Manage records and attributes in Directory Utility on Mac
You can use Directory Editor to view and edit records and attributes of an LDAP directory.
WARNING: Deleting certain records or attributes can cause the server to behave erratically or stop working. Changing data in a directory can have unexpected and undesirable consequences. You could inadvertently incapacitate users or computers, or you could unintentionally authorise users to access more resources.
After using Directory Editor to delete user or computer records, use command-line tools to delete the corresponding Kerberos identity and Password Server slot. If you leave an orphaned Kerberos identity or Password Server slot, it can conflict with a user or computer record created later.
View or edit directory data
In the Directory Utility app on your Mac, click Directory Editor.
Click the Viewing pop-up menu, then choose the record type to modify.
Choose the directory domain or local directory to modify from the ‘in node’ pop-up menu, then authenticate as an administrator of the domain or local directory.
To authenticate, click the lock icon next to the directory that you chose.
Select the record you want to edit in the records list.
You can also use the search field above the record list.
Select the attribute name to view or edit in the attributes list.
The value of the attribute you select appears below the list of attributes. You can modify the attribute value.
Depending on the attribute you select, you can change how the value appears by clicking Image, Text or Data.
Some attribute values are dimmed and cannot be modified.
Click Save.
Add or delete records and attributes
In the Directory Utility app on your Mac, click Directory Editor.
Click the Viewing pop-up menu, then choose the record type to modify.
Choose the directory domain or local directory to modify from the in-node pop-up menu, then authenticate as an administrator of the domain or local directory.
To authenticate, click the lock icon next to the directory that you chose.
Do the following:
Add a record: Click the Add button (below the list of records), then enter a name for the record below the list of attributes.
Remove a record: Select the record you want to remove, then click the Remove button below the list of records.
Important: You cannot revert record deletion.
Add record attributes: Select the record you want to delete from the records list. Click the Add button (below the list of attributes), choose an attribute from the “New attributes of type” pop-up menu, then click OK. Enter a value for the new attribute.
If you choose Native from the “New attribute of type” pop-up menu, enter the name of a native record in the field that appears below the pop-up menu. Click OK.
Remove record attributes: Select the record attribute you want to remove, click the Remove button below the list of records, then click Save.