Configuring Authentication Methods on Lion Server
For authenticating users whose accounts are stored in directories on Lion Server, Open Directory offers a variety of options, including Kerberos and the many authentication methods that network services require. Open Directory can authenticate users by using:
• Single sign-on with the Kerberos KDC built in to Lion Server
• A password stored securely in the Open Directory Password Server database
• A password stored as several hashes—including NTLMv1 and NTLMv2 (NT LAN Manager); and Microsoft Challenge Handshake Authentication Protocol (MS-CHAPv2), used for VPN—in a location that only the root user can access
• An older crypt password stored directly in the user’s account (on the local filesystem ...
Get Apple Pro Training Series: OS X Lion Server Essentials now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
