Technical:OSXClientToK12LTSPLDAPAFP

From K12LTSP Wiki

Jump to: navigation, search
[edit]

Configure Netatalk server

  1. Add uamsguest.so to AFPDUAMLIST in /etc/atalk/netatalk.conf
  2. Add share definition to /etc/atalk/AppleVolumes.default: /home Users cnidscheme:dbd
[edit]

Add required attributes to each LDAP user

  1. Add apple.schema to /etc/openldap/schema from http://www.opensource.apple.com/darwinsource/10.4/OpenLDAP-68/OpenLDAP/servers/slapd/schema/apple.schema
  2. Uncomment apple-user-homeDirectory attribute and restart openldap.
  3. Add the attribute apple-user-homeurl to each user with value: <homedir><url>afp://hostname/Users</url><path>username</path></homedir>
  4. Add the attribute apple-user-homeDirectory to each user with value: /Network/Servers/hostname/Users/username
[edit]

Configure Mac OS X client

  1. Open /Applications/Utilities/Directory Access
  2. Select LDAPv3, check Enable if it isn't already, Configure...
  3. New...
  4. Server name: ldap.yourdistrict.k12.or.us
  5. Manual
  6. Name the configuration
  7. Change LDAP Mappings to RFC 2307 (Unix)
  8. Set search base to dc=mydistrict,dc=k12,dc=or,dc=us (or similar)
  9. Edit
  10. Search & Mappings
  11. Under Users, change the NFSHomeDirectory mapping from homeDirectory to apple-user-homeDirectory
  12. Under Users, click Add...
  13. Select HomeDirectory, click OK
  14. Add a mapping for HomeDirectory to apple-user-homeurl
  15. Open /Applications/Utilities/NetInfo Manager
  16. Click the lock to make changes
  17. Select mount, click New
  18. Add properties:
Properties Values
name hostname:/Users
dir /Network/Servers/
vfstype url
opts net

url==afp://;AUTH-NO%20USER%20AUTHENT@hostname/Users

Reboot; alternatively you could reload the DirectoryService and the automounter on OS X...

Retrieved from "http://k12ltsp.org/mediawiki/index.php/Technical:OSXClientToK12LTSPLDAPAFP"
Personal tools