Mac OS X Server Open Directory Administration - DEF CON
034-2352 Cvr9/12/0310:29 AMPage 1Mac OS X ServerOpen DirectoryAdministrationFor Version 10.3 or Later
LL2352.Book Page 2 Friday, August 22, 2003 3:12 PM Apple Computer, Inc. 2003 Apple Computer, Inc. All rights reserved.The owner or authorized user of a valid copy ofMac OS X Server software may reproduce thispublication for the purpose of learning to use suchsoftware. No part of this publication may be reproducedor transmitted for commercial purposes, such as sellingcopies of this publication or for providing paid forsupport services.Every effort has been made to ensure that theinformation in this manual is accurate. Apple Computer,Inc., is not responsible for printing or clerical errors.Use of the “keyboard” Apple logo (Option-Shift-K) forcommercial purposes without the prior written consentof Apple may constitute trademark infringement andunfair competition in violation of federal and state laws.Apple, the Apple logo, AirPort, AppleScript, AppleShare,AppleTalk, ColorSync, FireWire, Keychain, Mac, Mac OS,Macintosh, Power Mac, Power Macintosh, QuickTime,Sherlock, and WebObjects are trademarks of AppleComputer, Inc., registered in the U.S. and othercountries. Extensions Manager, and Finder aretrademarks of Apple Computer, Inc.Adobe and PostScript are trademarks of Adobe SystemsIncorporated.Java and all Java-based trademarks and logos aretrademarks or registered trademarks of SunMicrosystems, Inc. in the U.S. and other countries.Netscape Navigator is a trademark of NetscapeCommunications Corporation.RealAudio is a trademark of Progressive Networks, Inc.UNIX is a registered trademark in the United States andother countries, licensed exclusively throughX/Open Company, Ltd.034-2352/09-20-03
LL2352.Book Page 3 Friday, August 22, 2003 3:12 PM3ContentsPreface91011About This GuideUsing This GuideGetting Additional InformationChapter 113151617181921212122242525Directory Service ConceptsDirectory Services and Directory DomainsA Historical PerspectiveData ConsolidationData DistributionUses of Directory DataInside a Directory DomainLocal and Shared Directory DomainsAbout the Local Directory DomainAbout Shared Directory DomainsShared Data in Existing Directory DomainsAccess to Directory ServicesDiscovery of Network ServicesChapter 22727282829303232Open Directory Search PoliciesSearch Policy LevelsLocal Directory Search PolicyTwo-Level Search PoliciesMultilevel Search PoliciesAutomatic Search PoliciesCustom Search PoliciesSearch Policies for Authentication and ContactsChapter 333333435353536User Authentication With Open DirectoryAuthentication and AuthorizationDetermining Which Authentication Option to UseOpen Directory AuthenticationPassword PoliciesWhich Users Can Have Open Directory PasswordsOpen Directory Password Server Authentication Methods3
LL2352.Book Page 4 Friday, August 22, 2003 3:12 PM36373737383939404142Contents of Open Directory Password Server DatabaseKerberos AuthenticationKerberized ServicesKerberos Principals and RealmsKerberos Authentication ProcessSingle SignonShadow and Crypt PasswordsEncrypting Shadow and Crypt Passwords in User AccountsCracking Readable PasswordsLDAP Bind AuthenticationChapter 443434445454647474849505051515152Open Directory PlanningGeneral Planning GuidelinesControlling Data AccessibilitySimplifying Changes to Data in DirectoriesEstimating Directory and Authentication RequirementsIdentifying Servers for Hosting Shared DomainsReplicating Open Directory ServicesReplication in a Multi-Building CampusImproving Performance and RedundancyOpen Directory SecurityTools for Managing Open Directory ServicesServer AdminDirectory AccessWorkgroup ManagerCommand-Line ToolsNetInfo ManagerChapter 553535454555556575960616162Setting Up Open Directory ServicesSetup OverviewBefore You BeginSetting Up Open Directory With Server AssistantManaging Open Directory on a Remote ServerSetting Up a Standalone ServerSetting Up an Open Directory MasterSetting Up an Open Directory ReplicaSetting Up Open Directory FailoverSetting Up a Connection to a Directory SystemSetting Up Single Signon and KerberosSetting Up an Open Directory Master for Single Signon and KerberosDelegating Authority to Join an Open Directory Master for Single Signon andKerberosJoining a Server to an Open Directory Master for Single Signon and Kerberos634Contents
LL2352.Book Page 5 Friday, August 22, 2003 3:12 PM636464656565666869Setting LDAP OptionsSetting the Replication Frequency of an Open Directory MasterChanging the Location of an LDAP DatabaseLimiting Search Results for LDAP ServiceChanging the Search Timeout for LDAP ServiceSetting up SSL for LDAP ServiceMigrating a Directory Domain From Netinfo to LDAPSwitching Directory Access From NetInfo to LDAPDisabling NetInfo After Migrating to LDAPChapter 67172727374757676787979798080818182Managing User AuthenticationComposing a PasswordChanging a User’s PasswordResetting the Passwords of Multiple UsersChanging the Global Password PolicySetting Password Policies for Individual UsersChanging a User’s Password TypeChanging the Password Type to Open DirectoryChanging the Password Type to Crypt PasswordChanging the Password Type to Shadow PasswordEnabling Single Signon Authentication for a UserEnabling Kerberos Authentication for a UserEnabling LDAP Bind Authentication for a UserAssigning Administrator Rights for Open Directory AuthenticationExporting and Importing Users Whose Password Type Is Open DirectoryExporting and Importing Authentication Manager UsersMigrating Passwords to Open Directory AuthenticationChapter 7838384848485858686868787888989Managing Directory AccessSetting Up Services in Directory AccessEnabling or Disabling Active Directory ServiceEnabling or Disabling AppleTalk Service DiscoveryEnabling or Disabling BSD Flat File and NIS Directory ServicesEnabling or Disabling LDAP Directory ServicesEnabling or Disabling NetInfo Directory ServicesEnabling or Disabling Rendezvous Service DiscoveryEnabling or Disabling SLP Service DiscoveryEnabling or Disabling SMB Service DiscoveryConfiguring SMB Service DiscoverySetting Up the Authentication and Contacts Search PoliciesDefining Automatic Search PoliciesDefining Custom Search PoliciesDefining Local Directory Search PoliciesContents5
LL2352.Book Page 6 Friday, August 22, 2003 3:12 PMChapter 106106107108109109110111111112113Accessing LDAP DirectoriesEnabling or Disabling Use of a DHCP-Supplied LDAP DirectoryShowing or Hiding Options for LDAP DirectoriesConfiguring Access to an LDAP DirectoryChanging a Configuration for Accessing an LDAP DirectoryDuplicating a Configuration for Accessing an LDAP DirectoryDeleting a Configuration for Accessing an LDAP DirectoryChanging the Connection Settings for an LDAP DirectoryConfiguring LDAP Searches and MappingsMapping Config Record Attributes for LDAP DirectoriesEditing RFC 2307 Mapping to Enable Creating UsersPreparing a Read-Only LDAP Directory for Mac OS XPopulating LDAP Directories With Data for Mac OS XAccessing an Active Directory DomainLearning About the Active Directory Plug-inConfiguring Access to an Active Directory DomainEnabling or Disabling Active Directory Credential CachingSpecifying a Preferred Active Directory ServerMapping the UID to an Active Directory AttributeChanging the Active Directory Groups That Can Administer the ComputerEditing User Accounts and Other Records in Active DirectorySetting Up LDAP Access to Active Directory DomainsAccessing an NIS DomainUsing BSD Configuration FilesSetting Up Data in BSD Configuration FilesAccessing Legacy NetInfo DomainsAbout NetInfo BindingConfiguring NetInfo BindingAdding a Machine Record to a Parent NetInfo DomainConfiguring Static Ports for Shared NetInfo DomainsSetting Up Directory Access on a Remote Server115115115116116116117117118120121Maintenance and Problem SolvingMonitoring Open DirectoryViewing Open Directory Status and LogsMonitoring Open Directory AuthenticationDirectly Viewing and Editing Directory DataShowing the Directory InspectorHiding the Directory InspectorChanging a User’s Short NameBacking Up Open Directory FilesRestoring Open Directory FilesSolving Directory Access ProblemsContents
LL2352.Book Page 7 Friday, August 22, 2003 3:12 PM121122122122122122123A Delay Occurs During StartupSolving Authentication ProblemsA User’s Password Can’t Be ModifiedA User Can’t Authenticate for VPN ServiceA User’s Password Type Can’t Be Changed to Open DirectoryKerberos Users Can’t AuthenticateResetting an Administrator PasswordAppendix 60160161165166168169170171Mac OS X Directory DataOpen Directory Extensions to LDAP SchemaObject Classes in Open Directory LDAP SchemaAttributes in Open Directory LDAP SchemaMapping Standard Attributes to LDAP and Active DirectoryMappings for UsersMappings for GroupsMappings for MountsMappings for ComputersMappings for ComputerListsMappings for ConfigMappings for PeopleMappings for PresetComputerListsMappings for PresetGroupsMappings for PresetUsersMappings for PrintersMappings for AutoServerSetupMappings for LocationsStandard Attributes in User RecordsUser Data That Mac OS X Server UsesStandard Attributes in Group RecordsStandard Attributes in Computer RecordsStandard Attributes in Computer List RecordsStandard Attributes in Mount RecordsStandard Attributes in Config RecordsAppendix B173173174174174175175175175Open Directory Password Server Authentication MethodsEnabling or Disabling Authentication MethodsAPOP Password ValidationCRAM-MD5 Password ValidationDHX Password ValidationDigest-MD5 Password ValidationMS-CHAPv2 Password ValidationSMB-NT Password ValidationSMB-LAN Manager Password ValidationContents7
LL2352.Book Page 8 Friday, August 22, 2003 3:12 PM1768Appendix C177Glossary179Index185WebDAV-Digest Password ValidationAuthentication ManagerContents
About This GuidePrefaceLL2352.Book Page 9 Friday, August 22, 2003 3:12 PMThis guide describes the directory services andauthentication services that Mac OS X Server can provideto Mac OS X client computers.Here is a summary of each chapter’s contents: Chapter 1, “Directory Service Concepts,” explains what directory domains are, howthey are used, and how they are organized. It also discusses how the discovery ofnetwork services is integrated with directory services. Chapter 2, “Open Directory Search Policies,” describes search policies with one ormore directory domains, and describes automatic, custom, and local-only searchpolicies. Chapter 3, “User Authentication With Open Directory,” describes Open Directoryauthentication, shadow and crypt passwords, Kerberos, LDAP bind, single signon,and cached authentication for mobile accounts. Chapter 4, “Open Directory Planning,” helps you assess your directory domain needs,estimate directory and authentication requirements, identify servers of hostingshared domains, improve performance and redundancy, deal with replication in amulti-building campus, and make your Open Directory services secure. This chapteralso introduces the tools you use to manage Open Directory services. Chapter 5, “Setting Up Open Directory Services,” tells you how to set the OpenDirectory role of Mac OS X Server: standalone server, connected to a directorysystem, Open Directory master, or Open Directory replica. This chapter also tells youhow to set some options of the LDAP service of an Open Directory master or replicaand explains how to migrate a directory domain from NetInfo to LDAP. This chapteralso tells you how to set up single signon and Kerberos authentication on an OpenDirectory master. Chapter 6, “Managing User Authentication,” describes how to set password policies,change a user’s password type, assign administrator rights for Open Directoryauthentication, reset passwords of imported user accounts, and migrate passwordsto Open Directory authentication.9
LL2352.Book Page 10 Friday, August 22, 2003 3:12 PM Chapter 7, “Managing Directory Access,” explains how to use the Directory Access application. This chapter tells you how to set up services and authentication andcontacts search policies. This chapter also explains how to configure access todifferent directory domains: LDAP, Active Directory, NIS, BSD configuration files, andNetInfo.Chapter 8, “Maintenance and Problem Solving,” tells you how to monitor OpenDirectory services, directly view and edit directory data with the Inspector, and backup Open Directory files. This chapter also describes solutions to some problems youmay encounter.Appendix A, “Mac OS X Directory Data,” lists the Open Directory extensions to theLDAP schema and specifies the standard record types and attributes of Mac OS X.Appendix B, “Open Directory Password Server Authentication Methods,” describesthe authentication methods that Open Directory supports.Appendix C, “Authentication Manager,” tells you about the Authentication Managertechnology that provides compatibility with user accounts created in Mac OS XServer version 10.0–10.2.The Glossary defines terms you’ll encounter as you read this guide.Using This GuideThe chapters in this guide are arranged in the order that you’re likely to need themwhen setting up and managing Open Directory on your server. Review Chapter 1 through Chapter 3 to acquaint yourself with Open Directoryconcepts: directory services, search policies, and authentication. Read Chapter 4 when you’re ready to plan directory services and passwordauthentication for your network. After you finish planning, use the instructions in Chapter 5 to set up Open Directoryservices. Whenever you need to set password policies or change password settings in a useraccount, look for instructions in Chapter 6. If you need to set up or change how a Mac OS X or Mac OS X Server computeraccesses directory domains, follow the instructions in Chapter 7. For ongoing maintenance of directory and authentication services, use Chapter 8.10Preface About This Guide
LL2352.Book Page 11 Friday, August 22, 2003 3:12 PMGetting Additional InformationMac OS X Server comes with a suite of guides that explain other services and provideinstructions for configuring, managing, and troubleshooting those services. Most ofthese documents are on the server discs in the form of PDF files. All of them areavailable in PDF format from www.apple.com/server/documentation.This guideTells you how toMac OS X Server Getting StartedFor Version 10.3 or LaterUnderstand the new features of Mac OS X Server version 10.3 andprepare your server.Mac OS X Server Migration ToVersion 10.3 or LaterReuse data and service settings on Mac OS X Server version 10.3that are currently being used on earlier versions of the server.Mac OS X Server UserManagement For Version 10.3 orLaterCreate and manage user, group, and computer accounts. Set upmanaged preferences for Mac OS 9 and Mac OS X clients.Mac OS X Server File ServicesAdministration For Version 10.3 orLaterShare selected server volumes or folders among server clientsusing these protocols: AFP, NFS, FTP, and SMB.Mac OS X Server Print ServiceAdministration For Version 10.3 orLaterHost shared printers and manage their associated queues and printjobs.Mac OS X Server System ImageAdministration For Version 10.3 orLaterCreate disk images and set up the server so that other Macintoshcomputers can start up from those images over the network. Thisguide covers NetBoot and Network Install.Mac OS X Server Mail ServiceAdministration For Version 10.3 orLaterSet up, configure, and administer mail services on the server.Mac OS X Server WebTechnologies Administration ForVersion 10.3 or LaterSet up and manage a web server, including WebDAV, WebMail, andweb modules.Mac OS X Server Network Services Set up, configure, and administer DHCP, DNS, IP firewall, NAT, andAdministration For Version 10.3 or VPN services on the server.LaterMac OS X Server WindowsServices Administration ForVersion 10.3 or LaterSet up and manage services for Windows users.Mac OS X Server QuickTimeStreaming Server AdministrationFor Version 10.3 or LaterSet up and manage QuickTime streaming services.Mac OS X Server: JavaDeploy and manage J2EE applications using a JBoss applicationApplication Server Administration server on Mac OS X Server.Mac OS X Server Command-LineAdministration For Version 10.3 orLaterPreface About This GuideUse commands and configuration files to perform serveradministration tasks in a UNIX command shell.11
LL2352.Book Page 12 Friday, August 22, 2003 3:12 PMFor more information, consult these resources: Read Me documents contain important updates and special information. Look forthem on the server discs. Online help, available from the Help menu in all the server applications, providesonscreen instructions for administration tasks as well as late-breaking news and webupdates. Apple support webpages and the AppleCare Knowledge Base provide answers tocommon questions and the latest information updates. These are available atwww.info.apple.com/ Apple Training offers courses for technical coordinators and system administrators.For a course catalog, visit the following website:train.apple.com/ Discussion groups and mailing lists put you in touch with other server administrators,who may have already found solutions to problems you encounter. To find discussiongroups and mailing lists, visit the following e.com/12Preface About This Guide
LL2352.Book Page 13 Friday, August 22, 2003 3:12 PM1Directory Service Concepts1A directory service provides a central repository forinformation about computer users and networkresources in an organization.Storing administrative data in a central repository has many benefits: Reduces data entry effort. Ensures all network services and clients have consistent information about users andresources. Simplifies administration of users and resources. Provides identification, authentication, and authorization services for other networkservices.In education and enterprise environments, directory services are the ideal way tomanage users and computing resources. Organizations with as few as 10 people canbenefit by deploying a directory service.Directory services can be doubly beneficial. They centralize system and networkadministration, and they simplify a user’s experience on the network. With directoryservices, information about all the users—such as their names, passwords, andlocations of network home directories—can be maintained centrally rather than oneach computer individually. Directory services can also maintain centralizedinformation about printers, computers, and other network resources. Havinginformation about users and resources centralized can reduce the systemadministrator’s user management burden. In addition, users can log in to anyauthorized computer on the network. Anywhere a user logs in, the user can get thesame home directory, and with it the user’s personal desktop appears, customized forthe user’s individual preferences. The user always has access to personal files and caneasily locate and use authorized network resources.13
LL2352.Book Page 14 Friday, August 22, 2003 3:12 PMApple has built an open, extensible directory services architecture, called OpenDirectory, into Mac OS X and Mac OS X Server. A Mac OS X client or Mac OS X Servercomputer can use Open Directory to retrieve authoritative information about users andnetwork resources from a variety of directory services: LDAP service on a Mac OS X Server system NetInfo service on a computer with Mac OS X or Mac OS X Server Active Directory service on a Microsoft Windows server OpenLDAP or other LDAP service on a third-party server such as Sun One or NovelleDirectory NIS on a UNIX server BSD configuration files stored locally (not retrieved from a server)Mac OS 9 and Mac OS 8 managed clients also use Open Directory to retrieve some userinformation. For more information, see the Macintosh Manager chapter in the usermanagement guide (available at www.apple.com/server/documentation/).In addition, Mac OS X and Mac OS X Server can use Open Directory to discover networkservices, such as file servers, that make themselves known with the Rendezvous,AppleTalk, SLP, or SMB service discovery protocols.The Open Directory architecture also includes authentication service. Open Directorycan securely store and validate the passwords of users who want to log in to clientcomputers on your network or use other network resources that requireauthentication. Open Directory can also enforce such policies as password expirationand minimum length. Open Directory can also authenticate Windows computer usersfor domain login, file service, print service, and other Windows services provided byMac OS X Server.14Chapter 1 Directory Service Concepts
LL2352.Book Page 15 Friday, August 22, 2003 3:12 PMDirectory Services and Directory DomainsA directory service acts as an intermediary between application and system softwareprocesses, which need information about users and resources, and the directorydomains that store the information. In Mac OS X and Mac OS X Server, Open Directoryprovides directory services. Open Directory can access information in one directorydomain or several directory ountsDirectorydomainsApplication andsystem softwareprocessesA directory domain stores information in a specialized database that is optimized tohandle a great many requests for information and to find and retrieve informationquickly.Processes running on Mac OS X computers can use the Open Directory services to saveinformation in directory domains. For example, when you create a user account withWorkgroup Manager, it has Open Directory store user name and other accountinformation in a directory domain. Of course you can then review user accountinformation with Workgroup Manager, and it has Open Directory retrieve the userinformation from a directory domain.Chapter 1 Directory Service Concepts15
LL2352.Book Page 16 Friday, August 22, 2003 3:12 PMOther application and system software processes can also use the user accountinformation stored in directory domains. When someone attempts to log in to aMac OS X computer, the login process uses Open Directory services to validate the username and password.DirectorydomainOpenDirectoryWorkGroup ManagerA Historical PerspectiveLike Mac OS X, Open Directory has a UNIX heritage. Open Directory provides access toadministrative data that UNIX systems have generally kept in configuration files, whichrequire much painstaking work to maintain. (Some UNIX systems still rely onconfiguration files.) Open Directory consolidates the data and distributes it for ease ofaccess and maintenance.16Chapter 1 Directory Service Concepts
LL2352.Book Page 17 Friday, August 22, 2003 3:12 PMData ConsolidationFor years, UNIX systems have stored administrative information in a collection of fileslocated in the /etc directory. This scheme requires each UNIX computer to have its ownset of files, and processes that are running on a UNIX computer read its files when theyneed administrative information. If you’re experienced with UNIX, you probably knowabout the files in the /etc directory—group, hosts, hosts.eq, master.passwd, and soforth. For example, a UNIX process that needs a user’s password consults the /etc/master.passwd file. The /etc/master.passwd file contains a record for each user account.A UNIX process that needs group information consults the /etc/group file./etc/group/etc/hostsUNIX processes/etc/master.passwdOpen Directory consolidates administrative information, simplifying the interactionsbetween processes and the administrative data they create and use.OpenDirectoryMac OS X processesChapter 1 Directory Service Concepts17
LL2352.Book Page 18 Friday, August 22, 2003 3:12 PMProcesses no longer need to know how and where administrative data is stored. OpenDirectory gets the data for them. If a process needs the location of a user’s homedirectory, the process simply has Open Directory retrieve the information. OpenDirectory finds the requested information and then returns it, insulating the processfrom the details of how the information is stored. If you set up Open Directory toaccess administrative data in several directory domains, Open Directory automaticallyconsults them as Mac OS X processesSome of the data stored in a directory domain is identical to data stored in UNIXconfiguration files. For example, the crypt password, home directory location, realname, user ID, and group ID—all stored in the user records of a directory domain—have corresponding entries in the standard /etc/passwd file. However, a directorydomain stores much additional data to support functions that are unique to Mac OS X,such as support for managing Mac OS X client computers.Data DistributionAnother characteristic of UNIX configuration files is that the administrative data theycontain is available only to the computer on which they are stored. Each computer hasits own UNIX configuration files. With UNIX configuration files, each computer thatsomeone wants to use must have that person’s user account settings stored on it, andeach computer must store the account settings for every person who can use thecomputer. To set up a computer’s network settings, the administrator needs to go tothe computer and directly enter the IP address and other information that identifies thecomputer on the network.Similarly, when user or network information needs to be changed in UNIXconfiguration files, the administrator must make the changes on the computer wherethe files reside. Some changes, such as network settings, require the administrator tomake the same changes on multiple computers. This approach becomes unwieldy asnetworks grow in size and complexity.18Chapter 1 Directory Service Concepts
LL2352.Book Page 19 Friday, August 22, 2003 3:12 PMOpen Directory solves this problem by letting you store administrative data in adirectory domain that can be managed by a network administrator from one location.Open Directory lets you distribute the information so that it is visible on a network tothe computers that need it and the administrator who manages UsersUses of Directory DataOpen Directory makes it possible to consolidate and maintain network informationeasily in a directory domain, but this information has value only if application andsystem software processes running on network computers actually access theinformation.Here are some of the ways in which Mac OS X system and application software usedirectory data: Login: As mentioned already, Workgroup Manager can create user records in adirectory domain, and these records can be used to authenticate users who log in toMac OS X computers and Windows computers. When a user specifies a name and apassword in the Mac OS X login window, the login process asks Open Directory toauthenticate the name and password. Open Directory uses the name to find theuser’s account record in a directory domain and uses additional data in the userrecord to validate the password.Chapter 1 Directory Service Concepts19
LL2352.Book Page 20 Friday, August 22, 2003 3:12 PM Folder and file access: After logging in successfully, a user can access files and 20folders. Mac OS X uses another data item from the user record—the user ID (UID)—to determine the user’s access privileges for a file or folder that the user wants toaccess. When a user accesses a folder or file, the file system compares this user’s UIDto the UID assigned to the folder or file. If the UIDs are the same, the file systemgrants owner privileges (usually read and write privileges) to the user. If the UIDs aredifferent, the user doesn’t get owner privileges.Home directories: Each user record in a directory domain stores the location of theuser’s home directory, which is also known as the user’s home folder. This is wherethe user keeps personal files, folders, and preferences. A user’s home directory can belocated on a particular computer that the user always uses or on a network fileserver.Automount share points: Share points can be configured to automount (appearautomatically) in the /Network folder (the Network globe) in the Finder windows ofclient computers. Information about these automount share points is stored in adirectory domain. Share points are folders, disks, or disk partitions that you havemade accessible over the network.Mail account settings: Each user’s record in a directory domain specifies whetherthe user has mail service, which mail protocols to use, how to present incoming mail,whether to alert the user when mail arrives, and more.Resource usage: Disk, print, and mail quotas can be stored in each user record of adirectory domain.Managed client information: The administrator can manage the Mac OS Xenvironment of users whose account records are stored in a directory domain. Theadministrator makes mandatory preference settings that are stored in the directorydomain and override users’ personal preferences.Group management: In addition to user records, a directory domain also storesgroup records. Each group record affects all users who are in the group. Informationin group records specifies preferences settings for group members. Group recordsalso determine access to files, folders, and computers.Chapter 1 Directory Service Concepts
LL2352.Book Page 21 Friday, August 22, 2003 3:12 PMInside a Directory DomainInformation in a directory domain is organized into record types, which are specificcategories of records, such as users, computers, and mounts. For each record type, adirectory domain may contain any number of records. Each record is a collection ofattributes, and each attribute has one or more values. If you think of each record typeas a spreadsheet that contains a category of information, then records ar
Open Directory Security 50 Tools for Managing Open Directory Services 50 Server Admin 51 Directory Access 51 Workgroup Manager 51 Command-Line Tools 52 . 100 Populating LDAP Directories With Data for Mac OS X 100 Accessing an Active Directory Domain 101 Learning About the Active Directory Plug-in
Chapter 1 MAC Address Configuration Commands 1.1 MAC Address Configuration Commands 1.1.1 mac address-table static Syntax [no] mac address-table static mac-addr vlan vlan-id interface interface-id To add a static MAC address, run mac address-table static mac-addr vlan vlan-id interface interface-id. To cancel the static MAC address, run no mac
COUNTY Archery Season Firearms Season Muzzleloader Season Lands Open Sept. 13 Sept.20 Sept. 27 Oct. 4 Oct. 11 Oct. 18 Oct. 25 Nov. 1 Nov. 8 Nov. 15 Nov. 22 Jan. 3 Jan. 10 Jan. 17 Jan. 24 Nov. 15 (jJr. Hunt) Nov. 29 Dec. 6 Jan. 10 Dec. 20 Dec. 27 ALLEGANY Open Open Open Open Open Open Open Open Open Open Open Open Open Open Open Open Open Open .
When provisioning a Windows Server for a specific role there are additional items to consider for further securing the server. When planning and provisioning your server layout, designate one primary purpose per server. Whenever possible, designate one server as the database server, one server as the web server, and one server as the file server.
Server 2005 , SQL Server 2008 , SQL Server 2008 R2 , SQL Server 2012 , SQL Server 2014 , SQL Server 2005 Express Edition , SQL Server 2008 Express SQL Server 2008 R2 Express , SQL Server 2012 Express , SQL Server 2014 Express .NET Framework 4.0, .NET Framework 2.0,
Online Backup Client User Manual Mac OS 1. Product Information Product: Online Backup Client for Mac OS X Version: 4.1.7 1.1 System Requirements Operating System Mac OS X Leopard (10.5.0 and higher) (PPC is not supported, Intel only) Mac OS X Snow Leopard (10.6.0 and higher) Mac OS X Lion Mac OS X Mountain Lion Hardware Resources
SETTING UP PRINTING ON MAC OS X 9 Setting up the EX Print Server on Mac OS X After you install the printer driver files on Mac OS X, you must set up the EX Print Server in the Printer Setup Utility. This section describes how to set up the EX Print Server and configure the EX Print Server for the options installed on the digital press.
A. Mac OS X Server Software. This License allows you to install and use one copy of the Mac OS X Server software (the “Mac OS X Server Software”) on a single Apple-labeled computer at a time. This License does not allow the Mac OS X Server Software to exist on more than one computer at a time.
Introduction 1-2 Oracle Forms Server and Reports Server Installation Guide Introduction Oracle Forms Server and Reports Server is an integrated set of database tools i Oracle Forms i. Oracle Forms Server Server and Reports Server Server. UNIX. Installation Guide Compaq Tru64 .
