AppleOsx has facilities for integration with existing authentication and naming schemes (such as ActiveDirectory, OpenLdap or UsingNis). However OSX doesn't use nsswitch which is the conventional Unix name service switch, instead it uses a legacy NextStep tool called NetInfo, this makes things behave a little differently.

See also: AppleOsx, AppleSoftware, LdapClient, LdapAuthentication, AppleOsxIntegrationWithOpenLdap

Contents

  1. Apple Documentation
  2. Other Documentation
    1. Integration with Active Directory
    2. Integration with OpenLDAP
  3. Software
  4. General Resources and Discussion
  5. Troubleshooting

Apple Documentation

Apple Documention
Note that their fucking web site does not appear to index PDF's, and all their useful documentation is in PDF format, so don't expect search to be useful.

http://www.apple.com/server/documentation/
http://docs.info.apple.com/article.html?artnum=50525

Integrating OSX and Active Directory

Mostly talks about how to prepare ActiveDirectory to behave like a normal OpenLdap server so AppleOsx can talk to it.

http://www.apple.com/server/macosx/pdfs/MacOSXwithActiveDirectory.pdf

Other Documentation

Integration with Active Directory

Active Directory Integration
Good tutorial with screenshoots and step by step instructions.

http://www.bombich.com/mactips/activedir.html

Active Directory and Kerberos

See also The Moron's Guide to Kerberos.

http://www.afp548.com/Articles/system/adkerberos.html

Fat of the LAN

Example of how to authenticate to ActiveDirectory without changing your AD schema.

http://www.fatofthelan.com/articles/articles.php?pid=14

Integration with OpenLDAP

OSX Automount using standard LDAP
An example of how to store automount configurations in LDAP (untested).

http://bluedot.net/mail/archive/read.php?f=7&i=43783&t=43768

LDAP over SSL Authentication

http://www.afp548.com/Articles/system/ldap-ssl.html

=== Integration with Other Backends ===

NIS Integration

Great step by step document about how to integrate a Jaguar box with an existing NIS infrastructure. Has lots of useful information on OSX's AutoMount system as well.

http://www.bresink.de/osx/nis.html

Samba Primary Domain Controller

http://www.afp548.com./Articles/system/sambapdc.html

Using Netinfo to Manage Automounts

http://www.bombich.com/mactips/automount.html

Software

NFS Manager
Allows managing of NFS mounts and exports, including managing mounts in Netinfo of LDAP.

http://www.bresink.de/osx/NFSManager.html

NIS Lookup
GUI wrapper for ypcat etc commands. Useful for making sure you are connected to, and seeing, the right things.

http://home.earthlink.net/~dwbrowne/software.html

Login Window Manager
GUI to manage login window features (banner, which users show, log in/out scripts etc).

http://www.bombich.com/software/lwm.html

Sample Login Hook Scripts

PerlLanguage scripts for grabbing user data from the network and populating a local home directory via login hooks.

http://forums.bombich.com/viewtopic.php?t=1166

General Resources and Discussion

Mac OSX Labs
Lots and lots of information on doing all kinds of things with OSX but there is a LOT of noise so it's a pretty frustrating site to actually use.

http://www.macosxlabs.org/

Mailing Lists
Worst case, ask questions ...

http://lists.apple.com/mhonarc/macos-x-server
http://www.omnigroup.com/mailman/listinfo/macosx-admin

SlashDot article on OSX integration
Lots of good links and some worthy discussion.

http://apple.slashdot.org/apple/02/08/26/2255255.shtml

Troubleshooting

Home Directories on NFS

It seems that Panther (10.3) has some problems with storing user home directories on an NFS server, especially on a Linux NFS server (though I'm currently having problems with a NetworkAppliance server). The workaround is to disable NFS locking on the client by using NFS Manager (see above) or editing /etc/hostconfig and adjusting NFSLOCKS.

Performance Tuning NFS

Check async vs. sync mounts and you may want to adjust the number of nfsiod threads.

CategorySoftware

AppleOsxIntegration (last edited 2005-09-27 22:12:38 by AdamShand)