314:
Open
Directory began with Mac OS X Server 10.2. In this initial form, Open Directory consisted of a network-visible NetInfo directory domain and a corresponding Authentication Manager service for storing passwords outside of the directory. Version 10.2 also included support for Kerberos. Mac OS X
144:. In addition to its local directory, this OpenLDAP-based LDAPv3 domain is designed to store centralized management data, user, group, and computer accounts, which other systems can access. The directory domain is paired with the
315:
versions 10.1 and 10.0 stored user password information within the directory domain using crypt password authentication authorities, but version 10.2 paved the way for the current Shadow Hash and
Password Server mechanisms.
318:
Password Server is the successor to
Authentication Manager, and was introduced in Open Directory 2 in Mac OS X Server 10.3. Open Directory 2 was also the first version to use LDAPv3 as the directory domain.
79:
and macOS Server. In this context, it describes the role of a macOS or macOS Server system when it is connected to an existing directory domain, in which context it is sometimes referred to as
117:
from 10.0 to 10.4. Mac OS X 10.5 now uses
Directory Services and its plugins for all directory information. Local accounts are now registered in the Local Plugin, which uses XML
212:
system prior to 10.7 (Lion) configured as an Active
Directory Master can act as a Windows Primary Domain Controller (PDC), providing domain authentication services to
322:
Mac OS X Server 10.4 includes Open
Directory 3, which introduced Active Directory domain member support, trusted directory binding, and increased robustness.
380:
629:
148:
and, optionally, a
Kerberos realm. Either provides an authentication model and stores password information outside of the directory domain itself.
858:
558:
502:
451:
420:
533:
159:
672:
260:
53:
325:
87:
176:
41:'s users and network resources and which allows network administrators to manage users' access to the resources.
633:
482:
228:
and the directory services framework in macOS and macOS Server. This could be thought of as analogous to the
400:
290:
863:
700:
843:
274:
61:
725:
665:
609:
589:
296:
729:
155:(KDC) running on the server system, or the server can participate in an existing Kerberos realm.
152:
565:
509:
458:
427:
56:
directory domain and a corresponding authentication model composed of Apple
Password Server and
853:
776:
695:
658:
345:
796:
94:
framework, permitting macOS applications to interrogate and edit the Open
Directory data.
8:
822:
229:
57:
537:
113:), which had been used by default for all local accounts and groups in every release of
740:
801:
735:
328:
features Open
Directory 4 with support for cross-domain authorization and a built-in
244:
225:
213:
60:
5 tied together using a modular Directory Services system. Apple Open Directory is a
34:
26:
786:
350:
255:
236:
151:
For Kerberos authentication, the Kerberos realm can either be hosted by a Kerberos
98:
38:
158:
For services that are not Kerberized, the Password Server provides the following
848:
791:
781:
224:
In a more general sense, Open Directory can describe the plugins model used by
837:
118:
75:
can also be used to describe the entire directory services framework used by
483:"Server Admin 10.4 Help: Setting Up a Server as a Primary Domain Controller"
243:, a macOS client or Server can authenticate users, lookup contacts, perform
710:
681:
209:
133:
45:
806:
760:
745:
705:
336:
base stations. Open Directory 4 no longer includes elements of NetInfo.
534:"Apple - Mac OS X Server 10.2: How to Integrate Services With Kerberos"
30:
284:
233:
186:
301:
171:
110:
106:
65:
715:
360:
355:
333:
267:
263:, including an Open Directory domain or RFC 2307-compliant system
102:
650:
329:
202:
750:
247:
and name resolution with the following types of directories:
114:
76:
401:"Directory Services source code at www.opensource.apple.com"
755:
630:"AFP548 - Leopard Server Part 2 - Local Directory Services"
503:"Mac OS X Server: Open Directory Administration, chapter 7"
197:
191:
166:
23:
559:"Mac OS X Server: Open Directory Administration, page 41"
452:"Mac OS X Server: Open Directory Administration, page 50"
421:"Mac OS X Server: Open Directory Administration, page 40"
181:
610:"Apple - Mac OS X Server - Technology - Open Directory"
381:"OpenDirectory Release Notes at developer.apple.com"
128:
835:
101:(10.5), Apple chose to move away from using the
219:
37:which stores and organizes information about a
666:
673:
659:
590:"Apple - Mac OS X Server - Open Directory"
160:Simple Authentication and Security Layer
105:directory service (originally found in
859:MacOS-only software made by Apple Inc.
836:
281:Service discovery and name resolution
654:
13:
14:
875:
680:
302:Multicast DNS (Bonjour/Zeroconf)
622:
602:
297:Service Location Protocol (SLP)
241:connected to a directory system
162:-based authentication methods:
582:
551:
526:
495:
475:
444:
413:
393:
373:
146:Open Directory Password Server
129:Implementation in macOS Server
123:/var/db/dslocal/nodes/Default/
86:Apple, Inc. also publishes an
1:
366:
251:Authentication and contacts
220:Directory services framework
7:
339:
177:Diffie–Hellman key exchange
16:Dictionary service by Apple
10:
880:
726:QuickTime Streaming Server
309:
29:model implementation from
815:
769:
688:
125:as its backing storage.
121:(plist) files stored in
730:Darwin Streaming Server
153:key distribution center
33:A directory service is
232:systems of some other
140:when configured as an
777:QuickTime Broadcaster
346:List of LDAP software
289:Windows (NetBIOS and
142:Open Directory Master
138:Open Directory domain
797:System Image Utility
332:server for managing
326:Mac OS X Server 10.5
97:With the release of
20:Apple Open Directory
864:Apple Inc. software
823:Mac OS X Server 1.0
273:BSD flat files and
230:Name Service Switch
52:describes a shared
844:Directory services
741:Apache HTTP Server
81:Directory Services
44:In the context of
831:
830:
802:Workgroup Manager
245:service discovery
237:operating systems
226:Directory Utility
214:Microsoft Windows
27:directory service
871:
787:Server Assistant
736:Spotlight Server
675:
668:
661:
652:
651:
645:
644:
642:
641:
632:. Archived from
626:
620:
619:
617:
616:
606:
600:
599:
597:
596:
586:
580:
579:
577:
576:
570:
564:. Archived from
563:
555:
549:
548:
546:
545:
536:. Archived from
530:
524:
523:
521:
520:
514:
508:. Archived from
507:
499:
493:
492:
490:
489:
479:
473:
472:
470:
469:
463:
457:. Archived from
456:
448:
442:
441:
439:
438:
432:
426:. Archived from
425:
417:
411:
410:
408:
407:
397:
391:
390:
388:
387:
377:
351:Active Directory
256:Active Directory
124:
99:Mac OS X Leopard
39:computer network
879:
878:
874:
873:
872:
870:
869:
868:
834:
833:
832:
827:
811:
765:
701:Contacts Server
684:
679:
649:
648:
639:
637:
628:
627:
623:
614:
612:
608:
607:
603:
594:
592:
588:
587:
583:
574:
572:
568:
561:
557:
556:
552:
543:
541:
532:
531:
527:
518:
516:
512:
505:
501:
500:
496:
487:
485:
481:
480:
476:
467:
465:
461:
454:
450:
449:
445:
436:
434:
430:
423:
419:
418:
414:
405:
403:
399:
398:
394:
385:
383:
379:
378:
374:
369:
342:
312:
222:
210:Mac OS X Server
131:
122:
17:
12:
11:
5:
877:
867:
866:
861:
856:
851:
846:
829:
828:
826:
825:
819:
817:
813:
812:
810:
809:
804:
799:
794:
792:Server Monitor
789:
784:
782:QTSS Publisher
779:
773:
771:
767:
766:
764:
763:
758:
753:
748:
743:
738:
733:
723:
721:Open Directory
718:
713:
708:
703:
698:
692:
690:
686:
685:
678:
677:
670:
663:
655:
647:
646:
621:
601:
581:
550:
525:
494:
474:
443:
412:
392:
371:
370:
368:
365:
364:
363:
358:
353:
348:
341:
338:
311:
308:
307:
306:
305:
304:
299:
294:
287:
279:
278:
277:
271:
264:
258:
221:
218:
206:
205:
200:
195:
189:
184:
179:
174:
169:
130:
127:
73:Open Directory
50:Open Directory
15:
9:
6:
4:
3:
2:
876:
865:
862:
860:
857:
855:
852:
850:
847:
845:
842:
841:
839:
824:
821:
820:
818:
814:
808:
805:
803:
800:
798:
795:
793:
790:
788:
785:
783:
780:
778:
775:
774:
772:
768:
762:
759:
757:
754:
752:
749:
747:
744:
742:
739:
737:
734:
731:
727:
724:
722:
719:
717:
714:
712:
709:
707:
704:
702:
699:
697:
694:
693:
691:
687:
683:
676:
671:
669:
664:
662:
657:
656:
653:
636:on 2009-04-15
635:
631:
625:
611:
605:
591:
585:
571:on 2007-03-15
567:
560:
554:
540:on 2008-02-18
539:
535:
529:
515:on 2007-03-15
511:
504:
498:
484:
478:
464:on 2007-03-15
460:
453:
447:
433:on 2007-03-15
429:
422:
416:
402:
396:
382:
376:
372:
362:
359:
357:
354:
352:
349:
347:
344:
343:
337:
335:
331:
327:
323:
320:
316:
303:
300:
298:
295:
292:
288:
286:
283:
282:
280:
276:
272:
269:
265:
262:
259:
257:
253:
252:
250:
249:
248:
246:
242:
238:
235:
231:
227:
217:
215:
211:
204:
203:WebDAV-Digest
201:
199:
196:
193:
190:
188:
185:
183:
180:
178:
175:
173:
170:
168:
165:
164:
163:
161:
156:
154:
149:
147:
143:
139:
135:
126:
120:
119:property list
116:
112:
108:
104:
100:
95:
93:
92:OpenDirectory
89:
84:
82:
78:
74:
69:
67:
63:
59:
55:
51:
47:
42:
40:
36:
32:
28:
25:
21:
854:MacOS Server
770:Applications
720:
711:iChat Server
682:macOS Server
638:. Retrieved
634:the original
624:
613:. Retrieved
604:
593:. Retrieved
584:
573:. Retrieved
566:the original
553:
542:. Retrieved
538:the original
528:
517:. Retrieved
510:the original
497:
486:. Retrieved
477:
466:. Retrieved
459:the original
446:
435:. Retrieved
428:the original
415:
404:. Retrieved
395:
384:. Retrieved
375:
324:
321:
317:
313:
240:
223:
207:
157:
150:
145:
141:
137:
136:can host an
134:macOS Server
132:
96:
91:
85:
80:
72:
70:
49:
46:macOS Server
43:
19:
18:
807:Xgrid Admin
761:Mail Server
746:Wiki Server
706:iCal Server
266:Apple/NeXT
198:Lan Manager
90:called the
838:Categories
696:AFP Server
640:2007-12-21
615:2007-12-21
595:2007-06-08
575:2007-06-08
544:2007-06-08
519:2007-06-07
488:2007-06-07
468:2007-06-07
437:2007-06-07
406:2009-09-02
386:2010-04-21
367:References
254:Microsoft
182:Digest-MD5
31:Apple Inc.
285:AppleTalk
234:Unix-like
216:clients.
194:v1 and v2
187:MS-CHAPv2
71:The term
689:Services
340:See More
172:CRAM-MD5
115:Mac OS X
111:OPENSTEP
107:NeXTSTEP
66:OpenLDAP
58:Kerberos
35:software
816:Related
716:NetBoot
361:NetInfo
356:FreeIPA
334:AirPort
310:History
270:domains
268:NetInfo
239:. When
103:NetInfo
22:is the
330:RADIUS
261:LDAPv3
54:LDAPv3
849:MacOS
751:Xgrid
569:(PDF)
562:(PDF)
513:(PDF)
506:(PDF)
462:(PDF)
455:(PDF)
431:(PDF)
424:(PDF)
77:macOS
756:Xsan
291:WINS
208:Any
192:NTLM
167:APOP
109:and
62:fork
24:LDAP
275:NIS
88:API
64:of
840::
83:.
68:.
48:,
732:)
728:(
674:e
667:t
660:v
643:.
618:.
598:.
578:.
547:.
522:.
491:.
471:.
440:.
409:.
389:.
293:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.