eDirectory Authentication

[dave@mmu]

Hello there, we’ve been trying to get our OSX Panther server to authenticate to our Uni’s eDirectory but we’ve so far been unsuccessful. We’ve gone through the macosxlabs.org paper on it and still failed. Does anyone have any tips, maybe on the eDirectory end as to what we should be enabling/disabling to allow the ldap authentication to happen?
Should we even be doing it this way? I’m thinking that we could get the client macs to authenticate through the server to the edirectory thereby allowing the server to control the mac client’s setup? Or am i just being stupid and try to set up the individual clients to authenticate to the edir?
Please help! My head is about to implode!
thanks for any help in advance,
Dave Lee

[Anonymous]

Dave,

We’re trying to do the very same thing. I was hoping I’d find some ideas here. I’ve talked with an Apple tech and he verified that using an OSX server as a login “agent” for clients will work just fine, IF you can figure out all the LDAP mappings with eDirectory. There doesn’t seem to be much documentation on that yet. Hopefully, all will be answered in the MacOSXLabs webcast February 17th.

–> John

[JEndahl]

[quote:1332b330b6=”Anonymous”]Dave,

We’re trying to do the very same thing. I was hoping I’d find some ideas here. I’ve talked with an Apple tech and he verified that using an OSX server as a login “agent” for clients will work just fine, IF you can figure out all the LDAP mappings with eDirectory. There doesn’t seem to be much documentation on that yet. Hopefully, all will be answered in the MacOSXLabs webcast February 17th.

–> John[/quote:1332b330b6]

Argh! I hate it when I post as a guest. Hopefully, this message will have my correct e-mail stuff, etc. for off-forum replies…apologies to the sysops for my blunder.

–> J

[JEndahl]

It’s probably an experience-thing, but knowing “what you need” is part of the issue. I have high expecatations, I’d like to use Novell’s eDir for authencation, map client home directories onto our Novell 6.5 boxes, then use Apple’s Workgroup Manager to manage the clients and printers. I’ve accomplished the authentication and home directory piece at the client level, with *much* help from OSXLabs, and am just beginning to struggle with the OSX server integration. I want to use the Panther server as the “negotiating agent” between my OSX clients and eDir, so I don’ t have to modify the Directory Access pieces on the client machines. I’d like to be able to point the clients to the Panther box, and have the rest of it “just happen” for the users.

The other issue I’m encountering with incorporating Panther server is that Apple’s Workgroup manager seems to have several “must-have” mappings when connecting with external systems (PresetUsers, PresetGroups, I believe those are some of the attributes) which don’t seem to have clear connnections within Novell’s default LDAP schema. I probably need to find a good text on LDAP and lock myself in a room for a few days…

–> John

[JEndahl]

You’ve got it Joel, the magic triangle is [i:3ad535ff16]exactly[/i:3ad535ff16] what I want to set up. My issue is I have Panther server doing a connection and pulling user info in from our LDAP server, but everytime I try and hit the machine or group menu, it talks about failed mappings. Do I want to be logged into my remote LDAP when I access those areas, or do I want to change and log onto local on the server?

–> J

[Author]

Posts