This article takes a look at what i have been working on recently, integrating OSX clients and OSX server into an existing eDirectory network system.

Our main goals were as follows:

• Users able to log on with there std eDirectory Username and Password.
• Mount there osx home directory on the OSX server, meaning that they have roaming profiles.
• Finally also mounting there Std Novell H:\ Drive (Windows Home Drive) on a novell file share.
• The server running OSX 10.4 also allows us to perform management of the clients and provide other Services like Print management for the machines.
• Last but not least, easy roll-outs with Netboot imaging and the ability to assign preferences to the workstations such as one to sleep the machines at 5pm.

Read on for more details.

By far the hardest part of the work has been getting the OSX <- to -> eDirectory integration up and running, in terms of the home directory and unix mappings.

We have been a complete the set of mappings below for our settings, however the 4 most important ones, not filled by others are as follows:

uidNumber (on the Unix tab) eg: 1020 (unique for all your users)
gidNumber (on the Unix tab) eg: 301 (the unix group that you want them in)

HomeDirectory (on the Unix Tab) eg: “/Network/Servers/servername.local/servershare/username”
and OSXHome (on the other tab) eg : “<home_dir></url>afp://10.1.0.31/Home</url><path>username</path></home_dir>”
(The formatting of this attribute is important)
we created this last attribute via Schema Manager in ConsoleOne. The other 3 are part of a standard UNIX POSIX Account that can be added to a user object as an object extention.

These last 2 are used by the OSX client to work out where the users home directory can be found, and to mount the share is need be, of which the first of them is the local filesystem path and the other is the network path.

The network path is used to mount the volume.
The local path is used by the OS for all its user accesses. It pretends to be a local folder.

If these 2 fields are not mapped correctly then osx will not mount a remote home-directory and will give an error message when trying to log the user into OSX.

The 2 most important bits from here on in are making sure your ldap schema maps up on both on the server and the client sides, and that you have the Home Directory fields mapped correctly if you are using remote home’s

This entry was posted on Tuesday, June 5th, 2007 at 5:04 pm and is filed under Mac, Tech. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.