UbuntuHelp:OSXClientAuthenticationToLDAP
来自Ubuntu中文
![]() |
点击翻译: |
English |
请不要直接编辑翻译本页,本页将定期与来源同步。 |
Purpose
Make Mac OS X clients authenticate against an ubuntu openLDAP server. The emphasis of this page is on using Ubuntu 9.04 (Jaunty Jackalope) and Mac OS 10.5 (Leopard). This is presently what I am working on, and it is not yet working, though I believe I have a handle on many of the steps. Fundamentally, there are five:
- Setup the openLDAP server. Good instructions at [ "https://help.ubuntu.com/9.04/serverguide/C/openldap-server.html" ] though note the following: The CA certificate file must be .pem format when using the default installation of openldap with gnutls. If using a self-signed certificate, do _NOT_ set the olcTLSCACertificateFile in the configuration (if you do, the server will fail to initialize TLS).
- Add the apple.schema and samba.schema to the schemas for the server.
- Add attributes to the LDAP user entries to make them Apple open-directory compatible, using elements from the schemas.
- Use the DirectoryUtility program on a client to write appropriate mappings into the macosxodconfig element.
- Use DirectoryUtility to set the client to consult the LDAP server for authentication.
This last step is presently under investigation. It is unclear what a Leopard 10.5 client will require.