As directory domains and centralized management have grown in importance to the IT industry, Apple has slowly but surely developed a robust and standards-based server-side directory services architecture. Panther Server represents a real milestone in that direction, with a Kerberos-LDAPv3-and SASL-based component known alternately as Open Directory, Open Directory 2, and Open Directory Server, depending on whom you ask.
Open Directory itself is a bad case of marketing terms gone crazy—encompassing a whole suite of OS components that collectively provide a directory services architecture to Mac OS X. Open Directory Server generally refers to the server side of those components. Open Directory 2 was probably coined to differentiate Jaguar’s directory service offerings (which were heavily reliant on NetInfo) from Panther’s, which are more centered around LDAP. Luckily, the technology is more stable than the terminology.
The Appendix documents the client-side of Apple’s Directory Services infrastructure—the processes Mac OS X and Mac OS X Server employ in order to make use of identification, authentication and authorization data. This chapter, however, begins the analysis of Mac OS X Server’s Directory Service capabilities—both as a directory client and server.
Directory Services are complex. There is no getting around it. The concepts are new to many administrators and sometimes difficult to grasp. In fact, Open Directory Server Services are provided ...