Apple Mac OS X Server Version 10.3 or Later Manual de usuario descargar pdf (Pagina 35)

Chapter 3 Administering Windows Users, Groups, Computers, and Share Points 35

You must make sure the specified share point is shared using SMB. Additionally,

you must create the user’s home directory folder in the share point. The folder you

create must have the same name as the user’s first short name. (Mac OS X Server

automatically creates a home directory folder only in the share point specified on the

Home pane.)

3 Click Save.

See “Setting Up a Home Directory for a Windows User” on page 36 and “Managing

SMB Share Points” on page 41 for additional information.

Working With Advanced Settings for Users

Advanced settings include Mac OS X login settings, password validation policy, and a

comment. You work with these settings in the Advanced pane of a Workgroup

Manager user account window.

• User Password Type must be Open Directory or Shadow Password for Windows users.

• Settings at the top and bottom of the Advanced pane apply only when the user logs

in from a Mac OS X computer. The following settings are not used for Windows

services: “Allow simultaneous login,” Login Shell, and Keywords.

For detailed instructions on changing advanced settings, see the chapter on user

accounts in the user management guide.

Providing Secure Authentication for Windows Users

Mac OS X Server offers three secure ways to validate the passwords of Windows users:

• Open Directory Password Server

• Shadow password

• Crypt password with Authentication Manager enabled (a legacy technology)

Open Directory Password Server is the recommended approach. It stores passwords in

a secure fashion, and it supports many authentication methods. Open Directory

Password Server lets you implement password policies, and it supports user accounts

in LDAP directories and legacy NetInfo domains.

A shadow password provides NT and LAN Manager authentication for user accounts

stored in the local NetInfo domain. A Shadow password can be used to authenticate

Windows file service provided by Mac OS X Server.

A crypt password with Authentication Manager enabled provides compatibility for

user accounts on a server that has been upgraded from Mac OS X Server version 10.1.

After upgrading the server to Mac OS X Server version 10.3, these user accounts should

be changed to use Open Directory authentication, which is more secure than the

legacy Authentication Manager. See the Open Directory administration guide for more

information.

LL2356.book Page 35 Thursday, September 4, 2003 3:21 PM

1 2 ... 30 31 32 33 34 35 36 37 38 39 40 ... 68 69

Sin comentarios

Apple Mac OS X Server Version 10.3 or Later Manual de usuario Pagina 35