16.4. Configuring and Managing Open Directory
Because directory services give such a boost to the security of larger environments, we will spend the first part of this section discussing how to set up and bind to Open Directory. Once you have a solid Open Directory environment, we will then show you how to secure Open Directory, more than it is secured in the stock implementation of Mac OS X Server, by disabling anonymous binding and implementing LDAP ACLs. Anonymous binding allows unauthenticated users to be able to enumerate your directory structure, whereas LDAP ACLs control what is visible to unauthenticated users and specified groups for authenticated users of the directory.
To start setting up Open Directory, open Server Admin, and click ...
Get Enterprise Mac Security: Mac OS X Snow Leopard now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
