book

Essential Mac OS X Panther Server Administration

by Michael Bartosh, Ryan Faas

May 2005

Intermediate to advanced

846 pages

26h 13m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Preface
Audience for This BookHow This Book Is OrganizedConventions Used in This BookUsing Code ExamplesSafari® EnabledWe’d Like to Hear from YouAcknowledgments
I. Server Installation and Management
1. Designing Your Server Environment
1.1. Planning1.1.1. Hardware1.1.2. Storage1.1.2.1. Storage technologies1.1.2.2. AT Attachment (ATA) and Integrated Drive Electronics (IDE)1.1.2.3. Serial ATA (SATA)1.1.2.4. Fibre Channel1.1.2.5. SCSI1.1.2.6. FireWire and FireWire 800 FireWire 8001.1.2.7. Redundant Array of Inexpensive Disks (RAID )1.1.2.8. Apple storage productsstorage products1.1.2.9. Volume management and partitioning partitioning1.1.3. Network Infrastructure1.1.3.1. Performance1.1.3.2. Infrastructure1.1.3.3. Services
2. Installing and Configuring Mac OS X Server
2.1. Mac OS X Server Installation Architecture2.1.1. Power On2.2. Graphical Installation and Configuration2.2.1. Local Installation2.2.1.1. Configuration2.2.1.2. Remote graphical installation and configuration2.3. Command-Line Installation and Configuration2.3.1. Installation2.3.1.1. Command-line configuration2.4. Automatic Server Configuration2.4.1. Behind the Scenes2.5. Other Installation and Configuration Options2.5.1. Network Install2.5.2. Apple Software Restore2.5.2.1. Image creation2.5.2.2. Image restoration2.5.3. radmind2.6. Putting It All Together
3. Server Management Tools
3.1. Graphical Tools3.1.1. Workgroup ManagerWorkgroup Manager3.1.1.1. Account management3.1.2. Creating Users3.1.3. Creating Groups3.1.4. Creating Computer Lists3.1.5. Managing Users: Comments and Keywords3.1.5.1. Preference management3.1.5.2. The back end3.1.6. Share Point Management3.1.7. Inspector3.1.7.1. View Directories3.1.7.2. Preferences3.1.8. Server Admin3.1.8.1. Summary view3.1.8.2. Preferences3.1.9. Server Monitor3.1.9.1. Server Monitor notifications3.1.10. Directory Access3.2. Command-Line Tools3.2.1. serveradmin 3.2.2. sharing 3.3. Server Management Daemons3.3.1. sshd3.3.2. servermgrd 3.3.2.1. Securing servermgrd with SSL3.3.2.2. Turning on servermgrd access logs3.3.3. hwmond 3.3.4. DirectoryService
4. System Administration
4.1. Philosophies4.1.1. Minimize Intrusion into Existing Infrastructures4.1.2. Focus on the Needs and Business of Your Organization4.1.3. Default Policy of Denial4.1.4. Minimize Change, Maximize Stability4.1.4.1. Testing4.1.4.2. Pilot4.1.4.3. Staging4.1.4.4. Deployment and monitoring4.2. System Management4.2.1. Software Updates4.2.1.1. Software update methods 4.2.1.2. Minor updates4.2.1.3. Major updates4.2.1.4. Security updates4.2.2. Backing Up4.2.2.1. Mac OS X Server backup issues4.2.2.2. tar alternatives 4.2.2.3. Commercial backup products4.2.2.4. Backup staging4.2.3. Account Management4.2.3.1. Import file format4.2.3.2. Group accounts4.2.3.3. Computer accounts and lists 4.2.3.4. Using LDAP rather than dsimportexport4.2.4. Failover4.2.4.1. The failover process4.2.5. Diskspacemonitor4.2.6. watchdogwatchdog4.2.6.1. cron cron
5. Troubleshooting
5.1. Strategies5.1.1. Quick Fixes5.1.2. Abstraction5.1.2.1. Name resolution: A structured approach5.1.2.2. The fundamentals of LDAP and Mac OS X Directory Services5.1.3. Troubleshooting and the Scientific Method5.1.3.1. The Scientific Method in a nutshell5.2. Tools5.2.1. Forensic Tools5.2.2. Network Tools5.2.3. Joiners and Filters5.2.4. Other Commands5.2.4.1. Verbosity and debugging5.2.4.2. Use the source5.2.4.3. The magic Shift key5.2.4.4. Logs
II. Directory Services
6. Open Directory Server
6.1. Managing Open Directory Server6.1.1. Roles6.1.2. The Open Directory Master: Creating a Shared Open Directory Domain6.1.3. Best Practices6.1.4. Under the Hood6.2. Accessing an Open Directory Domain
7. Identification and Authorization in Open Directory Server
7.1. LDAP: A Communication Protocol7.2. LDAP Basics7.2.1. LDAP Is Hierarchical7.2.2. LDAP Uses Standard Naming Conventions7.2.3. LDAP Terminology7.3. OpenLDAP7.3.1. Managing OpenLDAP with Server Admin7.3.2. Server Architecture7.3.2.1. slapd options7.3.2.2. slapd.conf7.3.3. OpenLDAP Performance7.3.4. OpenLDAP Security7.3.5. Troubleshooting7.3.6. OpenLDAP: Utilities and Tools7.4. LDAP Data and Open Directory Server7.4.1. Apple’s LDAP Schema7.4.2. Examining LDAP Data

8. Authentication in Open Directory Server
8.1. PasswordService (SASL )8.1.1. Password Server Architecture8.1.2. Password Server Policies8.1.2.1. Password Server and public-private key-pairs8.1.3. Password Server Tools8.1.3.1. pwpolicy8.1.3.2. mkpassdb8.1.3.3. NeST8.2. Kerberos: MIT KDC8.2.1. Kerberos Basics8.2.1.1. Kerberos terms8.2.1.2. The Kerberos exchange8.2.1.3. Securing Kerberos8.2.2. Kerberos and Mac OS X Server8.2.2.1. Kerberos Configuration8.2.2.2. Integrating Kerberos: Kerberizing Mac OS X Server services8.3. Putting It All Together8.3.1. Password Server and Synchronization
9. Replication in Open Directory Server
9.1. Creating an Open Directory Replica9.1.1. Graphical Configuration9.1.2. Command-Line Configuration9.1.3. Behind the Scenes: Dissecting Replica Creation9.2. The Replication Process9.2.1. LDAP Replication9.2.2. Password Server Replication9.2.3. Kerberos Replication9.2.4. Graphical Replication Management9.3. Client-Side Replica Discovery9.3.1. LDAP Replica Discovery9.3.2. Password Server Replica Discovery9.3.3. Kerberos Replica Discovery9.4. Replication Best Practices9.4.1. How Many Replicas?
III. IP Services
10. xinetd
10.1. Configuration10.2. Architecture10.2.1. General10.2.2. Mac OS X Specific10.2.3. Security Related
11. DNS
11.1. Graphical Interface11.2. Configuration Storage11.2.1. Files, Directories, and Daemons11.3. Troubleshooting11.3.1. Tools11.4. Advanced Configuration11.4.1. Running As an Underprivileged User11.4.2. Forwarders11.4.3. Change Root (chroot chroot11.4.4. Limiting Zone Transfers11.4.5. Views
12. DHCP
12.1. Graphical Configuration12.1.1. Troubleshooting12.2. Advanced Configuration12.2.1. DHCP and bootpd Static Bindings12.2.2. Supplying Other DHCP Options12.3. ISC’s dhcpd12.3.1. Compilation and Installation12.3.2. Configuration and Administration
13. NAT
13.1. Managing NAT13.2. Architecture13.3. Advanced Configuration
IV. File Services
14. File Services Overview
14.1. Share Points14.2. Managing Share Points14.2.1. Defining new shares14.3. The sharing Command14.4. Automounts14.5. Automount Schema14.6. Guest Access and Automounts14.6.1. Storing automounts in the local domain: stealth infrastructure14.7. Troubleshooting Automounts14.8. Supporting Home Directories14.8.1. Virtual home directory shares14.8.2. Home directories in /Volumes
15. Apple Filing Protocol
15.1. AFP Management: Server Admin15.1.1. Secure Connections15.1.2. AFP Server Preferences15.2. AFP Management: Workgroup Manager15.3. Architecture15.4. Permissions Mapping15.5. Integration15.6. Troubleshooting
16. Windows File Services
16.1. Managing Windows Services: Server Admin16.2. Managing Windows Services Using Workgroup Manager16.3. Architecture16.4. Apple’s Changes to Samba16.4.1. Password Server Integration16.5. Useful Utilities16.6. Troubleshooting16.6.1. SMB Share Point Permissions Restrictions16.6.2. Integration
17. FTP
17.1. Managing FTP with Server Admin17.2. Managing FTP Using Workgroup Manager17.3. Architecture17.3.1. ftpaccess: Advanced Options17.3.2. ftpconversionsftpconversions17.3.3. ftphosts , ftpgroups , and ftpusersftpusers17.4. Securing FTP17.4.1. Using Kerberos17.4.2. FTP Tunneled over SSH17.4.3. Secure FTP (sftp)
18. Network File System
18.1. The NFS (In)security Model18.2. Managing NFS with Server Admin18.3. Managing NFS with Workgroup Manager18.3.1. NFS File Locking18.3.2. /etc/exports18.3.3. Servers18.3.4. Utilities and Troubleshooting
19. Print Services
19.1. Managing Print Services19.1.1. Adding Printer Queues19.1.2. Server Admin and Printing19.2. PrintServiceAccess19.3. Managing Print Services with Workgroup Manager19.4. Making Queues Available in Open Directory19.5. Quotas and Authentication19.6. Print Services Architecture19.6.1. PrintServicesMonitor19.6.2. CUPS19.6.2.1. CUPS PPDs19.6.2.2. CUPS configuration19.6.2.3. CUPS web administration19.6.2.4. CUPS logs
V. Security Services
20. The Mac OS X Server Firewall
20.1. A Firewall’s Place in Network Communication20.1.1. Packet-Switched Networking20.1.2. Filtering Packets20.1.3. The Mac OS X Firewall Service20.1.3.1. The firewall startup process20.1.4. Configuring the Firewall with the General Pane20.1.5. Configuring the Firewall with the Advanced Pane20.1.6. Configuring the Firewall from the Command Line20.1.7. Rule Order20.1.8. Configuration Examples20.1.8.1. Example 120.1.8.2. Example 220.1.8.3. Example 320.1.8.4. Example 420.1.8.5. Example 520.2. Reporting and Monitoring20.3. Managing the Firewall Service
21. Virtual Private Networks
21.1. VPN Protocols21.1.1. PPTP21.1.2. L2TP over IPSec 21.2. Server Configuration21.2.1. Configuring L2TP/IPSec21.2.1.1. L2TP/IPSec and com.apple.RemoteAccessServers.plist21.3. racoon.confracoon.conf21.4. anonymous.conf21.5. Configuring PPTP21.5.1. MPEE21.6. Logging21.7. Client Information21.8. Internet Connect21.9. Other Considerations
VI. Internet Services
22. Mail Services
22.1. Mail Protocols22.1.1. SMTP22.1.2. POP 22.1.3. IMAP 22.2. Graphical Management22.2.1. Server Admin22.2.2. WebMailWebMail22.2.2.1. Behind the scenes22.2.3. Workgroup Manager22.2.3.1. Behind the scenes22.3. Mail Architecture22.3.1. PostfixPostfix22.3.1.1. Files, folders, processes22.3.1.2. Troubleshooting22.3.2. Cyrus Cyrus22.3.2.1. Files, folders, processes22.3.2.2. Troubleshooting22.4. Migration22.4.1. amsmailtool22.5. Advanced Configuration22.5.1. Backing Up22.5.2. Content Filtering22.5.2.1. amavisd-new22.5.2.2. SpamAssassin22.5.2.3. ClamAV22.5.2.4. Architecture22.5.2.5. Installation22.5.2.6. Putting it all together22.5.3. Group Distribution22.5.3.1. Postfix alias support22.5.3.2. Take 2: shared mailboxes22.5.4. Virtual Domains22.5.5. Securing Web Mail
23. Web Services
23.1. Web Services23.1.1. The Overview Pane23.1.2. The Logs Pane23.1.3. The Graphs Pane23.2. Web Service Configuration: The Settings Tab23.2.1. General Configuration23.2.2. Configuring Sites23.2.3. Setting MIME Types23.2.4. Configuring the Proxy Server23.2.5. Adding and Removing Modules23.3. Architecture23.3.1. The Performance Cache23.3.2. Apache 2.0 Apache 2.023.4. Useful Utilities23.5. Troubleshooting
24. Application Servers
24.1. Running the Server24.2. Installing Applications24.3. Server Layout24.3.1. Logs and Troubleshooting24.4. Building Java Web Applications24.5. Complex Applications24.6. Apple Proprietary Tools24.7. Next Steps
VII. Client Management
25. Managing Preferences for Mac OS X Clients
25.1. Applying Managed Preferences25.1.1. Choosing When and How a Preference Is Managed25.1.2. Managing Preferences for Users or Groups25.1.3. Creating and Managing Computer Lists25.1.3.1. Creating a computer list25.1.3.2. Limiting access to computers in a list25.1.3.3. Using the Guest Computers list Guest Computers list25.1.3.4. The MCX cache 25.1.4. How Varying Preferences Interact25.1.5. Using the Home Directory for Additional Preference Management25.2. Configuring Individual Preferences25.2.1. Application Preferences25.2.2. Classic Preferences25.2.3. Dock Preferences25.2.4. Energy Saver Preferences25.2.5. Finder Preferences25.2.5.1. Preferences25.2.5.2. Commands25.2.5.3. Views25.2.6. Internet Preferences25.2.7. Login Preferences25.2.7.1. Login items25.2.7.2. Login options and auto-logout25.2.8. Media Access Preferences25.2.9. Mobile Accounts Preferences25.2.9.1. Configuring mobile accounts25.2.9.2. Deleting mobile accounts25.2.9.3. When to use mobile accounts25.2.10. Printing Preferences25.2.10.1. Creating a printer list25.2.10.2. Restricting printer access25.2.11. System Preferences25.2.12. Universal Access Preferences
26. Managing Classic Mac OS Workstations Using Mac Manager
26.1. Mac Manager and Open Directory26.2. Mac Manager Environment Types26.2.1. Finder26.2.2. Restricted Finder26.2.3. Panels26.3. Mac Manager Share Points and Folders26.3.1. The Mac Manager Share Point and Multi-User Items Folder26.3.2. Group Documents Volumes26.3.2.1. Workgroup shared folders26.3.2.2. Global shared folders26.4. The Mac Manager Client Software26.4.1. Installing or Updating the Mac Manager Client26.4.2. Enabling Mac Manager26.5. Mac Manager Preference Management26.5.1. Initial Preferences and Forced Preferences26.5.2. Matching Mac OS 9 and Classic User Preferences26.5.3. Using Local Preferences26.6. Mac Manager Administration26.6.1. Enabling Mac Manager26.6.2. Creating an Administrative Workstation26.6.3. Importing Users26.6.3.1. Importing all users26.6.3.2. Importing manually from Workgroup Manager26.6.3.3. Importing from a user list26.6.3.4. Using the All Other Users user26.6.3.5. Using the Guest user26.6.4. Configuring User Settings26.6.4.1. User types26.6.5. Creating and Managing Workgroups26.6.5.1. Creating workgroups and managing workgroup membership26.6.5.2. Assigning workgroup items for Finder workgroups26.6.5.3. Assigning workgroup items for Restricted Finder and Panels workgroups26.6.5.4. Privileges for Finder workgroups26.6.5.5. Privileges for Restricted Finder workgroups26.6.5.6. Privileges for Panels workgroups26.6.5.7. Workgroup volume settings26.6.5.8. Defining Workgroup printers 26.6.5.9. Additional workgroup options26.6.6. Working with Mac Manager Computer Lists26.6.6.1. Creating and editing computer lists26.6.6.2. Using the All Other Computers list26.6.6.3. Disabling login for a computer list26.6.6.4. Configuring workgroup access to computer lists26.6.6.5. Control options for computer lists26.6.6.6. Security options for computer lists26.6.6.7. Login options for computer lists26.6.6.8. Checking out PowerBooks and iBooks26.6.7. Global Settings26.6.7.1. Security settings26.6.7.2. CD-ROM settings26.6.8. Enabling and Configuring Templates26.6.8.1. Using templates26.6.8.2. Duplicating workgroups and computer lists26.6.9. Mac Manager Reports and Logs26.6.10. Using Multiple Mac Manager Servers26.7. Troubleshooting Mac Manager
27. Managing Windows Clients Using Mac OS X Server
27.1. Hosting a Windows Domain27.1.1. Domain Requirements and Limitations27.1.2. Configuring Mac OS X Server as a Windows Domain Controller27.1.2.1. Limiting access to a domain27.1.2.2. Configuring Windows service logging27.1.3. Configuring Windows Computer Access to a Domain27.1.4. Configuring User Access to a Domain27.1.5. Home Directory Access from Windows Workstations27.1.5.1. Shared Mac/Windows home directories27.1.5.2. Separate home directories27.1.5.3. The Windows My Documents and Desktop folders27.1.6. Setting Up User Profiles for Windows Users27.1.6.1. Mandatory and default profiles27.1.7. Using Login Scripts27.2. Configuring Member and Standalone Servers27.2.1. Working with Member Servers in a Domain27.3. Integrating Windows Member Servers in a Mac OS X Server-Hosted Domain27.3.1. The Rationale Behind a Mixed-Server-Platform Domain27.3.2. When Windows Servers Are Warranted27.3.2.1. Easy access to existing data and cost benefits in migration planning27.3.2.2. Print servers27.3.2.3. Master browsers27.3.2.4. Microsoft terminal services27.3.2.5. Application servers
28. Workstation Deployment and Maintenance
28.1. Disk Images28.1.1. Types of Disk Images28.2. NetBoot28.2.1. The NetBoot Process28.2.1.1. Boot Service Discovery Protocol28.2.1.2. NetBoot share points and image folders28.2.1.3. Shadow files28.2.1.4. NetBoot requirements28.2.2. Network Issues and Concerns with NetBoot28.2.2.1. Load balancing with multiple servers28.2.2.2. Staggering boot times28.2.2.3. NetBoot across subnets28.2.2.4. Storing images on file servers other than servers running NetBoot28.2.2.5. Designating local or network shadow files28.2.2.6. BootPBootP28.2.3. Creating Mac OS X NetBoot Images28.2.4. Editing Mac OS X NetBoot Images28.2.4.1. Editing without synchronizing28.2.4.2. Synchronizing with a source image28.2.5. Working with Mac OS 9 NetBoot Images28.2.6. Configuring the NetBoot Service28.2.7. Configuring the NetBoot Service from the Command Line28.3. NetInstallNetInstall28.3.1. How the NetInstall Process Differs from NetBoot28.3.2. Using NetInstall for Software Install Versus Disk Image Install28.3.3. Creating NetInstall Images28.4. Apple Software Restore28.4.1. Creating Classic Mac OS ASR Images28.4.2. Applying Classic Mac OS ASR Images28.4.2.1. Configuring custom classic Mac OS restore CDs28.4.2.2. Using an ASR server for classic Mac OS images28.4.3. Creating Mac OS X ASR Images Using Disk Utility28.4.4. Applying Mac OS X ASR Images Using Disk Utility28.4.5. Applying Mac OS X ASR Images from the Command Line28.4.6. Creating and Applying Mac OS X ASR Images Using Other Tools28.5. Deploying New Software and Software Updates28.5.1. Working with Apple Software Update28.5.2. Using Apple Remote Desktop for Software Installs and Updates28.5.3. Creating Software-Only NetInstall Images28.5.4. Creating Updated Full NetInstall or ASR Images28.5.5. Using Applications Automounts or Share Points28.5.6. Placing Application Installers on the Network28.5.7. Using Third-Party Software Management Tools
29. Apple Remote Desktop
29.1. Administrator Computers29.1.1. Installing the Administrator Software29.1.2. Customizing the Remote Desktop Application29.1.2.1. Customizing the toolbar29.1.2.2. Other preferences 29.2. Remote Desktop Users29.2.1. Creating ARD-Enabled User Accounts29.2.2. Remote Desktop and Directory Domain Users29.2.3. Restricting Non-Administrator Access to Remote Desktop Features29.3. Installing and Configuring the ARD Client Software29.3.1. Manually Configuring the ARD Client29.3.2. Custom Client Install Packages29.3.3. Deploying Install Packages29.3.3.1. Manually installing custom installer packages29.3.3.2. Using SSH29.3.3.3. Using ARD’s Install Package feature29.4. Working with Computer Lists29.4.1. Adding Computers to Remote Desktop29.4.1.1. Multiple Scanners29.4.1.2. Removing computers from Remote Desktop29.4.2. Creating Computer Lists29.5. Remote Management Tasks29.5.1. Observe29.5.2. Control29.5.3. Share Screen29.5.4. Send Message29.5.5. Chat29.5.6. Lock/Unlock Screen29.5.7. Copy Items29.5.8. Install Packages29.5.9. Upgrade Client Software29.5.10. Send Unix Command29.5.11. Open Application/Open Items29.5.12. Empty Trash29.5.13. Set Startup Disk29.5.14. Rename Computer29.5.15. Sleep/Wake/Restart/Shut Down/Log Out Current User29.5.16. Change Client Settings29.5.17. Get Info29.5.18. User Messages29.6. Generating Client Reports29.6.1. Where Report Data Is Stored29.6.2. When Data Is Collected for Reports29.6.3. Configuring a Data Reporting Policy29.6.4. Running, Viewing, and Exporting Reports29.6.5. Types of Reports29.6.5.1. System overview29.6.5.2. File search29.6.5.3. Software version29.6.5.4. Software difference29.6.5.5. Storage29.6.5.6. USB devices29.6.5.7. FireWire devices29.6.5.8. Memory29.6.5.9. PCI cards29.6.5.10. Network interfaces29.6.5.11. Network test29.6.5.12. Administration settings29.7. Automating Remote Desktop Using the Saved Tasks List29.8. Working with VNC29.8.1. Configuring the ARD Client as a VNC Server29.8.2. Configure Remote Desktop as a VNC Viewer
A. Introduction to Directory Services
Identification, Authentication, and AuthorizationThe Airport ExampleThe Login Process/etc files: Identification, Authentication, and AuthorizationOpen Directory: The Ever-Expanding MarketectureIdentification, Authentication, and Authorization in Mac OS XA little (more) historyDirectoryService: lookupd evolvedThe DirectoryService DaemonDirectoryService configuration: the Authentication pathDirectoryService configurationDirectoryService monitoring and loggingAn introduction to the dscl commandThe lookupd DaemonConfiguring lookupdlookupd monitoring and logginglookupd clients and authenticationThe Open Directory Responder Chain
About the Authors
Colophon
Copyright

Content preview from Essential Mac OS X Panther Server Administration

Chapter 7. Identification and Authorization in Open Directory Server

LDAP (the lightweight directory access protocol) plays a key role in Open Directory Server, providing identification services and some authorization data to various client-side systems. In keeping with what has become a fairly common trend in Mac OS X Server, it is supported by the Open Source OpenLDAP package. This in itself is not new; Jaguar Server also shipped with an OpenLDAP implementation. Panther, however, brings a much more standardized and securable architecture, storing its data in a fast, programmatic database rather than in NetInfo. This and other fundamental changes give Open Directory Server room to scale to hundreds of thousands of users, groups and other objects.

Tip

Jaguar-based Open Directory Masters (which store their data in NetInfo and share it using OpenLDAP) should not have more than 10,000 objects (users, groups, and machines). Additionally note that attributes in NetInfo (such as a group’s user list) are limited to 1,024 values.

This chapter begins with a generalized analysis of LDAP as a protocol, progresses into a number of aspects of OpenLDAP configuration, and ends with a look at the kind of data that can be found in most Open Directory shared domains.

LDAP: A Communication Protocol

LDAP is one of those words that’s taken on a lot of baggage in the information technology field. Eager sales people have latched onto it as a sort of silver bullet, using it as a buzzword whenever feasible, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Windows Server® 2008 Active Directory® Resource Kit

Publisher Resources

ISBN: 0596006357Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Essential Mac OS X Panther Server Administration

by Michael Bartosh, Ryan Faas

Chapter 7. Identification and Authorization in Open Directory Server

Tip

LDAP: A Communication Protocol

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.