OS X Server: Using the Profile Manager or Wiki service with Active Directory or third-party LDAP services
Under certain circumstances, OS X Server requires additional configuration in order to use the Profile Manager or Wiki service with user accounts stored in Active Directory or a third-party LDAP database.
Lion Server, OS X Server (Mountain Lion)
In OS X Server, Profile Manager and the Wiki service support Digest MD5 authentication, which is supported by the Active Directory connector. If all users and the server are bound to the same Active Directory domain, no additional configuration is required to support Active Directory users.
Use the following steps if:
- You use Active Directory for authentication in a multi-domain environment, where the server running the Profile Manager or Wiki service and the clients are bound to different domains.
- Your Profile Manager or Wiki server uses a third-party LDAP server for authentication.
These steps will set the Profile Manager and Wiki services to use plain text authentication instead of digest authentication. To avoid passwords being sent over the network in clear text, you should enable SSL encryption for the Profile Manager and Wiki websites.
OS X Server (Mountain Lion)
For OS X Server (Mountain Lion) only, execute these Terminal commands:
sudo /usr/libexec/PlistBuddy -c 'set :common:authenticator plaintext' /Library/Server/Wiki/Config/webauthd.plist sudo /usr/libexec/PlistBuddy -c 'set :common:use_inline_webauth false' /Library/Server/Wiki/Config/collabcored.plist sudo serveradmin stop wiki sudo serveradmin start wiki
Note: These commands assume that you're using the default service data location of /Library/Server. You'll need to adjust these commands accordingly if you've moved the service data location elsewhere.
For Lion Server only, execute these Terminal commands:
sudo /usr/libexec/PlistBuddy -c 'set :common:authenticator plaintext' /etc/collabd/webauthd.plist sudo serveradmin stop wiki sudo serveradmin start wiki