Computerworld
Home News Blogs ReviewsWhite Papers Newsletters IT Careers

resource center


Ads by TechWords

See your link here

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Macintosh
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
 

Print edition

Hands-on: Using Net Info domains for single sign-on to many servers

By Yuval Kossovsky
May 14, 2003 12:00 PM ET
Recommended
(1)
Digg
Share/Email

Computerworld - In a series of articles written by Yuval Kossovsky, manager of digital media systems at Hunter College's Department of Film and Media Studies in New York, Computerworld is following the school's integration of new Apple Computer Inc. hardware and software. This is the fifth of those articles, which are intended to offer a hands-on view of integrating Macintosh computers and Apple software in what's largely an Intel and Windows world.
The phrase often used is "single sign-on," and it means relief from multiple passwords for each server that an end user accesses. The theory goes something like this: In the old days of computing, every server an end user accessed required a new log-on. Since the servers were often managed by different computing groups, the hapless corporate end user ended up with numerous log-ons and passwords. The domain and directory service architecture is supposed to provide relief for this by bringing all of the servers under one roof. A primary server acts as the authorization agent, and all the other servers query it for an OK when a user attempts to access a resource.
The domain model greatly simplifies the lives of both the end user and the administrator.
Fast-forward to the OSX Open Directory model now available. Because Apple endowed its system with the ability to understand many protocols, the domain catalog can be maintained natively in two major formats: Net Info and Lightweight Directory Access Protocol. The server can also work as part of a Microsoft Active Directory domain, but only as a member server -- not as the primary authenticator. For this discussion, we will leave out Active Directory, since the OSX machine will act as the primary server.
To set up single sign-on for all of your servers, first you must set up the primary server.
I used my X-Serve for this purpose. To begin, run the Open Directory Assistant, and make the selections as outlined in the accompanying screenshots. First, the server must have a fixed IP (see Figure 1).

Figure 1

On the next screen, choose "provide directory information to other computers" for the primary server and "get directory information from an existing system" for all of the other servers in your domain (see Figure 2).
Figure 2
Keep in mind that if you have already set up users in the servers, they will be wiped out when rerunning the Open Directory Assistant. Be sure to export your catalog so it can be reimported after the process is finished. Also, if you had previously set up


Recommend Digg Twitter ShareThis
Email Print Send Feedback Reprints

Additional Resources

Xerox
Win a color printer!
By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!
Microsoft
Upgrade to Internet Explorer 8 today.
Save time and mitigate security risk. Deploy it now.
Sybase
NEXT-GENERATION MOBILITY PLATFORMS
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

White Papers & Webcasts

iPhone for the Enterprise
One of the biggest concerns of using the iPhone for the enterprise is the security and manageability issues. Read this white paper to...  

Strategic ECM Webinar
Learn what new strategic business benefits can be realized through ECM!...

2009 Gartner Magic Quadrant Report
Truly understand your options for WAN Optimization Controllers...  

Managing And Protecting Your Ever Increasing Mobile Assets
Learn best practices for desktop and application virtualization, computer security, and computer life-cycle management....

Tech Horizons: ASG's metaCMDB, The Technology That Rocks
Improved business productivity often requires more efficient IT and more efficient IT cannot be achieved without a better understanding of the way business...  

5 Architecture Issues that Impact BES performance
This Live webinar will identify critical log file errors, performance counters, and configurations to pay close attention to when optimizing BES server performance....

The Vector Approach to Data Center Power Planning
This white paper describes an approach that considers the major milestones and thresholds in data center power requirements-and how planners should adjust their...  

Usability Is Everything
Learn what sets Workday's HR and Payroll solutions apart from the competition....

Yankee Group Mobile WAN Optimization Report
Mobile work continues to evolve. Learn how to keep up with the demands of your organization's mobile workforce....  

The Value of Real SaaS at Workday
Cost savings, speed to value, and innovation brought to the enterprise by Workday's software-as-a-service solutions for HR and Payroll....

All White Papers | All Webcasts

Computerworld Reports

An Apple for Your Enterprise?

An Interactive eBook: Enterprise Security

The Business Case for Server Virtualization

All Computerworld Reports
 
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.