Binding Clients and Servers to Directories
Any client computer that needs to communicate with the shared directory first needs to know that the directory exists. The computer also must trust the directory and the account data it contains. Servers can also connect to a directory to use the same shared accounts for services, such as file sharing and e-mail accounts.
Connecting a client or server to a directory is referred to as binding. A client connected to a directory is said to be bound to the directory.
Mac OS X Servers can bind to a variety of directories, including the native Open Directory, Microsoft Active Directory, Novel eDirectory, various OpenLDAP systems running on other Unix and Linux servers, and the legacy Unix formats. Client computers can connect to any or all of these directory services through the Mac OS X Server.
Binding comes in two types:
- Anonymous bind: The most common type of bind. Client or server systems connect without first authenticating to the directory. Requests for information from the directory are sent in clear text, although authentication is encrypted by default. Anonymous connections are commonly used with Mac OS X Server's Open Directory.
You can browse directory information without first binding — most directories are configured this way — from the local network. Using anonymous binding isn't an additional security risk in a default configuration in which anyone can browse the data.
- Authenticated bind: Just the opposite of anonymous. A directory ...
Get Mac OS X Lion Server For Dummies® now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
