store and
retrieve administrative data that resides in existing directory domains on other servers. Open
Directory can read and write data in the following domains:

m Shared NetInfo domains on other Mac OS X computers (servers or clients)

m OpenLDAP directories on various UNIX servers

m Active Directory domains on Windows servers

m Other LDAPv3-compliant directories that are configured to allow remote administration

and read and write access

In addition, Open Directory can retrieve but not store administrative data in the following
domains:

m BSD configuration files located on the Mac OS X Server

m LDAPv2 domains and read-only LDAPv3 domains on other servers

Local and Shared Directory Domains

Where you store your server’s user information and other administrative data is determined
by whether the data needs to be shared.

Local Data

Every Mac OS X computer has a local directory domain. A local domain’s administrative data
is visible only to applications and system software running on the computer where the
domain resides. It is the first domain consulted when a user logs in or performs some other
operation that requires data stored in a directory domain.

When the user logs in to a Mac OS X computer, Open Directory searches the computer’s
local directory domain for the user’s record. If the local directory domain contains the user’s
record (and the user typed the correct password), the login process proceeds and the user
gets access to the computer.

Local

domain

Local

domain

Log in to

Mac OS X

Connect to

Mac OS

X Server

LL0395.Book Page 50 Wednesday, November 20, 2002 11:44 AM