Apple Mac OS X Server (version 10.2.3 or later) User Manual

640

Appendix B

m In another scenario, a Mac OS X Server hosts AFP home directories for Mac OS X users

whose accounts are stored in an Active Directory domain.

When users log in to Mac OS X client computers, they are authenticated using Active
Directory information and their home directories are mounted. After login is complete,
they can access their home directories from the Finder by choosing Home from the Go
menu or clicking Home in a Finder window. Their home directories are visible in the
Finder under the Network Globe.

In both scenarios, you set up three kinds of computers to provide authentication and file
access:

m a Windows 2000 server hosting Active Directory

m a Mac OS X Server hosting user files

m Macintosh client computers at which users log in

To ensure that Active Directory contains the information required to support either scenario,
you may need to modify the Active Directory schema and add users to the Active Directory
database.

Providing Apple File Service for Users Defined in Active Directory
Domains

In this scenario, a user connects to Mac OS X Server from a Mac OS 9 or Mac OS X computer
to access files stored in AFP share points on the server. The user’s authentication information
is stored in an Active Directory domain on a Windows 2000 server. The following figure
illustrates the process of using an Active Directory domain to authenticate a user for Apple
file service and grant access to share points.

The numbers in this figure identify the steps that begin when a user connects to Mac OS X
Server for file service and end when one or more share points are mounted on the user’s
computer. Each of these numbered steps is discussed in the following paragraphs.

Windows 2000 Server

hosting Active Directory

Macintosh

client computer

Mac OS X Server

hosting AFP share points

1

2

3

LL0395.Book Page 640 Wednesday, November 20, 2002 11:44 AM