Charles S. Edge - Enterprise Mac Administrators Guide
Here you can read online Charles S. Edge - Enterprise Mac Administrators Guide full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. City: Berkeley;CA, publisher: Apress, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
- Book:Enterprise Mac Administrators Guide
- Author:
- Publisher:Apress
- Genre:
- City:Berkeley;CA
- Rating:5 / 5
- Favourites:Add to favourites
- Your mark:
Enterprise Mac Administrators Guide: summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "Enterprise Mac Administrators Guide" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
Cover13; -- Table of Contents13; -- About the Authors -- About the Technical Reviewer -- Acknowledgments -- Preface -- Chapter 1 Why Manage? -- Predictability Means Less Work over Time -- Maintaining Company Policy -- Removing Unused Functions -- Keeping Your Sanity -- Preference Delivery -- Client Management Alternatives -- Scripting -- Managing Everything Else -- Summary -- Chapter 2 What Is the Managed Preferences System? -- How Did We Get Here? -- Where Are We Now? -- The Heart of Managed Preferences -- What Can You Manage? -- What You Will Need -- Summary -- Chapter 3 Understanding Directory Services -- What Are Directory Services? -- Directory Services and Managed Preferences -- Directory Services Supported by Mac OS X -- Open Directory -- Active Directory -- LDAPv3 -- NIS -- Local Directory Services -- Directory Service Configurations -- Local Only -- Network Directory Service -- Multiple Network Directory Services -- Summary -- Chapter 4 Property List Files -- What Are Property List Files? -- Property List Example -- Digging Deeper ... -- Working with Property List Files -- Property List Editor.app -- Creating a Property List from Scratch with Property List Editor -- Command-Line Utilities -- Cocoa for Scripters -- Altering .plist Files in Memory -- Summary -- Resources -- Chapter 5 Writing a Property List for Management -- Where Do Managed Preferences Reside? -- Preferred Tools for Creating, Testing, and Deploying Managed Preferences -- Using Workgroup Manager -- The dscl Command -- The defaults Command Refresher -- Summary -- Chapter 6 Delivering Managed Preferences -- Directory Choices -- Delivery with Open Directory -- Binding Mac OS X Clients to Open Directory -- Accessing the Directory -- Delivery with Active Directory -- Binding Mac OS X Clients to Active Directory -- Extending the Active Directory Schema -- Importing the LDIF File -- Managing Preferences in Active Directory -- Delivery with OpenLDAP -- Add the Apple Schema to OpenLDAP -- Consider Indexing -- Bind Mac OS X to OpenLDAP -- Further OpenLDAP Considerations -- Delivery Without a Centralized Directory -- Help! I Cant Use MCX at All -- Summary -- Additional Resources -- Chapter 7 Local MCX -- Delivery Without a Centralized Directory -- Introducing Local MCX -- Getting Started -- Creating a Computer Group -- Adding Managed Preferences -- Extending the Managed Preferences to Other Machines -- Local MCX Checklist -- Advanced Local MCX -- Dynamic Group Membership (or 8220;Smart Groups8221;) -- Local MCX Issues -- MCX in Alternate Directory Nodes -- More Local DS Node Tricks -- Summary -- Chapter 8 Compositing Preferences -- Managed Preference Interactions -- Preferences Precedence -- Preferences and Group Hierarchy -- MCXCompositor -- Viewing Composited MCX Data with mcxquery -- Viewing Composited MCX Data with System Profiler -- Summary -- Chapter 9 Enforcing Managed Preferences -- Management Frequency -- Choosing a Management Frequency -- Enforcing the Managed Preferences Configuration -- Protecting Your Managed Preference Configuration -- Summary -- Chapter 10 Preference Manifests and 8220;Raw8221; Preferences -- T$3075.;Many systems administrators on the Mac need a way to manage machine configuration after initial setup and deployment. Apples Managed Preferences system (also known as MCX) is under-documented, often misunderstood, and sometimes outright unknown by sys admins. MCX is usually deployed in conjunction with an OS X server, but it can also be used in Windows environments or where no dedicated server exists at all. Enterprise Mac Managed Preferences is the definitive guide to Apples Managed Client technology. With this book, youll get the following: * An example-driven guide to Mac OS X Managed Pr.
Charles S. Edge: author's other books
Who wrote Enterprise Mac Administrators Guide? Find out the surname, the name of the author of the book and a list of all author's works by series.
Charles S. Edge
Brian Svidergol
Smart Brain Training Solutions
Brian Desmond
Alistair G. Lowe-Norris
Laura E. Hunter
Gil Kirkpatrick
Enterprise Mac Administrators Guide — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Enterprise Mac Administrators Guide" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Light
Font size:
↓
↑
Reset
Interval:
↓
↑
Bookmark:
Make
Charles S. Edge Jr. and William Smith 2015
Charles S. Edge Jr. and William Smith Enterprise Mac Administrators Guide 10.1007/978-1-4842-1706-1_11. Directory Services
Charles S. Edge Jr. 1 and William Smith 1
(1)
MN, US
A directory service is the software that stores, organizes, and provides access to information in a directory or a database of users, groups, computers, and network devices such as printers. The directory service supplies that database to client computers. In most enterprise, educational, and larger institutions, common directory service implementations range from Microsofts Active Directory (AD) to Apples Open Directory (OD) to Novells eDirectory, as well as the open source OpenLDAP. Most modern directory services are based on open standards developed in the public forum.
The publication The Directory: Overview of concepts, models and services defines the most common standard architectural guidelines for the X.500 model, which is the publicly developed standard for electronic directory services. While the concepts and roots of most directories are complex, by their nature they share the simple goal of facilitating unified user management, authentication, and authorization. Directory servers with different origins thus share many commonalities in their structure and accessibility. The Lightweight Directory Access Protocol (LDAP), which nearly every major directory service system utilizes, is a testament to this need for accessibility, as we will discuss later in this chapter. Put simply, any system engineered for large-scale centralized information storage must inherently allow disparate clients to participate; otherwise, it is doomed to a finite growth potential.
In OS X, a number of plug-ins allow it to leverage a variety of directory services. Each computer must at minimum contain a local directory service database to establish a baseline of system-critical data, such as users, groups, and even some configuration data. If every Mac sold required an enterprise directory service just to log in, Apple stores would not be popping up like Starbucks in cities around the world. Local directory databases are a cornerstone of all modern operating systems and often the gateway for small and medium businesses to grow into larger directory systems over time. A common misconception is Apples Open Directory terminology refers only to its enterprise-class network authentication services. In reality, the same term refers to OS Xs local directory services too. In fact, earlier operating systems had the same technology running on Open Directory masters, such as Mac OS X 10.2s netinfod and Mac OS Xs 10.3 Password Server. This concept of architecting miniature directory servers into the base operating system allows for later migration to larger network directory systems with little re-education of entry-level system administrators. The best example of this is Apples parental controls system, which utilizes the same technology managing thousands of OS X systems in enterprise environments every day. Because of such forethought, clients can also be configured out of the box to access a variety of external directories; Apple provides support for several network-based directory service systems without installing any additional software.
This chapter starts with an explanation of how the local directory service works. Once we have covered how to manage local users, we will move on to discuss LDAP, the industry-standard directory database protocol used to access directory services. Next, we will cover various types of directory service bindings for OS X that let end users log in to their computers using a centralized username and password. Finally, we will look at building external accounts and show how to build a directory service based on Apples Open Directory.
Local Accounts
System Preferences in OS X is similar to the Control Panel in Windows; it allows you to configure a wide range of settings. The information you set in its panes is stored in files throughout the operating system. Local directory service configuration is accessed through the Users & Groups preference pane, which provides the ability to add local user accounts. You can add accounts to groups, assign them a type, and set a few other options.
To access a System Preferences pane, choose System Preferences from the Apple menu () in the top-left corner of the screen or launch the application directly from the Applications folder. This displays all the available preference panes. Next, click Users & Groups to view the list of local accounts on the left side of the pane. As you click through each one, the options for that account appear on the right side of the pane. To make changes, you must first authenticate to System Preferences by clicking the Lock button in the lower-left corner of the System Preferences window. This requires a user who is a member of the local directory services admin group.
Tip
The /private/var/db/auth.db SQLite database is used to determine which groups can perform a variety of system changes. In a standard OS X environment, users in the admin group can obtain escalation for all authorization rights, and an administrator can modify this file to provide very granular administrative access. For instance, to allow a nonadmin group to manage users via the Users & Groups pane, an administrator would add the groups name under system.preferences.accounts in the database using the security command-line tool.
Creating Accounts
To add an account, first click the Lock button in the Users & Groups pane of System Preferences; then click the plus sign to create an account. In the New Account sheet, youll see the five options shown in Figure . These are the basic account types for OS X. 
Figure 1-1.
Menu of account types
- Administrator : Administrative user accounts can elevate themselves to root privileges, unlock System Preference panes, and perform most tasks.
- Standard : Standard user accounts cannot unlock System Preferences panes and cannot perform any administrative tasks unless an administrator has authorized those privileges.
- Managed with Parental Controls : These are standard user accounts with administrative policies applied to them.
- Sharing Only : These are user accounts that cannot log onto the local system but can access resources via a network.
- Group : This is a group of user accounts that simplifies assigning privileges and permissions to multiple users.
Once you have selected an account type, enter a name in the Full Name field and a short name in the Account Name field. For example, the full name might be John Doe, and the short or account name might be jdoe . By default, the account name is generated from the full name in lowercase with spaces removed. The full name is primarily used for display purposes and can be changed at will. The account name has additional system-level functions. Notably, it is used as the users home folder name when first created, though that directory can be moved to a different location that does not correspond to the short name (such as a mystuff folder on an external drive).
The account name is used for other purposes as well, such as establishing a primary mailbox for the user or for linking scheduled items through cron. Because of this, setting the initial account name demands some consideration. Its also worth noting the account name cannot easily be edited in the prominent user interface, and though right-clicking a user account and choosing Advanced Options allows you to edit this name (as shown in Figure ), doing so has other repercussions, such as the possible loss of group membership (such as admin), possible loss of preference data if an application stores configuration data based on the account name, or disassociation of the users home folder. In most cases when you plan to modify a users account name, you will also want to rename the users home directory to coincide. This is merely for cosmetic reasons and is not a necessity. You can change account name jdoe to psherman and still utilize the original home directory stored at /Users/jdoe . If you do change the home directory field to /Users/psherman , you should make sure you rename the users home folder on the file system to match the new path specified (in this case, from the original home directory value /Users/jdoe to /Users/psherman ).
Light
Font size:
↓
↑
Reset
Interval:
↓
↑
Bookmark:
Make
Similar books «Enterprise Mac Administrators Guide»
Look at similar books to Enterprise Mac Administrators Guide. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Brian Svidergol
Smart Brain Training Solutions
Brian Desmond
Alistair G. Lowe-Norris
Laura E. Hunter
Gil Kirkpatrick
Reviews about «Enterprise Mac Administrators Guide»
Discussion, reviews of the book Enterprise Mac Administrators Guide and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.