Duplicating a Configuration for Accessing an LDAP Directory


You can use Directory Access to duplicate a configuration that specifies how Mac OS X accesses a particular LDAPv3 or LDAPv2 directory. After duplicating an LDAP directory configuration, you can change its settings to make it different from the original configuration.

  1. In Directory Access, click Services.
  2. If the lock icon is locked, click it and type the name and password of an administrator.
  3. Select LDAPv3 in the list of services, then click Configure.
  4. If the list of server configurations is hidden, click Show Options.
  5. Select a server configuration in the list, then click Duplicate.
  6. Change any of the duplicate configuration's settings.

    Enable:  Click a checkbox to enable or disable access to an LDAP directory server.

    Configuration Name:  Double-click a configuration name to edit it.

    Server Name or IP Address:  Double-click a server name or IP address to change it.

    LDAP Mapping:  Choose a template from the pop-up menu, then enter the search base for the LDAP directory and click OK.

    If you chose a template, you must enter a search base suffix, or the computer will not be able to find information in the LDAP directory. Typically, the search base suffix is derived from the server's DNS name. For example, the search base suffix could be "dc=example, dc=com" for a server whose DNS name is server.example.com.

    If you chose From Server instead of a template, you don't need to enter a search base. In this case, Open Directory assumes the search base is the first level of the LDAP directory.

    SSL:  Click a checkbox to enable or disable Secure Sockets Layer (SSL) connections.

If you want the computer to access the LDAP directory specified by the duplicate configuration you just created, you must add the directory to a custom search policy in the Authentication or Contacts pane of Directory Access. You must also make sure LDAPv3 is enabled in the Services pane. Other help topics have instructions for these tasks.