C H A P T E R 1
Concepts
In this example, lookupd queries its local cache and NetInfo, and gets negative responses — “tjones” could not be found in either location. Now, lookupd tells its DSAgent to query Open Directory. Searching the local NetInfo database is the first step in every Open Directory search, so Open Directory tells its NetInfo
In summary, lookupd calls Open Directory when its local cache and NetInfo cannot find an answer. Whether Open Directory is called by lookupd or called by another application, Open Directory always searches its local NetInfo database first and then conducts other searches using whatever search technology it has been configured to use. Most of the time, that search technology is LDAP.
Directory Service Command Line Utility
The directory service command line utility, dscl, operates on Open Directory nodes. It is similar to the nicl utility, which only operates on NetInfo nodes. The dscl utility’s options allow you to create, read, and manage Open Directory data. For more information on the dscl utility, see the man page for dscl.
Debugging
You must be root to enter the DirectoryService killall commands that enable and disable debug logging. The following command, run by root, enables debug logging if debug logging is currently off and disables debug logging if debug logging is currently on:
killall
Debugging output is sent to /Library/Logs/DirectoryService/DirectoryService.debug.log. Debugging output includes input to Open Directory API calls, results, and timing, plus any debug information output by Open Directory
The following command, run by root, enables debug logging to /var/log/system.log if debug logging is currently off and disables debug logging if debug logging is currently on:
killall
When debug logging is enabled by
24Directory Service Command Line Utility
