This is the third out of four articles on integrating Mac OSX 10.5 (Leopard) Server with an external, UNIX-based LDAP server in a way that the collaboration services — wikis, blogs and calendars — in Mac OSX are available for users and groups in the external LDAP directory as if they were native users.

The first article describes how to add the appropriate Apple LDAP schema to your external directory. The second article describes how to set up appropriate partitions (e.g., cn=config, ou=MacOSX…) in your external directory to hold data from the Apple server. This article tackles the augmentation of user records in the external directory so that OSX Server recognizes them as native users.

(more…)

Adding Leopard’s LDAP Container Objects to the UNIX LDAP Server

In the first article in this series, I described how to get the schema data out of Leopard and into a Sun ONE Directory Server. In this article, I’ll describe how to get the container objects out of Leopard’s LDAP server, and add them to the UNIX directory. These container objects will hopefully hold data relevant for assigning access to Apple’s Blog & Wiki server, among other things.

I say “hopefully” because I’m writing as I go, and I don’t know how it will turn out. However, given that others have had success at employing this method to get NFS automounting home directories working from Solaris LDAP, there is good reason to believe that it will work for other OSX services as well.

(more…)

This article will add to Rajeev Karamchedu’s excellent post, “Integrating Mac OS X into Unix LDAP Environment with NFS Home Directories”, only with Leopard Server instead of Tiger. My goals are a bit different from Rajeev’s: I am not interested in automounting home directories with NFS, but rather in augmenting UNIX accounts from Sun’s LDAP directory so that they can be used with Apple’s collaboration services. This information is also relevant for those who are looking for auto-mounting home directories, however.

Rajeev used Tiger server, which has a different apple.schema file from Leopard. It looks like he upgraded his Tiger server to Leopard instead of starting with a clean install of Leopard, so he may not have encountered the same obstacles as those of us who are starting from a non-upgraded Leopard server. The procedure is basically the same, but we need a new schema file (Leopard’s LDAP schema has an additional 400+ lines!), and we’ll need to add some missing attributes to it. Conveniently, I am also integrating with Sun ONE Directory Server 5.2. However, this methodology should apply equally to any LDAPv3 compliant directory server, such as OpenLDAP.

(more…)