25.6. Configuring Local User Accounts

One of the uses to which you'll most likely put Mac OS X Server is creating network-wide accounts using Open Directory so user data can be managed in a single location and all users have access to the same resources and account data no matter which computer they use to log in.

NOTE

For more on creating and managing Open Directory network accounts, see Chapter 26.

However, entirely separate from these network user accounts are the local accounts, which apply to users accessing the server directly. These accounts can fall into three categories:

  • Administrators. When you initially set up Mac OS X Server, you created an administrator account. As usual, this administrator can modify nearly anything on the server itself, which includes adding, deleting, and changing local users, turning network services on and off, and modifying other server settings. You can create one or more additional administrators too, each of which has the same set of privileges. I describe how to do this just ahead.

  • Directory administrators. At the same time Mac OS X Server created an initial administrator account, it may have also created a second account, for a directory administrator; in any case, you can create more manually. An initial directory administrator account is created during setup if you opted to make your computer an Open Directory master. By default, this account's name is Directory Administrator, its short name is diradmin, and its password is the same as ...

Get Mac® Security Bible now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.