In order to configure Directory Services, use the Directory Access application (/Application/Utilities), shown in Figure 3-3. You can enable or disable various directory service plug-ins, or change their configuration.
Directory Access supports the following plug-ins:
WARNING: By default, the checkboxes for NetInfo and BSD Configuration Files are off. For the BSD Configuration Files, the checkbox controls whether the files are consulted for Directory Service lookups. NetInfo is a little more complicated. If the checkbox is off, NetInfo uses the local domain but does not consult network-based NetInfo domains. If the checkbox is on, NetInfo will also look for and potentially use any network-based domains that it finds.
TIP: NetInfo and LDAP both use the same data store, which is contained in /var/db/netinfo/. The data store is a collection of embedded database files.
Under the Services tab, everything except NetInfo and BSD Configuration Files is enabled by default. However, if you go to the Authentication tab (Figure 3-4), you'll see that NetInfo is the sole service in charge of authentication (which is handled by /etc/passwd and /etc/group on other Unix systems).
By default, the Authentication tab is set to Automatic. You can set the Search popup to any of the following:
After you have changed the Search setting, click Apply. The Contact tab is set up identically to the Authentication tab and is used by programs that search Directory Services for contact information (office locations, phone numbers, full names, etc.).
WARNING: Note that enabling BSD flat files does not copy or change the information in the local directory (the NetInfo database). If you want to rely only on flat files, you would need to remove all the entries from the local directory and add them to /etc/master.passwd. This would mean you could no longer use the GUI tools to manage those accounts.
Copyright © 2003 O'Reilly & Associates. All rights reserved.