Support User Manuals

Apple 10.3 Life Jacket User Manual

Open as PDF

of 139

32 Chapter 2 Inside Mac OS X Server

The following services on Mac OS X Server support Kerberos authentication: AFP,

mail, FTP, SSH, and login window.

• Storing passwords in user accounts. This approach may be useful when migrating

user accounts from earlier server versions. However, this approach may not support

clients that require certain network-secure authentication protocols, such as APOP.

• Non-Apple LDAPv3 authentication. This approach is available for environments that

already have an LDAPv3 server set up to authenticate users.

Single Signon

When a Mac OS X user is authenticated using Kerberos, the user does not have to enter

a user name and password every time he or she uses a Kerberized service.

The user enters the Kerberos name and password at login, but does not need to

reenter it when using Apple file service, mail service, or other services that support

Kerberos authentication.

Discovery of Network Services

Information about file servers and other services tends to change much more

frequently than user information, so it isn’t typically stored in directories. Instead,

information about these services is discovered as the need arises.

Open Directory can discover network services that make their existence and

whereabouts known. Services make themselves known by means of standard

protocols. Open Directory supports the following service discovery protocols:

• Rendezvous, the Apple protocol that uses multicast DNS

• SMB, the protocol used by Microsoft Windows

• AppleTalk, the legacy Mac OS protocol for file services

• SLP, an open standard for discovering file and print services

User Management

Mac OS X Server helps you manage access to network resources, files, and services by

Macintosh, Windows, UNIX, and Linux computer users.

The user management guide contains a full description of the server’s user

management capabilities. Some highlights follow.

User Accounts

User accounts contain the information needed to prove a user’s identity: user name,

password, and user ID. Other information in a user’s account is needed by various

services—to determine what the user is authorized to do and perhaps to personalize

the user’s environment.

LL2343.Book Page 32 Thursday, August 14, 2003 5:12 PM

previous next