WARNING: if you don't have the firewall turned on, others could connect to your LDAP server and view your NetInfo information.
With two simple tweaks, I had LDAP running, and access to it with an LDAP browser:
- Modify /etc/openldap/slapd.conf; on line 19, you'll see the line:
/var/db/netinfo/network.nidb
change it to:/var/db/netinfo/local.nidb
- Modify /etc/hostconfig by adding the line:
LDAPSERVER=-YES-
% sudo /System/Library/StartupItems/LDAP/LDAP startIt will start the LDAP server, and you can access it, with a blank base DN and anonymous bind (ie. no User DN/password) This is a flaw, IMO, but if you have the firewall turned on, you're good. I'm looking into how to require authentication, and hopefully will be able to enable SSL, as well. If you're looking for a decent Java-based LDAP browser, check out this one, from Jarek Gawor.
I'm really jazzed about this, because finally I have an easy way to authenticate Tomcat app users against my local user database!
[Editor's note: As this is well beyond what I do with my machine, I'm not 100% certain as to how this hint compares to this one, although they clearly have some similarities. So I thought I'd err on the side of 'too much information' and publish this one as well, just in case.]

