Apple Mac OS X Server System Imaging and Software Update Administration For Version 10.4 or Later Instrukcja Użytkownika Pobierz pdf (Strona 6)

R. Saeks July ’06 - 6 -

Below, a user record in ConsoleOne is shown and an explanation as to how items in the UNIX profile portion are

utilized and translate to the OS X machine for the user login and identification is given. Hopefully this will give a bit

more of a functional example as to how LDAP mappings work between OS X and eDirectory.

The User ID field functions

as the uniqueID of the user.

For our setup, we used the

employee ID number. In

the case of students, we

use the student ID number.

For auditing, try not to have

any duplicates. The next

field, Primary Group, which

is indicated in blue, is the

number associated with the

group object to which the

user belongs. Setting the

primary group to 80 sets

users as an admin on the

machine. You can manage

group preferences by

associating preferences to the group that has the same ID as the Primary Group here. This topic is covered more in

Managing Preferences

. The last area of note is the section in green. This is the Unix location of the home directory

for the user. The beginning part of the path, /Network/Servers is the local file system path of the mount point. This

is read from the apple-mountDirectory attribute in eDirectory. More information on this is located after the

Directory Access mappings on the next page.

The next few pages detail the Directory Access attribute mappings. This is the area that will be utilized to map the

Apple OS X values to the corresponding attributes that reside in eDirectory. The attribute mappings listed are the

attributes currently employed in my setup. In the LDF file used to extend the schema, items deemed as

unnecessary may be removed. Also, you don’t need to apply all the attributes at once. You can add more at a later

time.

The guide I used and schema extensions can be found here: http://macenterprise.org/content/view/80/77

The attribute mappings correspond to the mappings created in Directory Access based upon the above mentioned

schema extensions. Each heading represents a Record Type. The local attribute is what is OS X calls the attribute,

1 2 3 4 5 6 7 8 9 10 11 ... 26 27

Brak uwag

Apple Mac OS X Server System Imaging and Software Update Administration For Version 10.4 or Later Instrukcja Użytkownika Strona 6