Apple Mac OS X Server (version 10.2.3 or later) User Manual

Page 95

Advertising
background image

Directory Services

95

Note: The mapping of Mac OS X attributes can be different for each record type. Mac OS X
has separate LDAPv3 mappings for each record type.

For detailed specifications of record types and attributes required by Mac OS X, see
Appendix A, “Data Requirements of Mac OS X Directory Services.”

To edit the search bases and mappings for an LDAPv3 server:

1

In Directory Access, click the Services tab.

2

If the lock icon is locked, click it and type the name and password of a server administrator.

3

Select LDAPv3 in the list of services, then click Configure.

4

If the list of server configurations is hidden, click Show Options.

5

Select a server configuration in the list, then click Edit.

6

Click the Search & Mappings tab.

7

Select the mappings that you want to use as a starting point, if any.

Click “Read from Server” to edit the mappings currently stored in the LDAPv3 server whose
configuration you are editing.

Click the “Access this LDAPv3 server using” pop-up menu, choose a mapping template to use
its mappings as a starting point, or choose Custom to begin with no predefined mappings.

8

Add record types and change their search bases as needed.

To add record types, click the Add button below the Record Types and Attributes list. In the
sheet that appears, select Record Types, select one or more record types from the list, and
then click OK.

To change the search base of a record type, select it in the Record Types and Attributes List.
Then click the “Search base” field and edit the search base.

To remove a record type, select it in the Record Types and Attributes List and click Delete.

To add a mapping for a record type, select the record type in the Record Types and Attributes
List. Then click the Add button below “Map to __ items in list” and enter the name of an
object class from the LDAPv3 domain. To add another LDAPv3 object class, you can press
Return and enter the name of the object class. Specify whether to use all or any of the listed
LDAPv3 object classes by using the pop-up menu above the list.

Important

When mapping Mac OS X user attributes to a read/write LDAPv3 directory

domain (an LDAPv3 domain that is not read-only), the LDAPv3 attribute mapped to
RealName must not be the same as the first attribute in a list of LDAPv3 attributes mapped to
RecordName. For example, the cn attribute must not be the first attribute mapped to
RecordName if cn is also mapped to RealName. If the LDAPv3 attribute mapped to RealName
is the same as the first attribute mapped RecordName, problems will occur when you try to
edit the full (long) name or the first short name in Workgroup Manager.

LL0395.Book Page 95 Wednesday, November 20, 2002 11:44 AM

Advertising
See also other documents in the category Apple Software: