How-to: Understanding Mac OS X Open Directory
An introduction to directory services in the Mac environment.
Computerworld - Directory services are a critical component of any enterprise environment. These services provide a database for central account management for both user and computer, as well as a framework for sharing that information among workstations and servers. Mac OS X's native directory service is called Open Directory.
Every Mac OS X computer includes a local Open Directory database -- referred to as a domain -- that stores information about local user accounts. This local domain allows each user to have a computing experience and home directory, and the local domain works with the file system to manage permissions on files and folders. Mac OS X Server relies on shared Open Directory domains to provide network user accounts that can be used to log into computers that are bound to a shared domain. The shared domain can also allow users to access resources on other servers that are bound to the domain. Shared domains also allow systems administrators to define custom user environments.
Open Directory is a multipart architecture that performs the basic functions of any directory service in addition to providing mechanisms for accessing non-native directory services platforms such as Microsoft Corp.'s Active Directory and Unix Network Information Service servers. It also has components that manage Mac OS X's access to self-discovering network protocols including Apple Computer Inc.'s Bonjour, Microsoft Corp.'s Server Message Block/Common Internet File System and the open standard Service Location Protocol. When discussing Open Directory, however, the phrase typically refers to its function as Mac OS X's native directory service.
NetInfo -- The local Open Directory domain
Each Mac OS X computer, including Mac OS X Server, has a local Open Directory domain. This domain stores all information about local users as well as information about the machine itself. The local domain for Mac OS X is a NetInfo domain. NetInfo is a proprietary directory service originally developed by NeXT Computer Inc. that originally served as Mac OS X's native directory service. As Mac OS X Server evolved, Apple replaced NetInfo with a service based on the Lightweight Directory Access Protocol (LDAP) that is often referred to as simply Open Directory.
There is little administration that needs to be done with the local NetInfo domain on Mac OS X computers. However, it is important to understand that the local domain is always the first source in which a Mac OS X computer will look for user information. It is also important to know that the local domain is visible in Mac OS X Server's Workgroup Manager; this is the tool used for
- SANS: Next-Generation Datacenters = Next-Generation Security This whitepaper takes a look at some new technology that may allow security teams to implement more flexible and capable protection models in...
- SANS: Protecting Virtual Endpoints with McAfee Server Security Suite Essentials SANS review of McAfees Server Security Suite Essentials that address some of the emerging challenges of securing virtual platforms and cloud environments.
- Safeguarding the Next-Generation Data Center Use of virtual and cloud servers has exploded. Unfortunately, security often lags behind. McAfee recommends looking at innovative solutions in order to erect...
- Evolving Your Data Center? Evolve Your Data Center Security Your datacenter is evolving - your datacenter security should be evolving, too. Key security technologies and services are being adapted by leading solution...
- Is SQL Server AlwaysOn really as powerful? Tips and Tricks from the field With the introduction of AlwaysOn, Windows Clustering Services is now more critical than ever.
- What are the desktop virtualization market trends and how can you successfully deploy your solution? You've probably heard about desktop virtualization -- and some of its benefits -- things like tighter security, streamlined management and lower costs. But... All Infrastructure Management White Papers | Webcasts