74

4To specify the user’s default shell when logging in to a Mac OS X computer, choose a shell from the Login Shell pop-up menu.

To specify a shell that doesn’t appear in the list, choose Custom and then enter the path to the shell.

To ensure that a user can’t access the server remotely using the command line, choose None.

Choosing a Password Type and Setting Password Options

For user accounts in the LDAP directory of an Open Directory server, you can set the password type to Open Directory or Crypt Password. User accounts in the local directory domain have a password type of Shadow Password.

When you set the password type to Shadow Password or Open Directory, you can set several password policy options, including disabling login after a period of inactivity or failed authentication attempts, or setting password restrictions (such as requiring that passwords be a certain length or that they be changed at the next login).

If you set the password type to Shadow Password, you can also set security options to control which authentication methods are used when validating the user’s password.

You can only assign the Open Directory password type if the directory administrator account that you authenticate with also uses an Open Directory password.

Windows users must have Open Directory passwords for Windows domain login.

For a detailed explanation of password types, password policy options, and security options, see Open Directory Administration.

To choose a user password type and set password options:

1In Workgroup Manager, click Accounts.

2Select the user account you want to work with.

To select the account, click the globe icon, choose the directory domain where the account resides, and then select the user account in the accounts list.

3To authenticate, click the lock and enter the name and password of a directory domain administrator.

4Click Advanced.

5From the User Password Type pop-up menu, choose Shadow Password, Open Directory, or Crypt Password.

When you choose a password type, a prompt might appear requiring you to enter a password, depending on whether you entered a password in the Basic pane.

If you choose Open Directory or Shadow Password, you can set a password policy for the selected users by clicking Options, selecting any of the options, and clicking OK.

Chapter 4 Setting Up User Accounts

Page 73 Page 75
Page 74
Image 74
Apple 10.5 Leapard manual Choosing a Password Type and Setting Password Options
Page 73 Page 75
Top Page Image Contents