Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Integrating OS X with LDAP server Network
Is there any way to have OS X or OS X server import user directory imformation from a windows 2000 LDAP server. If so, how in the world is it done?

It would be wonderful to have mac log in with the same usernames and passwords as the pee cee's. I have seen many people asking about the same issue in the apple support pages but no one answers.

What information do I get from active directory? As far as I know it involves having a format like the one in OS X in the LDAP server. Or the other way around I just don't know what.

I have tried to read everything possible and I have heard that this is supposed to work. But I can't no matter what I try.
  • Currently 4.00 / 5
  You rated: 4 / 5 (3 votes cast)

Integrating OS X with LDAP server | 8 comments | Create New Account
Click here to return to the 'Integrating OS X with LDAP server' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Authored by: kabrowne on Sep 12, '01 01:28:24PM

I will look further and post again this afternoon (If I have time), but the OSX server 2 admin book has instructions on how to setup the LDAP authentication on an individual machine... Once you get that setup, you can then have any other OSX boxen authenticate to that machine's Netinfo...... Have not personally set this up yet, but perhaps I'll give it priority to help the community.

[ Reply to This | # ]
Directory Setup
Authored by: nagani on Sep 12, '01 09:31:54PM

Although I have not tried it, there is in Applications/Utilities an application named Directory Setup which offers the option. It seems that enabling LDAP is pretty straightforward: Click the lock and input your administrator password, select LDAP, click configure, enter the server name and user.

Let us know if this works...


[ Reply to This | # ]
Directory Setup
Authored by: oshi22 on Sep 13, '01 03:33:26PM

some additional information to the LDAP problem.

I have been working on the Directory setup application
this contains two tabs called records and data.

On the W2k side, active directory has the ability to add certain types to the schema.
For some reason or another... doing this will not work to export this information since
addig this to the schema will not match with the type of information.
I was told that this means that w2k has a ssertain schema and OS X another.
on of the two has to be changed to work with the other.
I hope this makes sence

If this is so, how would this be done?
What, should I change in the Directory setup application to make it work with w2k server LDAP

The Admin Guide is really vague.

thank you for all your help.
let me know if you find something

[ Reply to This | # ]
X no, X server yes
Authored by: OneSickPuppy on Sep 12, '01 11:29:51PM
This was discussed at WWDC 2001. Apparently, an OS X client cannot talk directly to an LDAP (W2K or not). It will have to talk to an OS X Server netinfo server, which can in turn just point to an LDAP server for its info. There may be some discussion of this in the OS X Server Administration Guide.

[ Reply to This | # ]
X no, X server yes
Authored by: kesmit on Oct 04, '02 10:49:49AM

Not so. I followed the directions in this tip and I have an LDAP server running on my Linux machine that serves up groups, mount points, etc.

[ Reply to This | # ]
Win2K configuaration
Authored by: lazymutt on Sep 13, '01 04:38:54PM

This will work, as long as the Win2K LDAP server has the "Unix Services" plugin installed. I can't quite remember the specific name, but it's something like "Unix Services for Windows". There isn't much documentation though...

[ Reply to This | # ]
Using OS X with Active Directory
Authored by: Jaharmi on Oct 04, '02 07:59:22PM

Apple has a document describing what to do, produced after a great many people asked about the very same thing. The document was produced in the Mac OS X 10.1 timeframe.


Note that you apparently need home directories on an AFP or NFS file server in order to make directory logins work. Unless you have home directories for your directory-enabled users on the local drive. Same goes for Kerberos logins, in my experience.

[ Reply to This | # ]
Using OS X with Active Directory
Authored by: pjorgensen on Jan 13, '03 11:01:12AM

I can authenticate to an LDAP server (v2) and get a console login window on my OS X server (or on clients running Jag). BUT I can't figure out how to map home directories to users whose info is stored on the ldap server. Put another way, I can't get the numeric uid from the ldap server. If I could get it, then I think I could create directories owned by the appropriate uids for each user.

Another approach is to use the non-OSX ldap server to only authenticate the password, and then let the other info come from the OS X netinfo database.

Or would it work to set up ldap instead of netinfo on the OS X server. Could the ldap on the OS X server then authenticate passwords from the other ldap server, supplying the rest of the necessary information from local files?


[ Reply to This | # ]