Understanding Mac OS X Open Directory

An introduction to directory services in the Mac environment

Directory services are a critical component of any enterprise environment. These services provide a database for central account management for both user and computer, as well as a framework for sharing that information among workstations and servers. Mac OS X's native directory service is called Open Directory.

Every Mac OS X computer includes a local Open Directory database -- referred to as a domain -- that stores information about local user accounts. This local domain allows each user to have a computing experience and home directory, and the local domain works with the file system to manage permissions on files and folders. Mac OS X Server relies on shared Open Directory domains to provide network user accounts that can be used to log into computers that are bound to a shared domain. The shared domain can also allow users to access resources on other servers that are bound to the domain. Shared domains also allow systems administrators to define custom user environments.

Open Directory is a multipart architecture that performs the basic functions of any directory service in addition to providing mechanisms for accessing non-native directory services platforms such as Microsoft Corp.'s Active Directory and Unix Network Information Service servers. It also has components that manage Mac OS X's access to self-discovering network protocols including Apple Computer Inc.'s Bonjour, Microsoft Corp.'s Server Message Block/Common Internet File System and the open standard Service Location Protocol. When discussing Open Directory, however, the phrase typically refers to its function as Mac OS X's native directory service.

NetInfo -- The local Open Directory domain

Each Mac OS X computer, including Mac OS X Server, has a local Open Directory domain. This domain stores all information about local users as well as information about the machine itself. The local domain for Mac OS X is a NetInfo domain. NetInfo is a proprietary directory service originally developed by NeXT Computer Inc. that originally served as Mac OS X's native directory service. As Mac OS X Server evolved, Apple replaced NetInfo with a service based on the Lightweight Directory Access Protocol (LDAP) that is often referred to as simply Open Directory.

There is little administration that needs to be done with the local NetInfo domain on Mac OS X computers. However, it is important to understand that the local domain is always the first source in which a Mac OS X computer will look for user information. It is also important to know that the local domain is visible in Mac OS X Server's Workgroup Manager; this is the tool used for managing user, group and computer accounts. User and group accounts stored in a server's local domain can access resources on the server, including share points, print queues and Internet services. Local accounts are not part of a shared domain, however, so they can't be used for log-in at Mac OS X computers.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ryan Faas

Computerworld
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?