This article has been archived and is no longer updated by Apple.

OS X Server: How to require authenticated binding between server and clients

Learn how to require authenticated binding between OS X clients and OS X Server.

This setting only affects OS X clients binding to OS X Server. If it is enabled, clients will be prompted for a directory administrator password when binding to the server. This setting does not control or limit any other access the LDAP database on the server.

You can set this by using the slapconfig Terminal command on the server.

  • To require authentication when a client binds to the server, use this Terminal command:

sudo slapconfig -setmacosxodpolicy -binding required

  • To allow authenticated binding, but make it optional (the default setting), use this Terminal command:

sudo slapconfig -setmacosxodpolicy -binding enabled

  • To disable authenticated binding, use this Terminal command:

sudo slapconfig -setmacosxodpolicy -binding disabled

Learn more

To determine the state of this setting, use this command:

sudo slapconfig -getmacosxodpolicy

The key "Directory Binding" indicates whether authenticated binding is enabled. The key "Binding Required" indicates whether it is required.

Published Date: