Apple Mac OS X Server (version 10.2.3 or later) User Manual

Integrating Mac OS X Directory Services With Active Directory

643

2

Set up the Mac OS X Server that provides Apple file service so it can access the Active
Directory data.

Use the Directory Access application to create an LDAPv3 configuration for the Active
Directory domain on the Windows server. In addition, use Directory Access to include this
LDAPv3 configuration in the Mac OS X Server search policy. Chapter 2, “Directory Services,”
has detailed instructions for these tasks. Appendix A, “Data Requirements of Mac OS X
Directory Services,” has detailed specifications of record types and attributes required by
Mac OS X directory services.

3

Set up AFP share points and Apple file service on the Mac OS X Server.

Use the Sharing module of Workgroup Manager to set up share points. Use Server Settings to
set up Apple file service. For detailed instructions, see Chapter 4, “Sharing,” and Chapter 5,
“File Services.”

Hosting Home Directories for Users Defined in Active Directory
Domains

When you integrate Mac OS X Server into an environment with an Active Directory domain
that stores user information, Mac OS X client computers can use this information to
authenticate users who log in, while one or more Mac OS X Servers store home directories
for these users.

User record (class) attributes

Description

Example values

Mac OS X
attribute

Active Directory
attribute

User’s login names

jdm
JD Mankovsky

RecordName

sAMAccountName
name or displayName

UID

155

UniqueID

UniqueID

User’s full name

JD Mankovsky

RealName

name or displayName

User’s primary group ID

20

Primary
GroupID

primaryGroupID

LL0395.Book Page 643 Wednesday, November 20, 2002 11:44 AM