Authentication & Directory Services

Revised: 2006-06-15 devin

Table Of Contents
  • Campus LDAP
    • There is a LDAP server on campus that you can setup with Address Book, which would give you simpler functionality as web campus faculty & staff directory.

  • Enterprise Directory Integration
    • Darren provides a brief overview of directory schemas and information on valuable deployment strategies. He discusses what the directory might contain and why users might want to leverage it. He will also show how we made it work.

  • dscl
    • This article will show how to connect to a directory service using Directory Access and how to inspect and modify the data in the directory using dscl.

  • Kerberos Authentication
    • An overview of Mac OS Support's labs deployment of Kerberos for authentication.

  • LDAPv3 and Wildcard Static Mappings
    • Apple introduced static mappings in Mac OS X 10.2.2 for the LDAPv3 plug-in. Static mappings allow administrators to configure attributes in the LDAPv3 plug-in that are global for all users. This functionality is nice, but wouldn't it be even better to have wildcards placed in the static strings? For instance, if you configured the NFSHomeDirectory mapping to be #/tmp/$uid$ and $uid$ would be replaced by your user name. Dan modified the LDAPv3 plug-in to support wildcards in static mappings. His presentation will include a demonstration of the modified plug-in.

  • Mac OS X Authentication on Campus
    • This presentation is a case study of how the University of Utah Student Computing Labs performed network authentication on Mac OS X 10.2 (Jaguar) using Kerberos and an Enterprise Directory. It features a discussion on setting up the Kerberos client built in to Jaguar as well as using the Apple Directory Access Utility to setup directory integration using LDAPv2.

  • Mac OS X, LDAPv3, and Kerberos
    • A brief update everyone who uses both LDAP and Kerberos for authentication on a new more secure configuration.