Now we’ll add a network account using Workgroup Manager. If you haven’t done so, launch Workgroup Manager from the dock and sign in using your server admin account and password.

You’ll be using the Workgroup Manager application to create and manage accounts, groups, privileges, share points, and more.

Notice that little globe icon below the main set of menus. On the right side of the globe, it tells you that you have logged on and authenticated as admin to the local directory.

The local directory is not where you want to be since you’re going to create network accounts in the directory domain you created via Open Directory, not local ones.

• Click on the triangle next to the globe icon. In the drop down menu, select “Other… “

• Now you’ll need to select the directory. Choose LDAPv3, then 127.0.0.1. Press OK.

Now you’re back to the Workgroup Manager again. Take a look at what it says now next to the globe icon. You’re now viewing directory: LDAPv3/127.0.0.1, which is where you want to be. Now you just need to get authenticated for this directory.

• Press the lock icon on the right hand side.

A log-on window appears. Remember that Directory Administrator account you created when we set up Open Directory in the last lesson? Now you’ll need to use it.

• Enter User Name as diradmin, put in your password and press authenticate.

Finally, we can start adding network accounts! For this example, I’ll add an account with a name of John Doe and supply an easy to remember password like “test”.

• In the Name field, you should supply the full name.
• For the short name, double click over the name and you can type a shorter version with no spaces in between. You can add several short names if you’d like, but for now I’m going to leave it as johndoe.
• Create a password and verify it.
• By default, added users do not have administrative privileges for the server or directory domain. You’ll need to confirm it with check boxes if you want to allow those privileges.

Select the Home tab. This is where your user will start off once he logs in.

• Select the /Users directory and press the Create Home Now button. Save your setting.

While we’re at it, select the Mail tab.

• Next to Mail, select the Enabled button and fill in your options as you see fit. If you’re not sure about mail access, select POP. Save your settings.

We’ll be setting up the mail server in a later lesson.

• Select the Preferences icon on the top menu of the Workgroup Manager.

This is where you can manage almost every aspect of how your user will interact with his computer. Since there are so many options available, I’ll leave it to you to explore what kind of setting are appropriate for the accounts you set up.

You can also create Groups and Sub-Groups for organizational purposes using the Workgroup Manager. For example, you may want to create a group for certain departments or projects and add users to those Groups.

• Select the Group tab next to the Account tab. To add a new group, press the New Group button on the top menu.
• This process is similar to adding single user accounts. For this example I added a Marketing Group.
• To add members to your Group, select the “+” button. A drawer will open to the side with the list of accounts available.

• To add John Doe to the Marketing Group, drag his name into the Members list. If you have multiple accounts set up, you can Command select the accounts and add them together.

That pretty much wraps up this lesson.

One thing to keep in mind is that you cannot have the same account in both the local directory and Open Directory since they will conflict.

Another thing I need to warn you is to not switch your server from a Master Open Directory back to a Standalone once LDAP is set up with user accounts, groups, and other management info. If you do, the accounts within that directory domain and all of its associated information will be orphaned.

I found out the hard way when I did it on a whim. The horror…

Previous | Next

Trackback URI | Comments RSS