Administering User Accounts
You can view, create, edit, and delete user accounts stored in various kinds of directory domains.
Creating User Accounts
To create a user account in a directory domain, you must have administrator privileges for the domain.
To create user accounts in an LDAPv3 directory on a
To create users in an Active Directory domain, use Active Directory administration tools on a Windows computer. You can’t use Workgroup Manager to create user accounts, group accounts, computer accounts, or computer groups in a standard Active Directory domain. If you extend the schema of the Active Directory domain, you can create computer groups in Active Directory.
To create user accounts for Windows users, create them on a Mac OS X Server PDC, which creates them in the server’s LDAP directory. Windows users with accounts on the PDC server can log in to the Windows domain from a Windows workstation. These user accounts can be used to authenticate to Windows file service and other services, and to Mac OS X computers on the network.
You can create user accounts in the Mac OS X Server PDC LDAP directory but not in a BDC
If you create user accounts in a server’s local directory domain, you can only authenticate for services provided by that server. You can’t use these accounts to log in to a Mac OS X client computer or to perform Windows domain login. However, Windows users can authenticate with Windows file service, mail service, and other
For instructions on mapping LDAPv3 attributes or connecting to Active Directory, see Open Directory Administration.
To create a user account:
1In Workgroup Manager, click Accounts.
2Make sure the directory services of the Mac OS X Server computer you’re using are configured to access the directory domain.
For instructions, see Open Directory Administration.
Chapter 4 Setting Up User Accounts
57
